A security update, WordPress 4.2.2 has been released for the latest version of WordPress. This version is considered a Maintenance and Security Release and is a critical security release for all previous versions and is strongly recommended that you update your sites immediately to this version..
More details on the release can be found over at WordPress.org.
The latest update comes with the following security fixes:
Genericons font package vulnerability fix
The Genericons icon font package, which is used in a number of popular themes and plugins contained an HTML file vulnerable to a cross-site scripting attack. All affected themes and plugins hosted on WordPress.org (including the Twenty Fifteen default theme) have been updated today by the WordPress security team to address this issue by removing this nonessential file. To help protect other Genericons usage WordPress 4.2.2 proactively scans the wp-content directory for this HTML file and removes it.
Cross-site Scripting Vulnerability fix
WordPress versions 4.2 and earlier are affected by a critical cross-site scripting vulnerability which could enable anonymous users to compromise a site. WordPress 4.2.2 includes a comprehensive fix for this issue.
General Website Hardening
The release also includes hardening for a potential cross-site scripting vulnerability when using the visual editor.
As with all Minor updates, Security updates and Maintenance releases, the NetON team will upgrade your installation automatically for you this week.
WordPress is a free and open-source tool and a content management system (CMS) based on PHP and MySQL. Features include a plugin architecture and a template system. WordPress was used by more than 23.3% of the top 10 million websites as of January 2015. WordPress is the most popular blogging system in use on the Web, at more than 60 million websites
NetON’s WordPress Website Development Offerings
NetON offers a complete range of WordPress Services for websites including WordPress Website Development, WordPress Website Design, WordPress Website Hosting, WordPress security, Maintenance, WordPress SEO Optimisation and Upgrades. Whether you are starting a small blog or an enterprise fortune 500 company, we can help build and maintain your WordPress website for the best results online.