WordPress has released version 2.9.2 of its popular self-hosted blogging software, which is available for download immediately.
According to the WordPress blog, the previous version allows logged in users to read trashed blog posts that belong to other authors.
This is a very limited security update. It is mainly for multi-author blogs.
Per the WordPress blog they were alerted to a problem
A problem where logged in users can peek at trashed posts belonging to other authors. If you have untrusted users signed up on your blog and sensitive posts in the trash, you should upgrade to 2.9.2.
The majority of readers here are probably not effected but you should be aware.