16 Feb 2010

WordPress 2.9.2 Released,Security fix!

Posted 202 days ago
Uncategorized 1 Comment

wpsecurityAn update for the blogging script WordPress has just been released.

This release is a security fix, but if you have some untrusted users (authors, subscribers) on your blog/site when logged in they can see the posts in trash.

The vulnerability exploits a new feature that has been introduced in WordPress 2.9: the trash. The trash is a basic trashcan where deleted posts are placed so that they can be restored if they have been deleted by accident. This trash can be disabled but is activated by default on all WordPress 2.9 and later blogs.

According to WordPress.org ” Thomas Mackenzie alerted them about the problem where logged in users can peek at trashed posts belonging to other authors. If you have untrusted users signed up on your blog and sensitive posts in the trash, you should upgrade to 2.9.2

One Response to “WordPress 2.9.2 Released,Security fix!”

  1. Theme premium says:
    February 16, 2010 at 2:27 pm

    Wordpress update are always handy but this update is useful for only those who have their registration open.
    I will wait for latest WordPress 3.0 which have WordPress MU capability.

  2. Manifest_Mktg says:
    July 2, 2010 at 11:31 am

    A highly effective mail scanner is now possible with Scanmail 10K, a great product from Manifest Marketing. http://bit.ly/scanmail10k

Leave a Reply

Comment moderation is enabled. Your comment may take some time to appear.

WordPress Themes


Privacy. T&C.
Rss Feed
Content Protected Using Blog Protector By: PcDrome.
WordPress Themes
WordPress Themes