20th of November WordPress reported in their blog that WordPress 4.0.1 is now available. This is a critical security release for all previous versions and they strongly encourage wordpress administrators to update sites immediately.
WordPress versions 3.9.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. For the details please check original post on Wordpress blog.
Wordpress as an APS package is available for installation using following Parallels products, here is the list of articles which you may refer to
Parallels takes the security of our customers very seriously and encourages you to take the recommended actions as soon as possible.
We also strongly encourage you to stay connected to Parallels for important product-related information via these methods: