WordPress 4.2.3 is now available.
This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. The new version includes a comprehensive fix for this issue. It also fixed an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft.
WordPress 4.2.3 also contains fixes for 20 bugs from 4.2.
Download WordPress 4.2.3 or venture over to Dashboard → Updates and simply click “Update Nowâ€. Sites that support automatic background updates are already beginning to update to WordPress 4.2.3.
For more information, see the release notes or consult the list of changes.
Official Link : [ https://wordpress.org/news/2015/07/wordpress-4-2-3/ ]
- Friday, July 24, 2015