Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/wordpress@0?distro=trixie
Typedeb
Namespacedebian
Namewordpress
Version0
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.0.1-1
Latest_non_vulnerable_version6.9.4+dfsg1-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1cad-s6nn-j7aw
vulnerability_id VCID-1cad-s6nn-j7aw
summary embedded prototype.js JavaScript hijacking
references
0
reference_url http://dev.rubyonrails.org/ticket/7910
reference_id
reference_type
scores
url http://dev.rubyonrails.org/ticket/7910
1
reference_url http://prototypejs.org/2007/4/24/release-candidate-3
reference_id
reference_type
scores
url http://prototypejs.org/2007/4/24/release-candidate-3
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2383.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2383.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-2383
reference_id
reference_type
scores
0
value 0.00262
scoring_system epss
scoring_elements 0.49583
published_at 2026-04-18T12:55:00Z
1
value 0.00262
scoring_system epss
scoring_elements 0.49489
published_at 2026-04-01T12:55:00Z
2
value 0.00262
scoring_system epss
scoring_elements 0.49518
published_at 2026-04-02T12:55:00Z
3
value 0.00262
scoring_system epss
scoring_elements 0.49546
published_at 2026-04-04T12:55:00Z
4
value 0.00262
scoring_system epss
scoring_elements 0.49498
published_at 2026-04-07T12:55:00Z
5
value 0.00262
scoring_system epss
scoring_elements 0.49553
published_at 2026-04-08T12:55:00Z
6
value 0.00262
scoring_system epss
scoring_elements 0.49548
published_at 2026-04-09T12:55:00Z
7
value 0.00262
scoring_system epss
scoring_elements 0.49565
published_at 2026-04-11T12:55:00Z
8
value 0.00262
scoring_system epss
scoring_elements 0.49537
published_at 2026-04-12T12:55:00Z
9
value 0.00262
scoring_system epss
scoring_elements 0.49539
published_at 2026-04-13T12:55:00Z
10
value 0.00262
scoring_system epss
scoring_elements 0.49585
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-2383
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2383
5
reference_url http://secunia.com/advisories/37677
reference_id
reference_type
scores
url http://secunia.com/advisories/37677
6
reference_url http://www.debian.org/security/2009/dsa-1952
reference_id
reference_type
scores
url http://www.debian.org/security/2009/dsa-1952
7
reference_url http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
reference_id
reference_type
scores
url http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=539592
reference_id 539592
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=539592
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555220
reference_id 555220
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555220
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555221
reference_id 555221
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555221
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555250
reference_id 555250
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555250
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555255
reference_id 555255
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555255
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=558977
reference_id 558977
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=558977
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:prototypejs:prototype_framework:1.5.1_rc3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:prototypejs:prototype_framework:1.5.1_rc3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:prototypejs:prototype_framework:1.5.1_rc3:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-2383
reference_id CVE-2007-2383
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2007-2383
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2007-2383
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1cad-s6nn-j7aw
1
url VCID-2amm-jjpz-xyhf
vulnerability_id VCID-2amm-jjpz-xyhf
summary wordpress: multiple XSS issues in invite action
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1304.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1304.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1304
reference_id
reference_type
scores
0
value 0.0308
scoring_system epss
scoring_elements 0.86706
published_at 2026-04-01T12:55:00Z
1
value 0.0308
scoring_system epss
scoring_elements 0.86717
published_at 2026-04-02T12:55:00Z
2
value 0.0308
scoring_system epss
scoring_elements 0.86736
published_at 2026-04-04T12:55:00Z
3
value 0.0308
scoring_system epss
scoring_elements 0.86735
published_at 2026-04-07T12:55:00Z
4
value 0.0308
scoring_system epss
scoring_elements 0.86754
published_at 2026-04-08T12:55:00Z
5
value 0.0308
scoring_system epss
scoring_elements 0.86763
published_at 2026-04-09T12:55:00Z
6
value 0.0308
scoring_system epss
scoring_elements 0.86776
published_at 2026-04-11T12:55:00Z
7
value 0.0308
scoring_system epss
scoring_elements 0.86773
published_at 2026-04-12T12:55:00Z
8
value 0.0308
scoring_system epss
scoring_elements 0.86768
published_at 2026-04-13T12:55:00Z
9
value 0.0308
scoring_system epss
scoring_elements 0.86783
published_at 2026-04-16T12:55:00Z
10
value 0.0308
scoring_system epss
scoring_elements 0.86788
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1304
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=437754
reference_id 437754
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=437754
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31356.txt
reference_id CVE-2008-1304;OSVDB-43402
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31356.txt
4
reference_url https://www.securityfocus.com/bid/28139/info
reference_id CVE-2008-1304;OSVDB-43402
reference_type exploit
scores
url https://www.securityfocus.com/bid/28139/info
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31357.txt
reference_id CVE-2008-1304;OSVDB-43403
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31357.txt
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2008-1304
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2amm-jjpz-xyhf
2
url VCID-2jta-dshu-e7hb
vulnerability_id VCID-2jta-dshu-e7hb
summary WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 has improper handling of HTML input in the Custom HTML feature. This leads to stored XSS in the custom HTML widget. This has been patched in WordPress 5.8. It was only present during the testing/beta phase of WordPress 5.8.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-39202
reference_id
reference_type
scores
0
value 0.00817
scoring_system epss
scoring_elements 0.74301
published_at 2026-04-01T12:55:00Z
1
value 0.00817
scoring_system epss
scoring_elements 0.74304
published_at 2026-04-02T12:55:00Z
2
value 0.00817
scoring_system epss
scoring_elements 0.74332
published_at 2026-04-04T12:55:00Z
3
value 0.00817
scoring_system epss
scoring_elements 0.74305
published_at 2026-04-07T12:55:00Z
4
value 0.00817
scoring_system epss
scoring_elements 0.74338
published_at 2026-04-08T12:55:00Z
5
value 0.00817
scoring_system epss
scoring_elements 0.74353
published_at 2026-04-09T12:55:00Z
6
value 0.00817
scoring_system epss
scoring_elements 0.74374
published_at 2026-04-11T12:55:00Z
7
value 0.00817
scoring_system epss
scoring_elements 0.74354
published_at 2026-04-12T12:55:00Z
8
value 0.00817
scoring_system epss
scoring_elements 0.74346
published_at 2026-04-13T12:55:00Z
9
value 0.00817
scoring_system epss
scoring_elements 0.74383
published_at 2026-04-16T12:55:00Z
10
value 0.00817
scoring_system epss
scoring_elements 0.74391
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-39202
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2021-39202
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jta-dshu-e7hb
3
url VCID-3m3b-wxjf-qfg4
vulnerability_id VCID-3m3b-wxjf-qfg4
summary Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in Wordpress MU (WPMU) before 2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) s and (2) ip_address parameters.
