As advised by the Sucuri Blog, PLEASE UPDATE WORDPRESS to the newest version 4.2.1. ASAP!!!!
It was found earlier today that if your WordPress site allows users to post comments via the WordPress commenting system, you’re at risk. An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts on your site, thus potentially allowing them to infect your visitors with malware, inject SEO spam or even insert backdoor in the site’s code if the code runs when in a logged-in administrator browser.
So WordPress issued this newest version to fix this nasty problem. UPDATE NOW!
Read more about this Sucuri Blog.