WordPress 4.2.1 released to fix critical security issues
Earlier today we posted about a critical XSS vulnerability in WordPress. WordPress 4.2.1 has been released to address these issues. We urge all customers to update as soon as possible.
Critical 0 day XSS WordPress vulnerability
A critical crosss site script (xss) bug has been found in WordPress. As of this posting there is no know patch. This post at Securi gives you the details. The ‘short’ version is that it affects comments. We’d suggest disabling comments in WordPress until a patch is issued.