references
0
reference_url http://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064748.html
reference_id
reference_type
scores
url http://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064748.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-4671
reference_id
reference_type
scores
0
value 0.00813
scoring_system epss
scoring_elements 0.74303
published_at 2026-04-18T12:55:00Z
1
value 0.00813
scoring_system epss
scoring_elements 0.74209
published_at 2026-04-01T12:55:00Z
2
value 0.00813
scoring_system epss
scoring_elements 0.74214
published_at 2026-04-07T12:55:00Z
3
value 0.00813
scoring_system epss
scoring_elements 0.74241
published_at 2026-04-04T12:55:00Z
4
value 0.00813
scoring_system epss
scoring_elements 0.74246
published_at 2026-04-08T12:55:00Z
5
value 0.00813
scoring_system epss
scoring_elements 0.74261
published_at 2026-04-09T12:55:00Z
6
value 0.00813
scoring_system epss
scoring_elements 0.74283
published_at 2026-04-11T12:55:00Z
7
value 0.00813
scoring_system epss
scoring_elements 0.74263
published_at 2026-04-12T12:55:00Z
8
value 0.00813
scoring_system epss
scoring_elements 0.74256
published_at 2026-04-13T12:55:00Z
9
value 0.00813
scoring_system epss
scoring_elements 0.74294
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-4671
2
reference_url http://secunia.com/advisories/32060
reference_id
reference_type
scores
url http://secunia.com/advisories/32060
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/45512
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/45512
4
reference_url http://www.securityfocus.com/bid/31482
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/31482
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress_mu:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress_mu:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:1.0:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:1.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress_mu:1.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:1.2.2:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:1.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress_mu:1.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:1.2.3:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress_mu:1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:1.3:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:1.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress_mu:1.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:1.3.1:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-4671
reference_id CVE-2008-4671
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2008-4671
12
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/32444.txt
reference_id CVE-2008-4671;OSVDB-48635
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/32444.txt
13
reference_url https://www.securityfocus.com/bid/31482/info
reference_id CVE-2008-4671;OSVDB-48635
reference_type exploit
scores
url https://www.securityfocus.com/bid/31482/info
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2008-4671
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3m3b-wxjf-qfg4
4
url VCID-5brn-syjs-d3dp
vulnerability_id VCID-5brn-syjs-d3dp
summary 
Moodle vulnerable to Cross-site Scripting
Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php), as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via crafted HTML entities.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
1
reference_url http://moodle.org/security
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://moodle.org/security
2
reference_url http://moodle.org/security/
reference_id
reference_type
scores
url http://moodle.org/security/
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1619.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1619.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-1619
reference_id
reference_type
scores
0
value 0.00254
scoring_system epss
scoring_elements 0.4884
published_at 2026-04-18T12:55:00Z
1
value 0.00254
scoring_system epss
scoring_elements 0.48791
published_at 2026-04-04T12:55:00Z
2
value 0.00254
scoring_system epss
scoring_elements 0.48745
published_at 2026-04-07T12:55:00Z
3
value 0.00254
scoring_system epss
scoring_elements 0.48799
published_at 2026-04-08T12:55:00Z
4
value 0.00254
scoring_system epss
scoring_elements 0.48796
published_at 2026-04-09T12:55:00Z
5
value 0.00254
scoring_system epss
scoring_elements 0.48814
published_at 2026-04-11T12:55:00Z
6
value 0.00254
scoring_system epss
scoring_elements 0.48788
published_at 2026-04-12T12:55:00Z
7
value 0.00254
scoring_system epss
scoring_elements 0.48795
published_at 2026-04-13T12:55:00Z
8
value 0.00254
scoring_system epss
scoring_elements 0.48844
published_at 2026-04-16T12:55:00Z
9
value 0.00254
scoring_system epss
scoring_elements 0.48726
published_at 2026-04-01T12:55:00Z
10
value 0.00254
scoring_system epss
scoring_elements 0.48765
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-1619
5
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
6
reference_url http://www.vupen.com/english/advisories/2010/1107
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2010/1107
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=578811
reference_id 578811
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=578811
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.8.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.10:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.8.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.11:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.8.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.8.9:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:moodle:moodle:1.9.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.9.7:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-1619
