{"data":{"id":"f71fd5d6-aa47-4871-91a9-d874520935f6","title":"CVE-2025-62998: Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot allows Retrieve Embedded Sen","summary":"CVE-2025-62998 is a vulnerability in WP AI CoPilot (a WordPress plugin that adds AI features) versions 1.2.7 and earlier, where sensitive information can be unintentionally included in data sent from the plugin. This is classified as CWE-201 (insertion of sensitive information into sent data), meaning the plugin may leak private or confidential data to unintended recipients.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-62998","publishedAt":"2025-12-18T17:15:54.813Z","cveId":"CVE-2025-62998","cweIds":["CWE-201"],"cvssScore":"5","cvssSeverity":"medium","severity":"medium","attackType":["pii_leakage"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["WP Messiah WP AI CoPilot"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00041,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}