New WordPress 4.0.1 has just been released to public. The new version is a critical security release that provides a fix for a critical cross-site scripting vulnerability.
Along with this fix, also several bugs were fixed in the new version. Sites that support automatic background updates will be updated to WordPress 4.0.1 within the next few hours. If your site is still on WordPress 3.9.2, 3.8.4, or 3.7.4, it will be updated to 3.9.3, 3.8.5, or 3.7.5 to keep everything secure.
If you don’t want to wait for the automatic update or your site is even older. Go into to your Dashboard and update now to avoid future headaches.