Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/wordpress@5.8.1%2Bdfsg1-1?distro=trixie

Type deb

Namespace debian

Name wordpress

Version 5.8.1+dfsg1-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 5.8.3+dfsg1-1

Latest_non_vulnerable_version 6.9.4+dfsg1-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-47he-853j-8qdn

vulnerability_id VCID-47he-853j-8qdn

summary WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under certain conditions, which can include data like nonces. It can then be used to perform actions on your behalf. This has been patched in WordPress 5.8.1, along with any older affected versions via minor releases. It's strongly recommended that you keep auto-updates enabled to receive the fix.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-39200

reference_id

reference_type

scores

value	0.01767
scoring_system	epss
scoring_elements	0.8271
published_at	2026-04-29T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82563
published_at	2026-04-01T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82578
published_at	2026-04-02T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82593
published_at	2026-04-04T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82589
published_at	2026-04-07T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82615
published_at	2026-04-08T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82623
published_at	2026-04-09T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82641
published_at	2026-04-11T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82635
published_at	2026-04-12T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82631
published_at	2026-04-13T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82669
published_at	2026-04-18T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82672
published_at	2026-04-21T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82694
published_at	2026-04-24T12:55:00Z

value	0.01767
scoring_system	epss
scoring_elements	0.82704
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-39200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39200

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994060
reference_id	994060
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994060

reference_url

https://security.archlinux.org/AVG-2373

reference_id

AVG-2373

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2373

fixed_packages

url	pkg:deb/debian/wordpress@5.7.3%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/wordpress@5.7.3%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.3%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

vulnerability	VCID-yqam-kpce-dfg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@5.8.1%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/wordpress@5.8.1%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.8.1%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2021-39200

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-47he-853j-8qdn

url VCID-azyj-28v6-ufhg

vulnerability_id VCID-azyj-28v6-ufhg

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-39201

reference_id

reference_type

scores

value	0.00495
scoring_system	epss
scoring_elements	0.65694
published_at	2026-04-01T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65743
published_at	2026-04-02T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65773
published_at	2026-04-04T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65738
published_at	2026-04-07T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65791
published_at	2026-04-08T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65802
published_at	2026-04-09T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65822
published_at	2026-04-11T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65808
published_at	2026-04-12T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65778
published_at	2026-04-13T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65812
published_at	2026-04-16T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65826
published_at	2026-04-24T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65813
published_at	2026-04-21T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65836
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-39201

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39201
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39201

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994059
reference_id	994059
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994059

fixed_packages

url	pkg:deb/debian/wordpress@5.7.3%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/wordpress@5.7.3%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.3%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

vulnerability	VCID-yqam-kpce-dfg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@5.8.1%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/wordpress@5.8.1%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.8.1%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2021-39201

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-azyj-28v6-ufhg

url VCID-yqam-kpce-dfg7

vulnerability_id VCID-yqam-kpce-dfg7

summary WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming constraints of the WordPress.org Plugin Directory but is not yet present in that directory.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-44223

reference_id

reference_type

scores

value	0.27489
scoring_system	epss
scoring_elements	0.96388
published_at	2026-04-01T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.96395
published_at	2026-04-02T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.96399
published_at	2026-04-04T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.96402
published_at	2026-04-07T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.96411
published_at	2026-04-08T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.96414
published_at	2026-04-09T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.96419
published_at	2026-04-11T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.9642
published_at	2026-04-12T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.96423
published_at	2026-04-13T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.9643
published_at	2026-04-16T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.96434
published_at	2026-04-18T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.96435
published_at	2026-04-21T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.96436
published_at	2026-04-24T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.96437
published_at	2026-04-26T12:55:00Z

value	0.27489
scoring_system	epss
scoring_elements	0.96439
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-44223

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44223
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44223

fixed_packages

url	pkg:deb/debian/wordpress@5.8.1%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/wordpress@5.8.1%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.8.1%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gyaq-8pvh-p7gg

vulnerability	VCID-jghn-eujf-zbdn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2021-44223

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yqam-kpce-dfg7

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.8.1%252Bdfsg1-1%3Fdistro=trixie

Package Instance