WordPress 4.2.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately. A few hours ago, the WordPress team was made aware of a cross-site scripting vulnerability, which could enable commenters to compromise a site. The vulnerability was discovered by Jouko Pynnönen. WordPress 4.2.1 has begun to roll out as an
![WordPress 4.2.1 Security Release](https://cdn-ak-scissors.b.st-hatena.com/image/square/49b5c1edcd9509386e807ea9d52eaff3281698ec/height=288;version=1;width=512/https%3A%2F%2Fs.w.org%2Fimages%2Fbackgrounds%2Fwordpress-bg-medblue.png)