Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/942949?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/942949?format=api", "purl": "pkg:deb/debian/wordpress@2.2.2-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "wordpress", "version": "2.2.2-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.2.3-1", "latest_non_vulnerable_version": "6.9.4+dfsg1-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91720?format=api", "vulnerability_id": "VCID-1cp7-76kz-47ed", "summary": "Cross-site scripting (XSS) vulnerability in functions.php in the default theme in WordPress 2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the PATH_INFO (REQUEST_URI) to wp-admin/themes.php, a different vulnerability than CVE-2007-1622. NOTE: this might not cross privilege boundaries in some configurations, since the Administrator role has the unfiltered_html capability.", "references": [ { "reference_url": "http://blogsecurity.net/wordpress/news/news-100607-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blogsecurity.net/wordpress/news/news-100607-1/" }, { "reference_url": "http://codex.wordpress.org/Roles_and_Capabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://codex.wordpress.org/Roles_and_Capabilities" }, { "reference_url": "http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/" }, { "reference_url": "http://osvdb.org/37293", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/37293" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3238", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01473", "scoring_system": "epss", "scoring_elements": "0.8098", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01473", "scoring_system": "epss", "scoring_elements": "0.80882", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01473", "scoring_system": "epss", "scoring_elements": "0.80891", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01473", "scoring_system": "epss", "scoring_elements": "0.80914", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01473", "scoring_system": "epss", "scoring_elements": "0.80911", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01473", "scoring_system": "epss", "scoring_elements": "0.80939", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01473", "scoring_system": "epss", "scoring_elements": "0.80948", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01473", "scoring_system": "epss", "scoring_elements": "0.80964", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01473", "scoring_system": "epss", "scoring_elements": "0.8095", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01473", "scoring_system": "epss", "scoring_elements": "0.80942", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01473", "scoring_system": "epss", "scoring_elements": "0.80978", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01473", "scoring_system": "epss", "scoring_elements": "0.80979", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3238" }, { "reference_url": "http://secunia.com/advisories/25541/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25541/" }, { "reference_url": "http://secunia.com/advisories/29014", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/29014" }, { "reference_url": "http://securityreason.com/securityalert/2807", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/2807" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34785" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1502", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1502" }, { "reference_url": "http://www.securityfocus.com/archive/1/470837/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/470837/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/25161", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/25161" }, { "reference_url": "http://www.xssnews.com/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.xssnews.com/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3238", "reference_id": "CVE-2007-3238", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3238" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942949?format=api", "purl": "pkg:deb/debian/wordpress@2.2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-3238" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1cp7-76kz-47ed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91727?format=api", "vulnerability_id": "VCID-6npq-by6g-cqg8", "summary": "WordPress before 2.2.2 allows remote attackers to redirect visitors to other websites and potentially obtain sensitive information via (1) the _wp_http_referer parameter to wp-pass.php, related to the wp_get_referer function in wp-includes/functions.php; and possibly other vectors related to (2) wp-includes/pluggable.php and (3) the wp_nonce_ays function in wp-includes/functions.php.", "references": [ { "reference_url": "http://osvdb.org/40802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/40802" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3639", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01146", "scoring_system": "epss", "scoring_elements": "0.7848", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01146", "scoring_system": "epss", "scoring_elements": "0.78406", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01146", "scoring_system": "epss", "scoring_elements": "0.78413", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01146", "scoring_system": "epss", "scoring_elements": "0.78444", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01146", "scoring_system": "epss", "scoring_elements": "0.78427", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01146", "scoring_system": "epss", "scoring_elements": "0.78453", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01146", "scoring_system": "epss", "scoring_elements": "0.78458", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01146", "scoring_system": "epss", "scoring_elements": "0.78483", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01146", "scoring_system": "epss", "scoring_elements": "0.78465", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01146", "scoring_system": "epss", "scoring_elements": "0.78457", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01146", "scoring_system": "epss", "scoring_elements": "0.78485", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01146", "scoring_system": "epss", "scoring_elements": "0.78484", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3639" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3639", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3639" }, { "reference_url": "http://secunia.com/advisories/30013", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30013" }, { "reference_url": "http://securityreason.com/securityalert/2869", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/2869" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35272", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35272" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1564", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1564" }, { "reference_url": "http://www.securityfocus.com/archive/1/472885/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/472885/100/0/threaded" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3639", "reference_id": "CVE-2007-3639", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3639" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942949?format=api", "purl": "pkg:deb/debian/wordpress@2.2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-3639" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6npq-by6g-cqg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91679?format=api", "vulnerability_id": "VCID-7kjc-hwqu-wufc", "summary": "wp-login.php in WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information via the redirect_to parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1599", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01385", "scoring_system": "epss", "scoring_elements": "0.80261", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01385", "scoring_system": "epss", "scoring_elements": "0.80316", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01385", "scoring_system": "epss", "scoring_elements": "0.80334", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01385", "scoring_system": "epss", "scoring_elements": "0.8032", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01385", "scoring_system": "epss", "scoring_elements": "0.80313", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01385", "scoring_system": "epss", "scoring_elements": "0.80268", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01385", "scoring_system": "epss", "scoring_elements": "0.80289", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01385", "scoring_system": "epss", "scoring_elements": "0.80277", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01385", "scoring_system": "epss", "scoring_elements": "0.80305", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01438", "scoring_system": "epss", "scoring_elements": "0.80744", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01438", "scoring_system": "epss", "scoring_elements": "0.80746", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01438", "scoring_system": "epss", "scoring_elements": "0.80743", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1599" }, { "reference_url": "http://secunia.com/advisories/30960", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30960" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1601", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1601" }, { "reference_url": "http://www.metaeye.org/advisories/40", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.metaeye.org/advisories/40" }, { "reference_url": "http://www.securityfocus.com/archive/1/463291/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/463291/100/0/threaded" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437085", "reference_id": "437085", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437085" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1599", "reference_id": "CVE-2007-1599", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1599" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942949?format=api", "purl": "pkg:deb/debian/wordpress@2.2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-1599" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7kjc-hwqu-wufc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91738?format=api", "vulnerability_id": "VCID-8sa8-xkg1-ybbm", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the Options Database Table in the Admin Panel, accessed through options.php; or (2) the opml_url parameter to link-import.php. NOTE: this might not cross privilege boundaries in some configurations, since the Administrator role has the unfiltered_html capability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66172", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66212", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66239", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66209", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66257", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.6627", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.6629", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66246", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.6628", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66296", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4153" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4153", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4153" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942949?format=api", "purl": "pkg:deb/debian/wordpress@2.2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-4153" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8sa8-xkg1-ybbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91739?format=api", "vulnerability_id": "VCID-cut3-n4rz-jqf7", "summary": "SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administrators to execute arbitrary SQL commands via the page_options parameter to (1) options-general.php, (2) options-writing.php, (3) options-reading.php, (4) options-discussion.php, (5) options-privacy.php, (6) options-permalink.php, (7) options-misc.php, and possibly other unspecified components.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4154", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.74534", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.74538", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.74565", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.74539", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.74571", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.74587", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.7461", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.7459", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.74582", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.74619", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.74626", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.74617", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4154" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942949?format=api", "purl": "pkg:deb/debian/wordpress@2.2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-4154" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cut3-n4rz-jqf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91702?format=api", "vulnerability_id": "VCID-nztu-n4pg-p3be", "summary": "Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, when custom 404 pages that call get_sidebar are used, allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF), a different vulnerability than CVE-2007-1622.", "references": [ { "reference_url": "http://osvdb.org/37296", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/37296" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-2627", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01033", "scoring_system": "epss", "scoring_elements": "0.77387", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01033", "scoring_system": "epss", "scoring_elements": "0.77297", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01033", "scoring_system": "epss", "scoring_elements": "0.77304", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01033", "scoring_system": "epss", "scoring_elements": "0.77332", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01033", "scoring_system": "epss", "scoring_elements": "0.77313", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01033", "scoring_system": "epss", "scoring_elements": "0.77343", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01033", "scoring_system": "epss", "scoring_elements": "0.77352", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01033", "scoring_system": "epss", "scoring_elements": "0.77379", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01033", "scoring_system": "epss", "scoring_elements": "0.77359", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01033", "scoring_system": "epss", "scoring_elements": "0.77355", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01033", "scoring_system": "epss", "scoring_elements": "0.77395", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01033", "scoring_system": "epss", "scoring_elements": "0.77394", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-2627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2627" }, { "reference_url": "http://securityreason.com/securityalert/2694", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/2694" }, { "reference_url": "http://www.securityfocus.com/archive/1/467360/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/467360/100/0/threaded" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2627", "reference_id": "CVE-2007-2627", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2627" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942949?format=api", "purl": "pkg:deb/debian/wordpress@2.2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-2627" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nztu-n4pg-p3be" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91726?format=api", "vulnerability_id": "VCID-wzb1-au3p-uuas", "summary": "Unrestricted file upload vulnerability in (1) wp-app.php and (2) app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wp_postmeta table and the use of custom fields in normal (non-attachment) posts. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-3543.", "references": [ { "reference_url": "http://osvdb.org/37294", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/37294" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79216", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79143", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79149", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79174", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.7916", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79193", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79217", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79219", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3544" }, { "reference_url": "http://www.buayacorp.com/files/wordpress/wordpress-advisory.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.buayacorp.com/files/wordpress/wordpress-advisory.html" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress_mu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress_mu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3544", "reference_id": "CVE-2007-3544", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3544" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942949?format=api", "purl": "pkg:deb/debian/wordpress@2.2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-3544" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wzb1-au3p-uuas" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.2.2-1%3Fdistro=trixie" }