Via WordPress.org: “WordPress versions 3.9.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. This presents significant reputational, regulatory, and possibly operational risk to companies that conduct business on WordPress sites. Websites sites should be updated to the latest version, 4.0.1, as soon as possible.”
Go West IT recommends that you contact your website developer to perform this upgrade, as it may also require that numerous plugins are simultaneously updated to maintain functionality. If you do not have a web developer please feel free to contact Go West IT for guidance.