It's an ideology thing. $_REQUEST alone doesn't make your application less secure, but it might make it more likely that an attacker will find a security hole that exists somewhere else in your application.
If what you're doing with the variables is idempotent, then using $_REQUEST is perfectly fine. On the other hand, if you have a form that transmits important data for you to update in a database, and the form's method is always POST, it is a good practice to make sure that the page that processes the form confirms that the variables were transmitted via POST instead of GET. Because if a form's method is POST, but the data came in with GET, there's a pretty good chance that something "funny" is going on.
Something like that might happen if someone is trying to execute a CSRF attack, and a careful programmer will no doubt have a proper CSRF defense mechanism in place (right?), making the attack unsuccessful no matter what superglobal you use to retrieve the values.
So avoiding $_REQUEST doesn't necessarily make your site more secure, but by explicitly checking for data in the appropriate $_POST and $_GET arrays, you can be more confident that your visitors are using your web application within the operating parameters that you define.
In other words, even if I have all the real safeguards in place (CSRF protection, input validation, etc.) I still don't want people sending data in the query string (GET) if I designed it to send that data via POST variables.
For more reading, consider what Chris Shiflett has to say:
http://shiflett.org/articles/ideology
http://shiflett.org/articles/cross-site ... -forgeries