Original release date: November 21, 2014

WordPress 4.0.1 has been released to address multiple vulnerabilities, one of which could allow a site to be compromised by a remote attacker. WordPress 3.9.2 and earlier are affected by this vulnerability. 

US-CERT recommends users and administrators review the WordPress Maintenance and Security Release and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.