reference_id CVE-2010-1619
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-1619
27
reference_url https://github.com/advisories/GHSA-hhxf-w8hj-43w6
reference_id GHSA-hhxf-w8hj-43w6
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hhxf-w8hj-43w6
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2010-1619, GHSA-hhxf-w8hj-43w6
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5brn-syjs-d3dp
5
url VCID-6baf-6r3v-gub4
vulnerability_id VCID-6baf-6r3v-gub4
summary 
Wordpress contains several cross-site scripting, cross-site request forgery
    and information leak vulnerabilities.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1409
reference_id
reference_type
scores
0
value 0.00582
scoring_system epss
scoring_elements 0.68883
published_at 2026-04-01T12:55:00Z
1
value 0.00582
scoring_system epss
scoring_elements 0.689
published_at 2026-04-02T12:55:00Z
2
value 0.00605
scoring_system epss
scoring_elements 0.69551
published_at 2026-04-07T12:55:00Z
3
value 0.00605
scoring_system epss
scoring_elements 0.69602
published_at 2026-04-08T12:55:00Z
4
value 0.00605
scoring_system epss
scoring_elements 0.69618
published_at 2026-04-09T12:55:00Z
5
value 0.00605
scoring_system epss
scoring_elements 0.69641
published_at 2026-04-11T12:55:00Z
6
value 0.00605
scoring_system epss
scoring_elements 0.69626
published_at 2026-04-12T12:55:00Z
7
value 0.00605
scoring_system epss
scoring_elements 0.69612
published_at 2026-04-13T12:55:00Z
8
value 0.00605
scoring_system epss
scoring_elements 0.69651
published_at 2026-04-16T12:55:00Z
9
value 0.00605
scoring_system epss
scoring_elements 0.6966
published_at 2026-04-18T12:55:00Z
10
value 0.00605
scoring_system epss
scoring_elements 0.69572
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1409
1
reference_url http://secunia.com/advisories/24566
reference_id
reference_type
scores
url http://secunia.com/advisories/24566
2
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/32881
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/32881
3
reference_url http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml
reference_id
reference_type
scores
url http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml
4
reference_url http://www.securityfocus.com/archive/1/462230/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/462230/100/0/threaded
5
reference_url http://www.securityfocus.com/archive/1/462249/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/462249/100/0/threaded
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-1409
reference_id CVE-2007-1409
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2007-1409
17
reference_url https://security.gentoo.org/glsa/200703-23
reference_id GLSA-200703-23
reference_type
scores
url https://security.gentoo.org/glsa/200703-23
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2007-1409
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6baf-6r3v-gub4
6
url VCID-7gbk-16zv-j7f9
vulnerability_id VCID-7gbk-16zv-j7f9
summary WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-6412
reference_id
reference_type
scores
0
value 0.02444
scoring_system epss
scoring_elements 0.85112
published_at 2026-04-01T12:55:00Z
1
value 0.02444
scoring_system epss
scoring_elements 0.85125
published_at 2026-04-02T12:55:00Z
2
value 0.02444
scoring_system epss
scoring_elements 0.85142
published_at 2026-04-04T12:55:00Z
3
value 0.02444
scoring_system epss
scoring_elements 0.85145
published_at 2026-04-07T12:55:00Z
4
value 0.02444
scoring_system epss
scoring_elements 0.85167
published_at 2026-04-08T12:55:00Z
5
value 0.02444
scoring_system epss
scoring_elements 0.85175
published_at 2026-04-09T12:55:00Z
6
value 0.02444
scoring_system epss
scoring_elements 0.8519
published_at 2026-04-11T12:55:00Z
7
value 0.02444
scoring_system epss
scoring_elements 0.85187
published_at 2026-04-12T12:55:00Z
8
value 0.02444
scoring_system epss
scoring_elements 0.85184
published_at 2026-04-13T12:55:00Z
9
value 0.02444
scoring_system epss
scoring_elements 0.85205
published_at 2026-04-16T12:55:00Z
10
value 0.02444
scoring_system epss
scoring_elements 0.85207
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-6412
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2014-6412
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7gbk-16zv-j7f9
7
url VCID-96pa-cg28-cbgy
vulnerability_id VCID-96pa-cg28-cbgy
summary Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN development versions only, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-3233
reference_id
reference_type
scores
0
value 0.0047
scoring_system epss
scoring_elements 0.64626
published_at 2026-04-18T12:55:00Z
1
value 0.0047
scoring_system epss
scoring_elements 0.64498
published_at 2026-04-01T12:55:00Z
2
value 0.0047
scoring_system epss
scoring_elements 0.64551
published_at 2026-04-02T12:55:00Z
3
value 0.0047
scoring_system epss
scoring_elements 0.6458
published_at 2026-04-04T12:55:00Z
4
value 0.0047
scoring_system epss
scoring_elements 0.64538
published_at 2026-04-07T12:55:00Z
5
value 0.0047
scoring_system epss
scoring_elements 0.64586
published_at 2026-04-08T12:55:00Z
6
value 0.0047
scoring_system epss
scoring_elements 0.64602
published_at 2026-04-09T12:55:00Z
7
value 0.0047
scoring_system epss
scoring_elements 0.6462
published_at 2026-04-11T12:55:00Z
8
value 0.0047
scoring_system epss
scoring_elements 0.64607
published_at 2026-04-12T12:55:00Z
9
value 0.0047
scoring_system epss
scoring_elements 0.64579
published_at 2026-04-13T12:55:00Z
10
value 0.0047
scoring_system epss
scoring_elements 0.64614
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-3233
1
reference_url http://trac.wordpress.org/ticket/7220
