CVE-2025-58674 WordPress <= 6.8.2 - (Author+) Cross Site Scripting (XSS) Vulnerability

🗓️ 23 Sep 2025 18:47:02Reported by PatchstackType

CVE-2025-58674: WordPress core up to 6.8.2 has stored XSS requiring Author or higher privileges.

Reporter	Title	Published	Views	Family All 43
ATTACKERKB	CVE-2025-58674	23 Sep 202518:47	–	attackerkb
Chainguard	CVE-2025-58674 vulnerabilities	7 Jan 202601:30	–	cgr
Circl	CVE-2025-58674	27 Apr 202620:30	–	circl
CNNVD	WordPress plugin Core 跨站脚本漏洞	23 Sep 202500:00	–	cnnvd
CVE	CVE-2025-58674	23 Sep 202518:47	–	cve
Debian	[SECURITY] [DLA 4358-1] wordpress security update	3 Nov 202508:57	–	debian
Debian	[SECURITY] [DSA 6075-1] wordpress security update	9 Dec 202523:42	–	debian
Debian	[SECURITY] [DSA 6091-1] wordpress security update	21 Dec 202514:54	–	debian
Debian CVE	CVE-2025-58674	23 Sep 202518:47	–	debiancve
Tenable Nessus	Debian dla-4358 : wordpress - security update	3 Nov 202500:00	–	nessus

[
  {
    "defaultStatus": "unaffected",
    "product": "WordPress",
    "repo": "https://github.com/WordPress/WordPress",
    "vendor": "WordPress",
    "versions": [
      {
        "changes": [
          {
            "at": "6.8.3",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.8.2",
        "status": "affected",
        "version": "6.8",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.7.4",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.7.3",
        "status": "affected",
        "version": "6.7",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.6.4",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.6.3",
        "status": "affected",
        "version": "6.6",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.5.7",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.5.6",
        "status": "affected",
        "version": "6.5",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.4.7",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.4.6",
        "status": "affected",
        "version": "6.4",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.3.7",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.3.6",
        "status": "affected",
        "version": "6.3",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.2.8",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.2.7",
        "status": "affected",
        "version": "6.2",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.1.9",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.1.8",
        "status": "affected",
        "version": "6.1",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "6.0.11",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.0.10",
        "status": "affected",
        "version": "6.0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "5.9.12",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "5.9.11",
        "status": "affected",
        "version": "5.9",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "5.8.12",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "5.8.11",
        "status": "affected",
        "version": "5.8",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "5.7.14",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "5.7.13",
        "status": "affected",
        "version": "5.7",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "5.6.16",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "5.6.15",
        "status": "affected",
        "version": "5.6",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "5.5.17",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "5.5.16",
        "status": "affected",
        "version": "5.5",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "5.4.18",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "5.4.17",
        "status": "affected",
        "version": "5.4",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "5.3.20",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "5.3.19",
        "status": "affected",
        "version": "5.3",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "5.2.23",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "5.2.22",
        "status": "affected",
        "version": "5.2",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "5.1.21",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "5.1.20",
        "status": "affected",
        "version": "5.1",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "5.0.24",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "5.0.23",
        "status": "affected",
        "version": "5.0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "4.9.28",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "4.9.27",
        "status": "affected",
        "version": "4.9",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "4.8.27",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "4.8.26",
        "status": "affected",
        "version": "4.8",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "4.7.31",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "4.7.30",
        "status": "affected",
        "version": "4.7",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
wordpress	www.wordpress.org/news/2025/09/wordpress-6-8-3-release/
patchstack	www.patchstack.com/database/wordpress/wordpress/wordpress/vulnerability/wordpress-wordpress-wordpress-6-8-2-cross-site-scripting-xss-vulnerability

28 Apr 2026 16:13Current

CVSS 3.15.9

EPSS0.00199

CWE-79