Two of the most widely used caching plugins, WP Super Cache and W3 Total Cache (W3TC), have a serious vulnerability that will allow an attacker to use comments on your site to run code which could deface your site, or cause your server to attack other sites and servers on the Internet.
To ensure your WordPress installation is secure, you must update the caching plugins as soon as possible:
These need to be installed from within your WordPress admin panel, as shown in this article.
We take security issues like this very seriously, and would like to help as much as possible. However, vigilance on your part will reduce your risk greatly, so update these plugins if you are using them, as soon as possible. You may also want to upgrade to the latest version of WordPress, which is 3.5.1. This article will show you how to upgrade WordPress itself.
As always, keeping third party software and plugins up-to-date is just as paramount in maintaining the security of your websites as using strong passwords.