WordPress 4.2.4 is available

WordPress 4.2.4 has been released and available for download or update in your WordPress dashboard. This version addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site. It also includes a fix for a potential timing side-channel attack.

Download WordPress
WordPress 4.2.4 is available for download or update in WordPress dashboard. Sites that support automatic background updates will be updated to WordPress 4.2.4 . For a full description of the system requirements, and the download links, see: Download WordPress 4.2.4

Overview
WordPress is an open source CMS, often used as a blog publishing application powered by PHP and MySQL. It has many features including a plugin architecture and a templating system. Used by over 300 of the 10,000 biggest websites, WordPress is the most popular blog software in use today.

It was first released in May 2003 by Matt Mullenweg as a fork of b2/cafelog. As of September 2009, it was being used by 202 million websites worldwide.

WordPress 4.2 "Powell" includes a number of new features that help you communicate and share, globally. More details can be found here.

What's new in WordPress 4.2.4
Version 4.2.4 addresses the following security issues:

• Fixed six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site.
• Fixed for a potential timing side-channel attack.
• Fixed for 4 bugs from version 4.2.

The full details of changes that are in WordPress 4.2.4 is available in the changelog.

Source:
WordPress News