WordPress today shipped security release 4.2.4, which includes a fix for several cross-site scripting vulnerabilities, a potential SQL injection, and other security related items.
Because you’re a WP Engine customer, you don’t have to take any action at this time. Our teams are working to patch and update all customer sites hosted with us to 4.2.4. We’ve got your back. Remember, we automate WordPress core and security updates for all of our customers.
WordPress 4.2.4 includes several security updates, which you can read about in more detail via this blog post on WordPress.org.
As always, thank you for trusting WP Engine to host your WordPress sites. Automated security updates like these are part of our promise to deliver you a secure WordPress experience.