On 6th January 2016, WordPress 4.4.1 was released to the public. WordPress developers announced that all WordPress versions before 4.4 are vulnerable to cross-site scripting (XSS) bug and it could allow malicious users to take control over affected website if exploited. The latest version of WordPress 4.4.1 fixes this vulnerability and patches other 52 bugs.
If you are running previous versions of WordPress , you should check for the security updates. If there are no security updates available then consider upgrading to the latest version of WordPress (i.e. 4.4.1).
You can download and install version 4.4.1 from WordPress dashboard. If you don’t have automatic background updates enabled, update it via WordPress update utility in the dashboard.