Ideally, no, but with SSL, and a very-strong password, it might not be worse than other options for automating payouts... until a major bug like this comes along.

For comparison, the Bitcoin RPC password timing bug - https://github.com/bitcoin/bitcoin/issues/2838 - would have been a more slower and blatant/detectable way to compromise the same sorts of bitcoin RPC daemons.