WordPress 4.2.1 has been released to address cross-site scripting vulnerability. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website.
Users and administrators are encouraged to review the WordPress security released and apply the necessary updates.