Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/wordpress@2.0.2-1?distro=trixie

Type deb

Namespace debian

Name wordpress

Version 2.0.2-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.0.3-1

Latest_non_vulnerable_version 6.9.4+dfsg1-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-ewvz-wnn2-57h2

vulnerability_id VCID-ewvz-wnn2-57h2

summary Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-1263

reference_id

reference_type

scores

value	0.00343
scoring_system	epss
scoring_elements	0.5687
published_at	2026-04-01T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.56967
published_at	2026-04-02T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.56989
published_at	2026-04-04T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.56965
published_at	2026-04-07T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.57015
published_at	2026-04-08T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.57018
published_at	2026-04-09T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.57029
published_at	2026-04-11T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.57009
published_at	2026-04-12T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.56985
published_at	2026-04-13T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.57014
published_at	2026-04-16T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.57011
published_at	2026-04-18T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.56988
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-1263

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1263
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1263

fixed_packages

url	pkg:deb/debian/wordpress@2.0.2-1?distro=trixie
purl	pkg:deb/debian/wordpress@2.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.0.2-1%3Fdistro=trixie

url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

vulnerability	VCID-yqam-kpce-dfg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2006-1263

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ewvz-wnn2-57h2

url VCID-fnf4-fykj-p3f7

vulnerability_id VCID-fnf4-fykj-p3f7

summary WordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) default-filters.php, (2) template-loader.php, (3) rss-functions.php, (4) locale.php, (5) wp-db.php, and (6) kses.php in the wp-includes/ directory; and (7) edit-form-advanced.php, (8) admin-functions.php, (9) edit-link-form.php, (10) edit-page-form.php, (11) admin-footer.php, and (12) menu.php in the wp-admin directory; and possibly (13) list directory contents of the wp-includes directory. NOTE: the vars.php, edit-form.php, wp-settings.php, and edit-form-comment.php vectors are already covered by CVE-2005-4463. The menu-header.php vector is already covered by CVE-2005-2110. Other vectors might be covered by CVE-2005-1688. NOTE: if the typical installation of WordPress does not list any site-specific files to wp-includes, then vector [13] is not an exposure.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-0986

reference_id

reference_type

scores

value	0.02177
scoring_system	epss
scoring_elements	0.84269
published_at	2026-04-01T12:55:00Z

value	0.02177
scoring_system	epss
scoring_elements	0.84282
published_at	2026-04-02T12:55:00Z

value	0.02177
scoring_system	epss
scoring_elements	0.84302
published_at	2026-04-04T12:55:00Z

value	0.02177
scoring_system	epss
scoring_elements	0.84303
published_at	2026-04-07T12:55:00Z

value	0.02177
scoring_system	epss
scoring_elements	0.84324
published_at	2026-04-08T12:55:00Z

value	0.02177
scoring_system	epss
scoring_elements	0.8433
published_at	2026-04-09T12:55:00Z

value	0.02177
scoring_system	epss
scoring_elements	0.84348
published_at	2026-04-11T12:55:00Z

value	0.02177
scoring_system	epss
scoring_elements	0.84341
published_at	2026-04-12T12:55:00Z

value	0.02177
scoring_system	epss
scoring_elements	0.84337
published_at	2026-04-13T12:55:00Z

value	0.02177
scoring_system	epss
scoring_elements	0.84359
published_at	2026-04-16T12:55:00Z

value	0.02177
scoring_system	epss
scoring_elements	0.8436
published_at	2026-04-18T12:55:00Z

value	0.02177
scoring_system	epss
scoring_elements	0.84363
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-0986

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0986
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0986

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=355055
reference_id	355055
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=355055

fixed_packages

url	pkg:deb/debian/wordpress@2.0.2-1?distro=trixie
purl	pkg:deb/debian/wordpress@2.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.0.2-1%3Fdistro=trixie

url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

vulnerability	VCID-yqam-kpce-dfg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2006-0986

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fnf4-fykj-p3f7

url VCID-mcjm-c2c8-dkdp

vulnerability_id VCID-mcjm-c2c8-dkdp

summary Multiple cross-site scripting (XSS) vulnerabilities in the "post comment" functionality of WordPress 2.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) website, and (3) comment parameters.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-0985

reference_id

reference_type

scores

value	0.00891
scoring_system	epss
scoring_elements	0.75491
published_at	2026-04-01T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75494
published_at	2026-04-02T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75525
published_at	2026-04-04T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75505
published_at	2026-04-07T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75547
published_at	2026-04-13T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75557
published_at	2026-04-09T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75577
published_at	2026-04-11T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75556
published_at	2026-04-12T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.7559
published_at	2026-04-16T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75595
published_at	2026-04-18T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75581
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-0985

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0985
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0985

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=355055
reference_id	355055
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=355055

fixed_packages

url	pkg:deb/debian/wordpress@2.0.2-1?distro=trixie
purl	pkg:deb/debian/wordpress@2.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.0.2-1%3Fdistro=trixie

url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

vulnerability	VCID-yqam-kpce-dfg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2006-0985

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mcjm-c2c8-dkdp

url VCID-tugh-42tp-8udr

vulnerability_id VCID-tugh-42tp-8udr

summary Cross-site scripting (XSS) vulnerability in wp-register.php in WordPress 2.0 allows remote attackers to inject arbitrary web script or HTML via the user_login parameter.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-5106

reference_id

reference_type

scores

value	0.00357
scoring_system	epss
scoring_elements	0.57869
published_at	2026-04-01T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.57953
published_at	2026-04-02T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.57972
published_at	2026-04-04T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.57948
published_at	2026-04-07T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.58003
published_at	2026-04-08T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.58005
published_at	2026-04-09T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.58021
published_at	2026-04-11T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.57999
published_at	2026-04-12T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.57979
published_at	2026-04-13T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.58009
published_at	2026-04-16T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.58007
published_at	2026-04-18T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.57985
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-5106

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5106
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5106

fixed_packages

url	pkg:deb/debian/wordpress@2.0.2-1?distro=trixie
purl	pkg:deb/debian/wordpress@2.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.0.2-1%3Fdistro=trixie

url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

vulnerability	VCID-yqam-kpce-dfg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2007-5106

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tugh-42tp-8udr

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.0.2-1%3Fdistro=trixie

Package Instance