WordPress 4.2.4 has been released and includes six fixes for various security holes, ranging from cross-site scripting to SQL injection. As always with security releases, you should update as soon as possible.
Full details: WordPress 4.2.4 Security and Maintenance Release