CVE-2025-63058

MEDIUM
2025-12-09 [email protected]
4.4
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Apr 01, 2026 - 15:22 vuln.today
CVE Published
Dec 09, 2025 - 16:18 nvd
MEDIUM 4.4

Tags

WordPress PHP Information Disclosure

Description

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Hiroaki Miyashita Custom Field Template custom-field-template allows Retrieve Embedded Sensitive Data.This issue affects Custom Field Template: from n/a through <= 2.7.6.

Analysis

Custom Field Template WordPress plugin through version 2.7.6 exposes sensitive system information to high-privilege local users via embedded data retrieval, allowing administrators to access confidential data they should not have access to. The vulnerability requires high administrative privileges and local access, limiting real-world exploitation risk despite the complete confidentiality impact. EPSS probability is minimal at 0.02%, indicating low likelihood of opportunistic exploitation.

Technical Context

This vulnerability stems from CWE-497 (Exposure of Sensitive System Information to an Unauthorized Control Sphere), a class of flaws where sensitive data stored or processed by an application becomes accessible to users who should not have authorization to view it. In Custom Field Template, the plugin likely stores sensitive embedded data within custom field structures that are inadequately protected by access control checks. The WordPress plugin architecture's role-based capabilities system should restrict data retrieval based on user role, but this plugin fails to enforce proper boundaries between privilege levels, allowing high-privilege administrators to retrieve data that should be isolated or encrypted. The issue affects the plugin's custom field storage and retrieval mechanisms across versions up to and including 2.7.6.

Affected Products

Custom Field Template WordPress plugin by Hiroaki Miyashita through version 2.7.6 is affected. The vulnerability impacts all installations running this plugin with version 2.7.6 or earlier. CPE data for the plugin is wp-content/plugins/custom-field-template. The WordPress Plugin Directory and Patchstack vulnerability database entry at https://patchstack.com/database/Wordpress/Plugin/custom-field-template/vulnerability/wordpress-custom-field-template-plugin-2-7-4-sensitive-data-exposure-vulnerability document this issue.

Remediation

Update Custom Field Template to a version newer than 2.7.6 immediately. Administrators should navigate to the WordPress plugin management dashboard, locate Custom Field Template, and click the update button if available. If no update is yet released, restrict administrative user access to only fully trusted personnel and review recent admin account activity for unauthorized data access. Monitor WordPress admin audit logs for suspicious custom field data retrieval activities. For sites unable to patch, consider temporarily disabling the plugin if custom field functionality is not critical, and audit all current and former administrator accounts for credential compromise.

Priority Score

22
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +22
POC: 0

Share

CVE-2025-63058 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy