WordPress 4.2.3 was released today. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.2.2 and earlier are affected by a critical cross-site scripting vulnerability, which could allow anonymous users to compromise a site. They have also fixed an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft.
WordPress 4.2.3 also contains fixes for 20 bugs from 4.2. For more information, see the release notes or consult the list of changes.
Once again if you are using old version, it is highly recommended that you upgrade your WordPress version to WordPress 4.2.3 immediately.