Nginx
CVE-2025-62126
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
3DescriptionCVE.org
Insertion of Sensitive Information Into Sent Data vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching vcaching allows Retrieve Embedded Sensitive Data.This issue affects Varnish/Nginx Proxy Caching: from n/a through <= 1.8.3.
AnalysisAI
Information disclosure in Razvan Stanga's Varnish/Nginx Proxy Caching WordPress plugin through version 1.8.3 allows sensitive data embedded in cached responses to be exposed to unauthorized users. The vulnerability stems from improper handling of sensitive information during proxy caching operations, enabling attackers to retrieve cached data containing credentials, tokens, or other confidential material. No authentication is required to exploit this issue, and EPSS analysis indicates a 4.43% probability of exploitation (89th percentile), suggesting moderate real-world risk despite the lack of known public exploits.
Technical ContextAI
The vulnerability is rooted in CWE-201 (Insertion of Sensitive Information Into Sent Data), which occurs when applications transmit sensitive information in responses that can be cached by intermediate proxies. In this case, the Varnish/Nginx Proxy Caching plugin for WordPress fails to properly sanitize or exclude sensitive data from responses before they are cached. The plugin is designed to improve performance by caching dynamic WordPress content through Varnish and Nginx reverse proxies. When sensitive information (such as session tokens, API keys, or personally identifiable information) is inadvertently included in cacheable responses without proper cache-control headers or content filtering, it becomes retrievable from the cache by any attacker who can access the cache layer or proxy server. This is particularly dangerous in shared hosting or CDN environments where multiple users or applications may share infrastructure.
Affected ProductsAI
The vulnerability affects the Varnish/Nginx Proxy Caching plugin (vcaching) for WordPress, authored by Razvan Stanga, in all versions from initial release through version 1.8.3. The plugin is available on the WordPress plugin repository and is identified by the slug 'vcaching'. Users running any version at or below 1.8.3 are affected. The plugin integrates with Varnish and Nginx reverse proxies to cache WordPress content, so vulnerability exposure depends on both plugin installation and active use of proxy caching infrastructure.
RemediationAI
Update the Varnish/Nginx Proxy Caching plugin to version 1.8.4 or later as soon as possible. Users should navigate to their WordPress admin dashboard, go to Plugins > Installed Plugins, locate 'Varnish/Nginx Proxy Caching', and click 'Update Now'. For detailed patch information and advisory details, refer to the Patchstack database entry at https://patchstack.com/database/Wordpress/Plugin/vcaching/vulnerability/wordpress-varnish-nginx-proxy-caching-plugin-1-8-3-sensitive-data-exposure-vulnerability. In the interim, administrators should review cache configuration to ensure Cache-Control headers (no-store, private) are set appropriately for responses containing sensitive data, and verify that sensitive information is stripped from cached content at the application level. Consider temporarily disabling the plugin if sensitive data exposure cannot be mitigated through configuration.
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cau
A critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access
nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescap
An issue was discovered on GL.iNet devices before version 4.5.0. Rated critical severity (CVSS 9.8), this vulnerability
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range fi
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid
Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Rated critical severity (CVSS 9.8
The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP proxy in nginx 1.5.x and 1.6.x before 1.6.1 and
Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows remote attackers to crash worker
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today