WordPress 4.2.3 is now available, which is a security update for all previous versions that the company strongly encourages downloading.
All versions of WordPress from 4.2.2 and below are said to be affected by a cross-site scripting vulnerability. This could allow users with the Contributor or Author role to compromise a site.
WordPress is always careful not to reveal too much information about its security vulnerabilities — so exact details of how sites could be compromised were not made available.
However, you’ll have nothing to worry about as long as you download the latest update, which also contains fixes for 20 bugs.
For full details about WordPres 4.2.3, please see the release notes.
You can update to WordPress 4.2.3 by heading over to Dashboard → Updates and clicking on “Update Now.”
If your site supports automatic background updates, it should have already begun to update to WordPress 4.2.3.
Image Credit: Shutterstock