The new update of WordPress fixes a security vulnerability that was previously reported by Thomas Mackenzie on his personal blog. The vulnerability affects all WordPress installations with the version number 2.9.0 or later. Previous WordPress installations are not affected by the vulnerability (but are insecure because of other reasons).
Thomas Mackenzie alerted us to a problem where logged in users can peek at trashed posts belonging to other authors. If you have untrusted users signed up on your blog and sensitive posts in the trash, you should upgrade to 2.9.2. As always, you can visit the Tools->Upgrade menu to upgrade.
You can download the latest update here or upgrade directly from your wp-admin.
Happy Blogging.
-Mahesh.
{ 2 comments… read them below or add one }
I saw this new update today and checked the new post from Wordpress team. realize this update is to resolve the issue with
multiple author blog and since I have one… I had no choice apart from updating my
Wordpress version. Thanks for updating us about it.!!
I recently Started blogging and when I install Wordpress my hosting installed 2.9.1 instead of 2.9.2.
And I had to manually upgrade the wordpress to the latest version. though it was not tough though initially I thought of it as quite scary.