Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/942950?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/942950?format=api", "purl": "pkg:deb/debian/wordpress@2.1.3-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "wordpress", "version": "2.1.3-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.2-1", "latest_non_vulnerable_version": "6.9.4+dfsg1-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91687?format=api", "vulnerability_id": "VCID-4sv3-qgzg-eyhn", "summary": "SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.85634", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.85506", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.85518", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.85535", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.8554", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.8556", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.8557", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.85585", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.85582", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.85577", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.856", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.85605", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.85602", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02585", "scoring_system": "epss", "scoring_elements": "0.85623", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1897" }, { "reference_url": "http://secunia.com/advisories/24751", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24751" }, { "reference_url": "http://secunia.com/advisories/25108", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25108" }, { "reference_url": "https://www.exploit-db.com/exploits/3656", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/3656" }, { "reference_url": "http://trac.wordpress.org/ticket/4091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.wordpress.org/ticket/4091" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1285", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1285" }, { "reference_url": "http://www.notsosecure.com/folder2/2007/04/03/wordpress-212-xmlrpc-security-issues/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.notsosecure.com/folder2/2007/04/03/wordpress-212-xmlrpc-security-issues/" }, { "reference_url": "http://www.securityfocus.com/bid/23294", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/23294" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1245", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1245" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1897", "reference_id": "CVE-2007-1897", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1897" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/3656.pl", "reference_id": "OSVDB-34351;CVE-2007-1897", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/3656.pl" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942950?format=api", "purl": "pkg:deb/debian/wordpress@2.1.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-1897" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4sv3-qgzg-eyhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91682?format=api", "vulnerability_id": "VCID-fa64-2upm-rfg5", "summary": "Cross-site scripting (XSS) vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the demo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: another researcher disputes this issue, stating that this is legitimate functionality for administrators. However, it has been patched by at least one vendor", "references": [ { "reference_url": "http://codex.wordpress.org/Roles_and_Capabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://codex.wordpress.org/Roles_and_Capabilities" }, { "reference_url": "http://marc.info/?l=bugtraq&m=117319839710382&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=117319839710382&w=2" }, { "reference_url": "http://osvdb.org/33884", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/33884" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1732", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.6304", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63165", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63143", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63178", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63185", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63099", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63129", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63094", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63146", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63163", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63181", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63946", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63918", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63934", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1732" }, { "reference_url": "http://secunia.com/advisories/24430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24430" }, { "reference_url": "http://secunia.com/advisories/24566", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24566" }, { "reference_url": "http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1732", "reference_id": "CVE-2007-1732", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1732" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942950?format=api", "purl": "pkg:deb/debian/wordpress@2.1.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-1732" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fa64-2upm-rfg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91686?format=api", "vulnerability_id": "VCID-n2ep-cw4n-gkda", "summary": "Cross-site scripting (XSS) vulnerability in wp-includes/general-template.php in WordPress before 20070309 allows remote attackers to inject arbitrary web script or HTML via the year parameter in the wp_title function.", "references": [ { "reference_url": "http://chxsecurity.org/advisories/adv-1-mid.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://chxsecurity.org/advisories/adv-1-mid.txt" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1894", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.90346", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.90275", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.90277", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.90291", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.90296", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.9031", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.90317", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.90325", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.90324", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.90318", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.90334", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.90332", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05601", "scoring_system": "epss", "scoring_elements": "0.90347", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1894" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1894", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1894" }, { "reference_url": "http://secunia.com/advisories/24485", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24485" }, { "reference_url": "http://secunia.com/advisories/25108", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25108" }, { "reference_url": "http://securityreason.com/securityalert/2526", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/2526" }, { "reference_url": "http://trac.wordpress.org/changeset/5003", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.wordpress.org/changeset/5003" }, { "reference_url": "http://trac.wordpress.org/ticket/4093", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.wordpress.org/ticket/4093" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1285", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1285" }, { "reference_url": "http://www.securityfocus.com/archive/1/462374/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/462374/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/22902", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/22902" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2_revision5002:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.2_revision5002:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.2_revision5002:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1894", "reference_id": "CVE-2007-1894", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1894" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942950?format=api", "purl": "pkg:deb/debian/wordpress@2.1.