WordPress Releases Security Update

Original release date: August 04, 2015

WordPress 4.2.3 and prior versions contain critical cross-site scripting and potential SQL injection vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected website.

Users and administrators are encouraged to review the WordPress Security and Maintenance Release and upgrade to WordPress 4.2.4.

---

This product is provided subject to this Notification and this Privacy & Use policy.

from US-CERT: The United States Computer Emergency Readiness Team http://ift.tt/1gHF8uy