CVE-2025-58269
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-22

Last updated on: 2026-04-23

Assigner: Patchstack

Description
Use of Hard-coded Credentials vulnerability in weDevs WP Project Manager wedevs-project-manager allows Retrieve Embedded Sensitive Data.This issue affects WP Project Manager: from n/a through <= 2.6.25.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-22
Last Modified
2026-04-23
Generated
2026-06-16
AI Q&A
2025-09-22
EPSS Evaluated
2026-06-15
NVD
CVE-2025-58269
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wedevs wp_project_manager *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-58269 is a vulnerability in the WordPress WP Project Manager Plugin (up to version 2.6.25) where hard-coded credentials allow unauthenticated attackers to retrieve embedded sensitive data that should normally be restricted. This means attackers can access sensitive information without needing authorization. [1]

Impact Analysis

This vulnerability can expose sensitive data to unauthorized users, potentially enabling further exploitation of other system weaknesses. Although it is considered low severity with a CVSS score of 5.3, the exposure of sensitive information can lead to privacy breaches or other security issues. There is currently no official patch, but virtual patching is available to mitigate the risk. [1]

Mitigation Strategies

Since no official patch or fixed plugin version is currently available for this vulnerability, it is recommended to use Patchstack's virtual patching (vPatch) solution, which automatically protects against this vulnerability. Additionally, users should monitor for updates from the plugin developers and consider virtual patching to reduce risk. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-58269. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart