WordPress Updates 3.x and 4.x for Security Flaws
Page 1 of 1
Among the security updates in the 4.0.1 release are fixes for three cross-site scripting (XSS) vulnerabilities. An XSS vulnerability can potentially enable an attacker to inject malicious code in a trusted site. Passwords are always a target for attackers, and the WordPress 4.0.1 update includes a number of updates related to password security.
WordPress has provided incremental updates for the older WordPress release with 3.7.5, 3.85 and 3.9.3 update releases providing fixes for critical security issues.