diff --git a/CHANGELOG.md b/CHANGELOG.md
index 66d9ca3..d20aa3e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,10 @@
 Changelog
 =========
 
+## v1.6.4 (2025-09-15)
+
+* Patch CVE-2025-58806 [#66](https://github.com/bugsnag/bugsnag-wordpress/pull/66)
+
 ## v1.6.3 (2023-07-13)
 
 * Fix PHP 8.2 deprecation notice
diff --git a/bugsnag.php b/bugsnag.php
index f5489ce..f8c28e1 100644
--- a/bugsnag.php
+++ b/bugsnag.php
@@ -3,7 +3,7 @@
 Plugin Name: Bugsnag Error Monitoring
 Plugin URI: https://bugsnag.com
 Description: Bugsnag monitors for errors and crashes on your wordpress site, sends them to your bugsnag.com dashboard, and notifies you by email of each error.
-Version: 1.6.3
+Version: 1.6.4
 Author: Bugsnag Inc.
 Author URI: https://bugsnag.com
 License: GPLv2 or later
@@ -17,7 +17,7 @@ class Bugsnag_Wordpress
 
     private static $NOTIFIER = array(
         'name' => 'Bugsnag Wordpress (Official)',
-        'version' => '1.6.3',
+        'version' => '1.6.4',
         'url' => 'https://github.com/bugsnag/bugsnag-wordpress',
     );
 
@@ -280,6 +280,11 @@ public function pluginActionLinksFilter($links, $file)
 
     public function testBugsnag()
     {
+        // Verify nonce for CSRF protection
+        if (!wp_verify_nonce($_POST['_wpnonce'], 'test_bugsnag_nonce')) {
+            wp_die('Security check failed.');
+        }
+
         $this->apiKey = $_POST['bugsnag_api_key'];
         $this->notifySeverities = $_POST['bugsnag_notify_severities'];
         $this->filterFields = $_POST['bugsnag_filterfields'];
@@ -301,6 +306,10 @@ public function testBugsnag()
     public function renderSettings()
     {
         if (!empty($_POST['action']) && $_POST['action'] == 'update') {
+            // Verify nonce for CSRF protection
+            if (!wp_verify_nonce($_POST['_wpnonce'], 'update-options')) {
+                wp_die('Security check failed. Please try again.');
+            }
             $this->updateNetworkSettings($_POST);
         }
 
diff --git a/readme.txt b/readme.txt
index 8de36b4..f9e34fa 100644
--- a/readme.txt
+++ b/readme.txt
@@ -2,8 +2,8 @@
 Contributors: loopj
 Tags: bugsnag, error, monitoring, exception, logging
 Requires at least: 2.0
-Tested up to: 6.3
-Stable tag: 1.6.3
+Tested up to: 6.8.2
+Stable tag: 1.6.4
 License: GPLv2 or later
 
 Bugsnag is a WordPress plugin that automatically detects errors & crashes on your WordPress site, and notifies you by email, chat or issues system
@@ -38,6 +38,9 @@ To manually install Bugsnag:
 
 == Changelog ==
 
+= 1.6.4 =
+* Patch CVE-2025-58806
+
 = 1.6.3 =
 * Fix PHP 8.2 deprecation notice
 
diff --git a/views/settings.php b/views/settings.php
index 49bba55..8888404 100644
--- a/views/settings.php
+++ b/views/settings.php
@@ -108,7 +108,8 @@
             action: 'test_bugsnag',
             bugsnag_api_key: $('#bugsnag_api_key').val(),
             bugsnag_notify_severities: $('#bugsnag_notify_severities').val(),
-            bugsnag_filterfields: $('#bugsnag_filterfields').val()
+            bugsnag_filterfields: $('#bugsnag_filterfields').val(),
+            _wpnonce: '<?php echo wp_create_nonce('test_bugsnag_nonce'); ?>'
         };
 
         // since 2.8 ajaxurl is always defined in the admin header and points to admin-ajax.php