• Wednesday, April 29, 2015

WordPress 4.2.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.

A few hours ago, the WordPress team was made aware of a cross-site scripting vulnerability, which could enable commenters to compromise a site.

You can read more about it at:

https://wordpress.org/news/2015/04/wordpress-4-2-1/