This new version of WordPress fixes a cross-site scripting (XSS) vulnerability. The comment author URLs were not fully sanitized when displayed in the admin area. This vulnerability could be exploited to redirect you away from the admin to another site. You can upgrade WordPress automatically and in a few seconds. Just go to Tools -> Upgrade and then enter your FTP details. If you can’t update automatically, you can do it manually by downloading the ZIP file from the link below.