reference_id
reference_type
scores
url http://trac.wordpress.org/ticket/7220
2
reference_url http://www.openwall.com/lists/oss-security/2008/07/15/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2008/07/15/5
3
reference_url http://www.openwall.com/lists/oss-security/2008/07/16/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2008/07/16/5
4
reference_url http://www.openwall.com/lists/oss-security/2008/07/16/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2008/07/16/6
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:0.6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.6.2:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.6.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:0.6.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.6.2.1:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.7:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.711:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:0.711:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.711:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.3.1:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.4:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5-strayhorn:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.5-strayhorn:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5-strayhorn:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.6:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.10_rc1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.10_rc1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.10_rc1:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.10_rc2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.10_rc2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.10_rc2:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.11:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.8:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.9:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.3:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.3_rc1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.1.3_rc1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.3_rc1:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.3_rc2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.1.3_rc2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.3_rc2:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2_revision5002:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.2_revision5002:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2_revision5002:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2_revision5003:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.2_revision5003:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2_revision5003:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.3:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.3.1:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.3.2:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.3.3:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.5:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-3233
reference_id CVE-2008-3233
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2008-3233
60
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/32053.txt
reference_id CVE-2008-3233;OSVDB-47938
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/32053.txt
61
reference_url https://www.securityfocus.com/bid/30238/info
reference_id CVE-2008-3233;OSVDB-47938
reference_type exploit
scores
url https://www.securityfocus.com/bid/30238/info
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2008-3233
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96pa-cg28-cbgy
8
url VCID-bubm-v7mg-xkcg
vulnerability_id VCID-bubm-v7mg-xkcg
summary WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This affected WordPress 5.8 beta during the testing period. It's fixed in the final 5.8 release.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-39203
reference_id
reference_type
scores
0
value 0.01232
scoring_system epss
scoring_elements 0.79124
published_at 2026-04-01T12:55:00Z
1
value 0.01232
scoring_system epss
scoring_elements 0.79131
published_at 2026-04-02T12:55:00Z
2
value 0.01232
scoring_system epss
scoring_elements 0.79156
published_at 2026-04-04T12:55:00Z
3
value 0.01232
scoring_system epss
scoring_elements 0.79142
published_at 2026-04-07T12:55:00Z
4
value 0.01232
scoring_system epss
scoring_elements 0.79166
published_at 2026-04-08T12:55:00Z
5
value 0.01232
scoring_system epss
scoring_elements 0.79174
published_at 2026-04-13T12:55:00Z
6
value 0.01232
scoring_system epss
scoring_elements 0.79198
published_at 2026-04-11T12:55:00Z
7
value 0.01232
scoring_system epss
scoring_elements 0.79183
published_at 2026-04-12T12:55:00Z
8
value 0.01232
scoring_system epss
scoring_elements 0.792
published_at 2026-04-16T12:55:00Z
9
value 0.01232
scoring_system epss
scoring_elements 0.79197
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-39203
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2021-39203
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bubm-v7mg-xkcg
9
url VCID-c7ej-2svr-uyd3
vulnerability_id VCID-c7ej-2svr-uyd3
summary WordPress Core is vulnerable to Stored Cross-Site Scripting via user display names in the Avatar block in various versions up to 6.5.2 due to insufficient output escaping on the display name. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. In addition, it also makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that have the comment block present and display the comment author's avatar.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-4439
reference_id
reference_type
scores
0
value 0.90817
scoring_system epss
scoring_elements 0.99629
