Do you make use of the nifty little trash feature recently introduced in WordPress 2.9 that allows you to “delete” or “trash” posts to a recycle bin from which you can then choose to permanently delete or restore at a later date?
Well if the answer is yes then it is probably a good idea to quickly update your installation version to the newly released 2.9.2 version in order to protect yourself against a nasty little bug introduced with this great new bit of functionality!
The problem is that in introducing this new core bit of functionality, developers somehow forgot to properly integrate it within WordPress’ security framework and as such were left with a situation whereby any authenticated user, no matter what rights they have (e.g. they could even be a simple subscriber), can access the trash of any other user – meaning that if you have any sensitive posts that you previously trashed, they would have in fact still pretty much been open for anyone to see.
If you still aren’t on the same page with me as to why you need to upgrade to this patched version ASAP, let me put it to you a little differently. Let us say for example you work for a boss, but being a disgruntled employee, you type up a post on the company blog revealing to the world all the naughty kinkiness you got up to your boss’ daughter. Thankfully though, a moment of sanity prevailed and you trashed the post before publishing it, so it never saw the light of day – whew! However, if the bug was still active and your boss entered the blog to add a new post or such, he would be able to read what you had previously trashed and make no doubt about it – you would now be standing out there in the cold in the unemployment line.
So do yourself a favour. Upgrade to WordPress 2.9.2 today! :)
Related Link: http://wordpress.org/development/2010/02/wordpress-2-9-2/
You might also enjoy:
-
At least the guys at WordPress haven't been sitting back and doing nothing about the horrible host of bugs they introduced with their latest WordPress 2.9 u ... -
Random posts are always fun to throw up onto your blog, as they help encourage readers stick around for that little bit longer and explore the otherwise dee ...
-
I see the guys at WordPress sneaked 2.9.1 live this morning, with this quickfire release attending to a number of annoying glitches and bugs brought in by t ...
-
Now that I've moved all my blogging onto the WordPress platform, I have to begrudgingly admit to it being pretty damn cool after all. However, there are a f ...
-
Seeing as I'm now running both CodeUnit and Rugged Rock off the WordPress platform, I guess it is about time that I take notice every time WordPress breathe ...
