WordPress released maintenance and security update 4.2.4 on August fourth two thousand and fifteen. This is a security update for all previous versions of WordPress. It is highly recommended that you install this update as soon as possible.
This update addresses six issues, three cross site scripting holes and potentially a SQL injection hole. Your site could be compromised by these vulnerabilities. Another fix is included for a possible side channel timing attack.
Attackers could potentially lock out a post from being edited. Also WordPress update 4.2.4 fixes four bugs. You can update your version to 4.2.4 by clicking on “Dashboard” if not already there.
Then select “Updates”. Finally click on “Update Now”. If your WordPress site was configured with automatic background updates, then you should already be updated to 4.2.4. Also, you can download update 4.2.4 directly from WordPress.org.