I just noticed on my WordPress dashboard that WordPress 2.6.5 has been released to fix a few security vulnerabilities, including a cross site scripting vulnerability. You can read more about the release on the WordPress Blog, and you can download the new release here. It is also interesting to note that WordPress is skipping version 2.6.4 and going from 2.6.3 to 2.6.5. Apparently there was a fake WordPress 2.6.4 version that was making the rounds on the Internet.
If you use WordPress for your website or blog it is an easy upgrade that will only take you a few minutes.
For my clients that use WordPress I will be upgrading you shortly to prevent any type of security hole in your websites and blog.