published_at 2026-04-18T12:55:00Z
1
value 0.91499
scoring_system epss
scoring_elements 0.99669
published_at 2026-04-12T12:55:00Z
2
value 0.91499
scoring_system epss
scoring_elements 0.99671
published_at 2026-04-16T12:55:00Z
3
value 0.91499
scoring_system epss
scoring_elements 0.9967
published_at 2026-04-13T12:55:00Z
4
value 0.91499
scoring_system epss
scoring_elements 0.99668
published_at 2026-04-07T12:55:00Z
5
value 0.91805
scoring_system epss
scoring_elements 0.99686
published_at 2026-04-04T12:55:00Z
6
value 0.91805
scoring_system epss
scoring_elements 0.99685
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-4439
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069091
reference_id 1069091
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069091
2
reference_url https://core.trac.wordpress.org/changeset/57951/branches/6.4/src/wp-includes/blocks/avatar.php
reference_id avatar.php
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:37:57Z/
url https://core.trac.wordpress.org/changeset/57951/branches/6.4/src/wp-includes/blocks/avatar.php
3
reference_url https://core.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=57950%40%2F&new=57950%40%2F&sfp_email=&sfph_mail=#file3
reference_id changeset?sfp_email=&sfph_mail=&reponame=&old=57950%40%2F&new=57950%40%2F&sfp_email=&sfph_mail=#file3
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:37:57Z/
url https://core.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=57950%40%2F&new=57950%40%2F&sfp_email=&sfph_mail=#file3
4
reference_url https://www.wordfence.com/threat-intel/vulnerabilities/id/e363c09a-4381-4b3a-951c-9a0ff5669016?source=cve
reference_id e363c09a-4381-4b3a-951c-9a0ff5669016?source=cve
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:37:57Z/
url https://www.wordfence.com/threat-intel/vulnerabilities/id/e363c09a-4381-4b3a-951c-9a0ff5669016?source=cve
5
reference_url https://www.wordfence.com/blog/2024/04/unauthenticated-stored-cross-site-scripting-vulnerability-patched-in-wordpress-core/
reference_id unauthenticated-stored-cross-site-scripting-vulnerability-patched-in-wordpress-core
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:37:57Z/
url https://www.wordfence.com/blog/2024/04/unauthenticated-stored-cross-site-scripting-vulnerability-patched-in-wordpress-core/
6
reference_url https://wordpress.org/news/2024/04/wordpress-6-5-2-maintenance-and-security-release/
reference_id wordpress-6-5-2-maintenance-and-security-release
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:37:57Z/
url https://wordpress.org/news/2024/04/wordpress-6-5-2-maintenance-and-security-release/
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.5.2%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.5.2%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.5.2%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2024-4439
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c7ej-2svr-uyd3
10
url VCID-dv3a-7kct-xqh6
vulnerability_id VCID-dv3a-7kct-xqh6
summary Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Automattic WordPress allows Relative Path Traversal.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from 6.1 through 6.1.6, from 6.0 through 6.0.8, from 5.9 through 5.9.9, from 5.8 through 5.8.9, from 5.7 through 5.7.11, from 5.6 through 5.6.13, from 5.5 through 5.5.14, from 5.4 through 5.4.15, from 5.3 through 5.3.17, from 5.2 through 5.2.20, from 5.1 through 5.1.18, from 5.0 through 5.0.21, from 4.9 through 4.9.25, from 4.8 through 4.8.24, from 4.7 through 4.7.28, from 4.6 through 4.6.28, from 4.5 through 4.5.31, from 4.4 through 4.4.32, from 4.3 through 4.3.33, from 4.2 through 4.2.37, from 4.1 through 4.1.40.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32111
reference_id
reference_type
scores
0
value 0.00406
scoring_system epss
scoring_elements 0.61128
published_at 2026-04-18T12:55:00Z
1
value 0.00406
scoring_system epss
scoring_elements 0.61113
published_at 2026-04-11T12:55:00Z
2
value 0.00406
scoring_system epss
scoring_elements 0.611
published_at 2026-04-12T12:55:00Z
3
value 0.00406
scoring_system epss
scoring_elements 0.6108
published_at 2026-04-13T12:55:00Z
4
value 0.00406
scoring_system epss
scoring_elements 0.61122
published_at 2026-04-16T12:55:00Z
5
value 0.00406
scoring_system epss
scoring_elements 0.61033
published_at 2026-04-02T12:55:00Z
6
value 0.00406
scoring_system epss
scoring_elements 0.61062
published_at 2026-04-04T12:55:00Z
7
value 0.00406
scoring_system epss
scoring_elements 0.61028
published_at 2026-04-07T12:55:00Z
8
value 0.00406
scoring_system epss
scoring_elements 0.61076
published_at 2026-04-08T12:55:00Z
9
value 0.00406
scoring_system epss
scoring_elements 0.61092
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32111
1
reference_url https://wordpress.org/news/2024/06/wordpress-6-5-5/
reference_id wordpress-6-5-5
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:40:36Z/
url https://wordpress.org/news/2024/06/wordpress-6-5-5/
2
reference_url https://patchstack.com/database/vulnerability/wordpress/wordpress-core-6-5-5-contributor-arbitrary-html-file-read-windows-only-vulnerability?_s_id=cve
reference_id wordpress-core-6-5-5-contributor-arbitrary-html-file-read-windows-only-vulnerability?_s_id=cve
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:40:36Z/
url https://patchstack.com/database/vulnerability/wordpress/wordpress-core-6-5-5-contributor-arbitrary-html-file-read-windows-only-vulnerability?_s_id=cve
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2024-32111
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dv3a-7kct-xqh6
11
url VCID-j33g-aex7-uke8
vulnerability_id VCID-j33g-aex7-uke8
summary The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function.
