WordPress 4.2.2 has been released to address critical cross-site scripting vulnerability. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website.
Users and administrators are encouraged to review the WordPress security and maintenance released and apply the necessary updates.