If you haven’t logged into your WordPress today, this is news to you. Version 3.3.1 has been released to fix a XSS vulnerability.
According to ThreatPost, this is only a vulnerability if you installed WordPress by browsing to the IP. Most installs are hosted and you would browse to the site FQDN to install. These systems aren’t vulnerable.
The update also fixed 15 bugs. So review the release notes and determine if you need to update. Or just do it.