WordPress 4.2.3 has been released to address critical cross-site scripting vulnerability. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website.
Users and administrators are encouraged to review the WordPress security and maintenance released and apply the necessary updates.
For more information please visit:
WordPress < https://wordpress.org/news/2015/07/wordpress-4-2-3/>