Alhamdulillah.
I’m pleased to share that my recent vulnerability report has been officially acknowledged in the WordPress 6.8.3 Security Release.
The issue, now tracked as CVE-2025-58246, addressed a Sensitive Data Exposure vulnerability discovered in WordPress Core version 6.8.2.
As part of my ongoing work as Lead Application Security Engineer at WPDeveloper, I identified and responsibly disclosed this vulnerability through the Patchstack Bug Bounty Program.
After review and validation by the WordPress Security Team, the issue was confirmed, triaged, and patched in the WordPress 6.8.3 release.
You can find the technical details in the official Patchstack Database Advisory and coverage in The Repository’s report.
I would like to thank both the WordPress Security Team and Patchstack for their professional handling of this report and their continuous commitment to improving WordPress security.
🔗 My WordPress.org profile: profiles.wordpress.org/hurayraiit
Leave a Reply