Another round of updates was released today because of a Genicons security flaw in WordPress themes and plugins. WordPress was updated to version 4.2.2 to help deal with this issue proactively.
The WordPress 4.2.1 security patch was released today to resolve a cross-site scripting vulnerability in the WP commenting functionality. Now that the first patch has appeared and it's security related, it's time to update if you haven't already.
Three WordPress updates were released in the last several days. A security patch was followed almost immediately by a point release and a bug fix for the security patch. If you have automatic updates enabled, you got the security patch and the bug fix, but not the point release. If you do not have automatic updates enabled, you pretty much have to update to v4.2 unless you want to apply the patches manually. Read on to see what's new in v4.2.
More WordPress plugin security updates were released today. The list of plugins includes some of the most popular plugins available.
A new security alert reporting a WP Super Cache vulnerability has been reported. This is a serious security flaw and requires an immediate update of this popular plugin. The plugin code has been patched to correct the problem. Please update to version 1.4.4.