CVE-2025-58246
Description
Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to exploit it. This issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords6 versionspkg:apk/chainguard/wordpresspkg:apk/chainguard/wordpress-oci-entrypointpkg:apk/wolfi/wordpresspkg:apk/wolfi/wordpress-oci-entrypointpkg:bitnami/wordpresspkg:bitnami/wordpress-multisite
< 6.8.3-r0+ 5 more
- (no CPE)range: < 6.8.3-r0
- (no CPE)range: < 6.8.3-r0
- (no CPE)range: < 6.8.3-r0
- (no CPE)range: < 6.8.3-r0
- (no CPE)range: < 6.8.3
- (no CPE)range: < 6.8.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.