XML-RPC is an XML-based communication protocol.
WordPress allows external software and services to communicate with your WordPress site using this protocol.
This protocol also allows DDoS attacks and BruteForce attacks and is therefore disabled by default.

It can be activated, if you need to use a software or plug-in that requires this protocol.

If you run this protocol, it is recommended to install an anti-abuse plugin with a protocol such as Disable XML-RPC Pingback.