WordPress released today a security vulnerability and maintenance update. WordPress 4.2.3 patches a cross site scripting hole. Users with Author or Contributor access could possibly compromise your site.
This security update is for all previous versions and is highly recommended you install this immediately. Another issue fixed with this update is where by a Subscriber could create a draft using “Quick Draft”. There are twenty WordPress bug fixes included in 4.2.3 from version 4.2.
You can update your version to 4.2.3 by clicking on “Dashboard” if not already there. Then select “Updates”. Finally click on “Update Now”.
If your WordPress site was configured with automatic background updates, then you should already be updated to 4.2.3. Also, you can download update 4.2.3 directly from WordPress.org.