WordPress 4.2.3 is Now Available!
WordPress 4.2.3 is now available/released to the public. This is a critical security release for all previous versions, and so it’s strongly recommended that you update your WordPress websites as soon as possible.
WordPress version 4.2.2 and all other previous versions were affected by a critical cross-site scripting vulnerability, which could allow anonymous users to compromise a site. Thanks to the Jon Cave of the WordPress Security Team that reported the issue, and later it was fixed by Robert Chapin.
All previous versions of WordPress also had an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft. This is finally fixed now. Overall, WordPress 4.2.3 also contains fixes for 20 bugs from 4.2. For more information, see the release notes or consult the list of changes.
List of Files Revised
WordPress Installation/Update Information
Sites that have automatic background updates enabled will be updated to 4.2.3. However, If you don’t have automatic background updates enabled on your sites, go to Dashboard > Updates and select Update Now.