WordPress 4.2.3 was released today. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.2.2 and earlier are affected by a critical cross-site scripting vulnerability, which could allow anonymous users to compromise a site. They have also fixed an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft.
Once again if you are using old version, it is highly recommended that you upgrade your WordPress version to WordPress 4.2.3 immediately.