WordPress 4.0.1 has been released to address multiple vulnerabilities, one of which could allow a site to be compromised by a remote attacker. WordPress 3.9.2 and earlier are affected by this vulnerability.
US-CERT recommends users and administrators review the WordPress Maintenance and Security Release and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.