diff --git a/wp-includes/rest-api.php b/wp-includes/rest-api.php
index b998cf7cda..653abc0c8d 100644
--- a/wp-includes/rest-api.php
+++ b/wp-includes/rest-api.php
@@ -589,7 +589,7 @@ function rest_send_cors_headers( $value ) {
 		header( 'Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, PATCH, DELETE' );
 		header( 'Access-Control-Allow-Credentials: true' );
 		header( 'Vary: Origin' );
-	} else if ( 'GET' === $_SERVER['REQUEST_METHOD'] && ! is_user_logged_in() ) {
+	} elseif ( ! headers_sent() && 'GET' === $_SERVER['REQUEST_METHOD'] && ! is_user_logged_in() ) {
 		header( 'Vary: Origin' );
 	}
 
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 838d9192f9..4ae9e73531 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -13,7 +13,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.3-beta3-46478';
+$wp_version = '5.3-beta3-46483';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.