WordPress has updated it’s famous blogging platform from earlier version 2.9.1 to 2.9.2.This addresses the problem where untrusted logged in users can secretly look into the trashed posts belonging to other authors.
The reason we should all upgrade our WordPress to 2.9.2 according to WordPress developers:
If you have untrusted users signed up on your blog and sensitive posts in the trash, you should upgrade to 2.9.2.
This is a minor update but considering the fact that it is addressing a security issue, we may not want to take chance, and if you have configured Google friend connect for your WordPress blog, keep in mind that all the users who have subscribed to your blog as members, would be treated as users signed up to your blog by WordPress, and what it means that there’s a possibility that these users when logged in can peek at your trashed posts.
Use Tools>Upgrade menu from your dashboard to upgrade to WordPress 2.9.1 or
Download WordPress Zip file
I don’t want to upload the whole thing (6MB), where are those files which are new?
Thanks!
@Lenny23, The users are not informed about which files have been updated in WordPress 2.9.2, anyway it won’t be taking much time for installation either, use the automatic upgrade option from Tools>Upgrade>Upgrade automatically this reduces the burden of Uploading whole WordPress folder into your server.