references
0
reference_url http://marc.info/?l=bugtraq&m=113028858316430&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=113028858316430&w=2
1
reference_url http://marc.info/?l=bugtraq&m=113062897231412&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=113062897231412&w=2
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-3330
reference_id
reference_type
scores
0
value 0.23773
scoring_system epss
scoring_elements 0.96022
published_at 2026-04-18T12:55:00Z
1
value 0.23773
scoring_system epss
scoring_elements 0.95971
published_at 2026-04-01T12:55:00Z
2
value 0.23773
scoring_system epss
scoring_elements 0.95978
published_at 2026-04-02T12:55:00Z
3
value 0.23773
scoring_system epss
scoring_elements 0.95985
published_at 2026-04-04T12:55:00Z
4
value 0.23773
scoring_system epss
scoring_elements 0.95989
published_at 2026-04-07T12:55:00Z
5
value 0.23773
scoring_system epss
scoring_elements 0.95999
published_at 2026-04-08T12:55:00Z
6
value 0.23773
scoring_system epss
scoring_elements 0.96001
published_at 2026-04-09T12:55:00Z
7
value 0.23773
scoring_system epss
scoring_elements 0.96005
published_at 2026-04-12T12:55:00Z
8
value 0.23773
scoring_system epss
scoring_elements 0.96007
published_at 2026-04-13T12:55:00Z
9
value 0.23773
scoring_system epss
scoring_elements 0.96017
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-3330
3
reference_url http://secunia.com/advisories/17330
reference_id
reference_type
scores
url http://secunia.com/advisories/17330
4
reference_url http://secunia.com/advisories/17455
reference_id
reference_type
scores
url http://secunia.com/advisories/17455
5
reference_url http://secunia.com/advisories/17779
reference_id
reference_type
scores
url http://secunia.com/advisories/17779
6
reference_url http://secunia.com/advisories/17887
reference_id
reference_type
scores
url http://secunia.com/advisories/17887
7
reference_url http://securityreason.com/securityalert/117
reference_id
reference_type
scores
url http://securityreason.com/securityalert/117
8
reference_url http://securitytracker.com/id?1015104
reference_id
reference_type
scores
url http://securitytracker.com/id?1015104
9
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/22874
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/22874
10
reference_url http://sourceforge.net/project/shownotes.php?release_id=368750
reference_id
reference_type
scores
url http://sourceforge.net/project/shownotes.php?release_id=368750
11
reference_url http://sourceforge.net/project/shownotes.php?release_id=375385
reference_id
reference_type
scores
url http://sourceforge.net/project/shownotes.php?release_id=375385
12
reference_url https://svn.ampache.org/branches/3.3.1/docs/CHANGELOG
reference_id
reference_type
scores
url https://svn.ampache.org/branches/3.3.1/docs/CHANGELOG
13
reference_url http://www.osvdb.org/20316
reference_id
reference_type
scores
url http://www.osvdb.org/20316
14
reference_url http://www.securityfocus.com/bid/15213
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/15213
15
reference_url http://www.vupen.com/english/advisories/2005/2202
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2005/2202
16
reference_url http://www.vupen.com/english/advisories/2005/2335
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2005/2335
17
reference_url http://www.vupen.com/english/advisories/2005/2727
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2005/2727
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:snoopy:snoopy:1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:snoopy:snoopy:1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:snoopy:snoopy:1.2:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2005-3330
reference_id CVE-2005-3330
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2005-3330
20
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/26424.txt
reference_id CVE-2005-3330;OSVDB-20316
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/26424.txt
21
reference_url https://www.securityfocus.com/bid/15213/info
reference_id CVE-2005-3330;OSVDB-20316
reference_type exploit
scores
url https://www.securityfocus.com/bid/15213/info
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2005-3330
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j33g-aex7-uke8
12
url VCID-j4bb-d6da-w3de
vulnerability_id VCID-j4bb-d6da-w3de
summary Auth. Stored (contributor+) Cross-Site Scripting (XSS) vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin <= 16.8.0 versions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38000
reference_id
reference_type
scores
0
value 0.00347
scoring_system epss
scoring_elements 0.57277
published_at 2026-04-02T12:55:00Z
1
value 0.00347
scoring_system epss
scoring_elements 0.573
published_at 2026-04-04T12:55:00Z
2
value 0.00347
scoring_system epss
scoring_elements 0.57276
published_at 2026-04-07T12:55:00Z
3
value 0.00347
scoring_system epss
scoring_elements 0.57327
published_at 2026-04-08T12:55:00Z
4
value 0.00347
scoring_system epss
scoring_elements 0.57329
published_at 2026-04-09T12:55:00Z
5
value 0.00347
scoring_system epss
scoring_elements 0.57343
published_at 2026-04-11T12:55:00Z
6
value 0.00347
scoring_system epss
scoring_elements 0.57324
published_at 2026-04-12T12:55:00Z
7
value 0.00347
scoring_system epss
scoring_elements 0.57303
published_at 2026-04-13T12:55:00Z
8
value 0.00347
scoring_system epss
scoring_elements 0.5733
published_at 2026-04-16T12:55:00Z
9
value 0.00347
scoring_system epss
scoring_elements 0.57326
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38000
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.6%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.6%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.6%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.3.2%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.3.2%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.3.2%252Bdfsg1-1%3Fdistro=trixie
5
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
6
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2023-38000
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j4bb-d6da-w3de
13
url VCID-jmhr-atwp-5kee
vulnerability_id VCID-jmhr-atwp-5kee
summary WordPress is an open publishing platform for the Web. Unserialization of instances of the `WP_HTML_Token` class allows for code execution via its `__destruct()` magic method. This issue was fixed in WordPress 6.4.2 on December 6th, 2023. Versions prior to 6.4.0 are not affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-31211
