Today When I log in to WordPress, I saw a familiar wording on the top of Dashboard.
“WordPress 2.9.2 is available! Please update now.”
Thomas Mackenzie alerted us to a problem where logged in users can peek at trashed posts belonging to other authors. If you have untrusted users signed up on your blog and sensitive posts in the trash, you should upgrade to 2.9.2. As always, you can visit the Tools->Upgrade menu to upgrade.
That also means that I do not need to upgrade my WordPress version 2.9.1 to 2.9.2 because I’m the only author for my own blog. Therefore, I will stay on my current version until next bigger upgrade.
However, if you have multiple authors in your blog, I will advise you to upgrade to the latest WordPress 2.9.2 because some untrusted registered users may exploit sensitive posts in your trash.