Sensitive Data Exposure in Automattic WordPress
CVE-2025-58246
4.3MEDIUM
What is CVE-2025-58246?
A sensitive data exposure vulnerability exists within Automattic WordPress that enables the retrieval of sensitive embedded data sent during interactions. This issue primarily affects WordPress versions up to and including 6.8.2 and necessitates contributor-level privileges for exploitation. The WordPress Core security team is actively addressing this vulnerability to enhance website security and protect user information.
Affected Version(s)
WordPress <= 6.8.2