reference_id
reference_type
scores
0
value 0.39711
scoring_system epss
scoring_elements 0.97325
published_at 2026-04-18T12:55:00Z
1
value 0.39711
scoring_system epss
scoring_elements 0.97314
published_at 2026-04-13T12:55:00Z
2
value 0.39711
scoring_system epss
scoring_elements 0.97322
published_at 2026-04-16T12:55:00Z
3
value 0.39711
scoring_system epss
scoring_elements 0.97298
published_at 2026-04-02T12:55:00Z
4
value 0.39711
scoring_system epss
scoring_elements 0.97303
published_at 2026-04-07T12:55:00Z
5
value 0.39711
scoring_system epss
scoring_elements 0.9731
published_at 2026-04-09T12:55:00Z
6
value 0.39711
scoring_system epss
scoring_elements 0.97313
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-31211
1
reference_url https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-m257-q4m5-j653
reference_id GHSA-m257-q4m5-j653
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T14:00:20Z/
url https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-m257-q4m5-j653
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.4.2%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.4.2%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.4.2%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2024-31211
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jmhr-atwp-5kee
14
url VCID-pv2z-zrfb-83fy
vulnerability_id VCID-pv2z-zrfb-83fy
summary Cross-site scripting (XSS) vulnerability in index.php in the Blue Memories theme 1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, possibly a related issue to CVE-2007-2757 and CVE-2007-4014. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-4165
reference_id
reference_type
scores
0
value 0.01299
scoring_system epss
scoring_elements 0.79672
published_at 2026-04-01T12:55:00Z
1
value 0.01299
scoring_system epss
scoring_elements 0.79679
published_at 2026-04-02T12:55:00Z
2
value 0.01299
scoring_system epss
scoring_elements 0.79699
published_at 2026-04-04T12:55:00Z
3
value 0.01299
scoring_system epss
scoring_elements 0.79685
published_at 2026-04-07T12:55:00Z
4
value 0.01299
scoring_system epss
scoring_elements 0.79714
published_at 2026-04-08T12:55:00Z
5
value 0.01299
scoring_system epss
scoring_elements 0.7972
published_at 2026-04-09T12:55:00Z
6
value 0.01299
scoring_system epss
scoring_elements 0.79742
published_at 2026-04-11T12:55:00Z
7
value 0.01299
scoring_system epss
scoring_elements 0.79725
published_at 2026-04-12T12:55:00Z
8
value 0.01299
scoring_system epss
scoring_elements 0.79719
published_at 2026-04-13T12:55:00Z
9
value 0.01299
scoring_system epss
scoring_elements 0.79748
published_at 2026-04-16T12:55:00Z
10
value 0.01299
scoring_system epss
scoring_elements 0.79749
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-4165
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2007-4165
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pv2z-zrfb-83fy
15
url VCID-s677-mr1w-q3he
vulnerability_id VCID-s677-mr1w-q3he
summary WordPress 2.1.1, as downloaded from some official distribution sites during February and March 2007, contains an externally introduced backdoor that allows remote attackers to execute arbitrary commands via (1) an eval injection vulnerability in the ix parameter to wp-includes/feed.php, and (2) an untrusted passthru call in the iz parameter to wp-includes/theme.php.
references
0
reference_url http://ifsec.blogspot.com/2007/03/wordpress-code-compromised-to-enable.html
reference_id
reference_type
scores
url http://ifsec.blogspot.com/2007/03/wordpress-code-compromised-to-enable.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1277
reference_id
reference_type
scores
0
value 0.84865
scoring_system epss
scoring_elements 0.99349
published_at 2026-04-18T12:55:00Z
1
value 0.84865
scoring_system epss
scoring_elements 0.99338
published_at 2026-04-01T12:55:00Z
2
value 0.84865
scoring_system epss
scoring_elements 0.99339
published_at 2026-04-02T12:55:00Z
3
value 0.84865
scoring_system epss
scoring_elements 0.99341
published_at 2026-04-04T12:55:00Z
4
value 0.84865
scoring_system epss
scoring_elements 0.99342
published_at 2026-04-07T12:55:00Z
5
value 0.84865
scoring_system epss
scoring_elements 0.99344
published_at 2026-04-09T12:55:00Z
6
value 0.84865
scoring_system epss
scoring_elements 0.99345
published_at 2026-04-11T12:55:00Z
7
value 0.84865
scoring_system epss
scoring_elements 0.99346
published_at 2026-04-12T12:55:00Z
8
value 0.84865
scoring_system epss
scoring_elements 0.99347
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1277
2
reference_url http://secunia.com/advisories/24374
reference_id
reference_type
scores
url http://secunia.com/advisories/24374
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/32804
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/32804
4
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/32807
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/32807
5
reference_url http://wordpress.org/development/2007/03/upgrade-212/
reference_id
reference_type
scores
url http://wordpress.org/development/2007/03/upgrade-212/
6
reference_url http://www.kb.cert.org/vuls/id/214480
reference_id
reference_type
scores
url http://www.kb.cert.org/vuls/id/214480
7
reference_url http://www.kb.cert.org/vuls/id/641456
reference_id
reference_type
scores
url http://www.kb.cert.org/vuls/id/641456
8
reference_url http://www.securityfocus.com/archive/1/461794/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/461794/100/0/threaded
9
reference_url http://www.securityfocus.com/bid/22797
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/22797
10
reference_url http://www.vupen.com/english/advisories/2007/0812
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/0812
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-1277
reference_id CVE-2007-1277
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2007-1277
13
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29701.txt
reference_id CVE-2007-1277;OSVDB-33908
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29701.txt
14
reference_url https://www.securityfocus.com/bid/22797/info
reference_id CVE-2007-1277;OSVDB-33908
reference_type exploit
scores
url https://www.securityfocus.com/bid/22797/info
15
