[SECURITY] [DSA 6091-1] wordpress security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 6091-1] wordpress security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Sun, 21 Dec 2025 14:54:37 +0000
Message-id: <[🔎] aUgKLXvyERRSubDq@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6091-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
December 21, 2025                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : wordpress
CVE ID         : CVE-2025-58246 CVE-2025-58674

Multiple security issues were discovered in the WordPress blogging tool,
which could result in cross-site scripting or information disclosure.

For the stable distribution (trixie), these problems have been fixed in
version 6.8.3+dfsg1-0+deb13u1.

We recommend that you upgrade your wordpress packages.

For the detailed security status of wordpress please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wordpress

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmlICKYACgkQEMKTtsN8
TjbJ4A/8ChQlnLjGTCxnNlSeOnELsOJ9e6KArqlk05L9dHQLjtDOslWeJVeyD4Db
rp0/rPb6mXNAUDzWZQ4POsGTsg6G4eubLLj/kuGo0SIJqvwNhLsU07GkwEy3sz+T
XCLIz44R/O/MMtNCNDkzn6PjERuqvGmaCCDseje5I/4Pis/9inOUN5J2g3uYySAO
fO+Df4X8sy2amrzGvXIPFg3FOw4LOZeaSHX1qCnB+o1NZwhs9+O3aip6VBXYkK2+
8jkWAPnEgjMUk47Tf8Mz+XEp3fxfyLUO12H8ksGTkmPinRJ74osbZJXu0vXbvN2n
qDmHezIRTTASi2pUCMobSqr9kR8jNR505KtTb5RPJo1QKM/JikMzcjGchObBZO4A
x7pcQxN4YysPWcGBmyFRrewAX1s3L3mQRM09ykAkrIE8t/gvmEN1gsDa+vo9bqYE
v3N/QbU5JOM7ktbLMvmpeQTuXy9IdQAIOcK7Mb5Mqxnzp+qyTLWG3p1v6YqkG0ht
qoLn74lJWOYQPEpgmI4WP4KXut/2AUTKlguc6X/t0giNugmpzQHMCbqcLjUfesJr
lI1hCz/hAmBcmIPHsvTBjKjW+/Dpop9T3TDmIwmhToudmARtypXDjwrIVCwh1F+3
0H25K6c6bWq02Lazyqacvs20A0O3d/Qxu2E6kFjUbDrYX90OnAU=
=58D5
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 6089-1] chromium security update
Next by Date: [SECURITY] [DSA 6090-1] rails security update
Previous by thread: [SECURITY] [DSA 6089-1] chromium security update
Next by thread: [SECURITY] [DSA 6090-1] rails security update
Index(es):
- Date
- Thread