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-1894" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n2ep-cw4n-gkda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91755?format=api", "vulnerability_id": "VCID-sz3u-x51u-r3dn", "summary": "Cross-site scripting (XSS) vulnerability in index.php in the WordPress Classic 1.5 theme in WordPress before 2.1.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4483", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.63958", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64016", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64043", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64003", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64054", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64071", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00503", "scoring_system": "epss", "scoring_elements": "0.6614", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00503", "scoring_system": "epss", "scoring_elements": "0.66128", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00503", "scoring_system": "epss", "scoring_elements": "0.66098", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00503", "scoring_system": "epss", "scoring_elements": "0.66133", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00503", "scoring_system": "epss", "scoring_elements": "0.66147", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00503", "scoring_system": "epss", "scoring_elements": "0.66135", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00503", "scoring_system": "epss", "scoring_elements": "0.66156", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00503", "scoring_system": "epss", "scoring_elements": "0.66167", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4483" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942950?format=api", "purl": "pkg:deb/debian/wordpress@2.1.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-4483" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sz3u-x51u-r3dn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91680?format=api", "vulnerability_id": "VCID-vchz-vuh2-cfd9", "summary": "Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression processing of PHP_SELF.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1622", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87222", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87129", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.8714", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87156", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87153", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87173", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87181", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87194", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87188", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87184", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87199", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87204", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87198", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87217", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1622" }, { "reference_url": "http://secunia.com/advisories/24567", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24567" }, { "reference_url": "http://secunia.com/advisories/25108", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25108" }, { "reference_url": "http://sla.ckers.org/forum/read.php?2%2C7935#msg-8006", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sla.ckers.org/forum/read.php?2%2C7935#msg-8006" }, { "reference_url": "http://www.buayacorp.com/files/wordpress/wordpress-advisory.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.buayacorp.com/files/wordpress/wordpress-advisory.txt" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1285", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1285" }, { "reference_url": "http://www.securityfocus.com/bid/23027", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/23027" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1005", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1005" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.10_rc1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.10_rc1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.10_rc1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.3_rc1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:2.1.3_rc1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.1.3_rc1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1622", "reference_id": "CVE-2007-1622", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1622" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29754.html", "reference_id": "CVE-2007-1622;OSVDB-34348", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29754.html" }, { "reference_url": "https://www.securityfocus.com/bid/23027/info", "reference_id": "CVE-2007-1622;OSVDB-34348", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/23027/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942950?format=api", "purl": "pkg:deb/debian/wordpress@2.1.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-1622" ], "risk_score": 7.8, "exploitability": "2.0", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vchz-vuh2-cfd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91685?format=api", "vulnerability_id": "VCID-wtuc-n99m-fyby", "summary": "xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users with the contributor role to bypass intended access restrictions and invoke the publish_posts functionality, which can be used to \"publish a previously saved post.\"", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1893", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40566", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40678", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40762", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40789", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40714", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40763", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.4077", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40755", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40736", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40781", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40751", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40674", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40578", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1893" }, { "reference_url": "http://secunia.com/advisories/24751", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24751" }, { "reference_url": "http://secunia.com/advisories/25108", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25108" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33470" }, { "reference_url": "http://trac.wordpress.org/ticket/4091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.wordpress.org/ticket/4091" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1285", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1285" }, { "reference_url": "http://www.notsosecure.com/folder2/2007/04/03/wordpress-212-xmlrpc-security-issues/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.notsosecure.com/folder2/2007/04/03/wordpress-212-xmlrpc-security-issues/" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1245", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1245" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1893", "reference_id": "CVE-2007-1893", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1893" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942950?format=api", "purl": "pkg:deb/debian/wordpress@2.1.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942927?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-yqam-kpce-dfg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942925?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942929?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942928?format=api", "purl": "pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-1893" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wtuc-n99m-fyby" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.3-1%3Fdistro=trixie" }