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29702.txt
reference_id CVE-2007-1277;OSVDB-33909
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29702.txt
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2007-1277
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s677-mr1w-q3he
16
url VCID-uwyj-2kgc-zyg6
vulnerability_id VCID-uwyj-2kgc-zyg6
summary WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation guide nor the security guide mentions this default behavior, or alerts the user about security risks on installations with very few visits.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-22622
reference_id
reference_type
scores
0
value 0.08419
scoring_system epss
scoring_elements 0.92308
published_at 2026-04-02T12:55:00Z
1
value 0.08419
scoring_system epss
scoring_elements 0.92313
published_at 2026-04-04T12:55:00Z
2
value 0.08419
scoring_system epss
scoring_elements 0.92316
published_at 2026-04-07T12:55:00Z
3
value 0.08419
scoring_system epss
scoring_elements 0.92328
published_at 2026-04-08T12:55:00Z
4
value 0.08419
scoring_system epss
scoring_elements 0.92332
published_at 2026-04-09T12:55:00Z
5
value 0.08419
scoring_system epss
scoring_elements 0.92337
published_at 2026-04-13T12:55:00Z
6
value 0.08419
scoring_system epss
scoring_elements 0.92339
published_at 2026-04-12T12:55:00Z
7
value 0.08419
scoring_system epss
scoring_elements 0.92348
published_at 2026-04-16T12:55:00Z
8
value 0.08419
scoring_system epss
scoring_elements 0.92347
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-22622
1
reference_url https://www.tenable.com/plugins/was/113449
reference_id 113449
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T18:06:54Z/
url https://www.tenable.com/plugins/was/113449
2
reference_url https://developer.wordpress.org/plugins/cron/
reference_id cron
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T18:06:54Z/
url https://developer.wordpress.org/plugins/cron/
3
reference_url https://wordpress.org/support/article/how-to-install-wordpress/
reference_id how-to-install-wordpress
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T18:06:54Z/
url https://wordpress.org/support/article/how-to-install-wordpress/
4
reference_url https://wordpress.org/about/security/
reference_id security
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T18:06:54Z/
url https://wordpress.org/about/security/
5
reference_url https://patchstack.com/articles/solving-unpredictable-wp-cron-problems-addressing-cve-2023-22622/
reference_id solving-unpredictable-wp-cron-problems-addressing-cve-2023-22622
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T18:06:54Z/
url https://patchstack.com/articles/solving-unpredictable-wp-cron-problems-addressing-cve-2023-22622/
6
reference_url https://medium.com/%40thecpanelguy/the-nightmare-that-is-wpcron-php-ae31c1d3ae30
reference_id the-nightmare-that-is-wpcron-php-ae31c1d3ae30
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T18:06:54Z/
url https://medium.com/%40thecpanelguy/the-nightmare-that-is-wpcron-php-ae31c1d3ae30
7
reference_url https://github.com/WordPress/WordPress/blob/dca7b5204b5fea54e6d1774689777b359a9222ab/wp-cron.php#L5-L8
reference_id wp-cron.php#L5-L8
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T18:06:54Z/
url https://github.com/WordPress/WordPress/blob/dca7b5204b5fea54e6d1774689777b359a9222ab/wp-cron.php#L5-L8
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2023-22622
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uwyj-2kgc-zyg6
17
url VCID-zf8r-75us-nygf
vulnerability_id VCID-zf8r-75us-nygf
summary WordPress core is vulnerable to unauthorized access in versions 6.9 through 6.9.1. The Notes feature (block-level collaboration annotations) was introduced in WordPress 6.9 to allow editorial comments directly on posts in the block editor. However, the REST API `create_item_permissions_check()` method in the comments controller did not verify that the authenticated user has `edit_post` permission on the target post when creating a note. This makes it possible for authenticated attackers with Subscriber-level access to create notes on any post, including posts authored by other users, private posts, and posts in any status.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-3906
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06071
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.061
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06083
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06123
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06162
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06153
published_at 2026-04-11T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07233
published_at 2026-04-18T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07318
published_at 2026-04-12T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07308
published_at 2026-04-13T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07238
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-3906
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131148
reference_id 1131148
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131148
2
reference_url https://core.trac.wordpress.org/changeset/61888
reference_id 61888
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T13:18:15Z/
url https://core.trac.wordpress.org/changeset/61888
3
reference_url https://www.wordfence.com/threat-intel/vulnerabilities/id/a69782f0-aa61-4049-8339-7f27f4b6c36b?source=cve
reference_id a69782f0-aa61-4049-8339-7f27f4b6c36b?source=cve
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T13:18:15Z/
url https://www.wordfence.com/threat-intel/vulnerabilities/id/a69782f0-aa61-4049-8339-7f27f4b6c36b?source=cve
4
reference_url https://core.trac.wordpress.org/browser/trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php#L562
reference_id class-wp-rest-comments-controller.php#L562
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T13:18:15Z/
url https://core.trac.wordpress.org/browser/trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php#L562
fixed_packages
0
url pkg:deb/debian/wordpress@0?distro=trixie
purl pkg:deb/debian/wordpress@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-3906
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zf8r-75us-nygf
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@0%3Fdistro=trixie