Walker News

Latest WordPress 2.9.2 Fixes Trashed Posts Vulnerability

For those who are using WordPress to run multi-author blog, you should follow the WordPress Development blog, one of the best site to keep users informed of the latest patches to fix vulnerabilities discovered by WordPress community, as well as ongoing releases to enhanced WordPress features and functionalities.

The latest WordPress 2.9.2, for example, include patch to fix a bug discovered by Thomas Mackenzie, where the posts moved to trash bin can be viewed by any authenticated users regardless of the user privilege/level or WordPress role.

Having said that, even a subscriber can read posts in the WordPress trash bin!

Whether it is a multi-author or single user WordPress-powered blog, the owner should always keep the blogging software up to date.

Custom Search

2014  •  Privacy Policy