WordPress 4.2.3 is now available. This has been released to fix a cross-site scripting vulnerability in WordPress versions 4.2.2 and earlier. It is strongly recommended that you updated your sites to 4.2.3 since this vulnerability can allow users with contributor or author role to compromise a site.
WordPress 4.2.3 also addressed the following:
- Fixed an issue where it was possible for a user with subscriber role to create a draft through quick draft
- Fixed 20 bugs from version 4.2
If your website is not configured to received automatic updates you can manually update to 4.2.3 from your dashboard (Dashboard->Updates->Update Now).