Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/wordpress@6.0.2%2Bdfsg1-1?distro=trixie
Typedeb
Namespacedebian
Namewordpress
Version6.0.2+dfsg1-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version6.0.3+dfsg1-1
Latest_non_vulnerable_version6.9.4+dfsg1-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-sszr-mn9y-kkhg
vulnerability_id VCID-sszr-mn9y-kkhg
summary WordPress Core, in versions up to 6.0.2, is vulnerable to Authenticated Stored Cross-Site Scripting that can be exploited by users with access to the WordPress post and page editor, typically consisting of Authors, Contributors, and Editors making it possible to inject arbitrary web scripts into posts and pages that execute if the the_meta(); function is called on that page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4973
reference_id
reference_type
scores
0
value 0.01268
scoring_system epss
scoring_elements 0.79503
published_at 2026-04-21T12:55:00Z
1
value 0.01268
scoring_system epss
scoring_elements 0.79466
published_at 2026-04-08T12:55:00Z
2
value 0.01268
scoring_system epss
scoring_elements 0.79476
published_at 2026-04-09T12:55:00Z
3
value 0.01268
scoring_system epss
scoring_elements 0.79498
published_at 2026-04-11T12:55:00Z
4
value 0.01268
scoring_system epss
scoring_elements 0.79481
published_at 2026-04-12T12:55:00Z
5
value 0.01268
scoring_system epss
scoring_elements 0.79471
published_at 2026-04-13T12:55:00Z
6
value 0.01268
scoring_system epss
scoring_elements 0.79501
published_at 2026-04-16T12:55:00Z
7
value 0.01268
scoring_system epss
scoring_elements 0.79499
published_at 2026-04-18T12:55:00Z
8
value 0.01268
scoring_system epss
scoring_elements 0.79428
published_at 2026-04-02T12:55:00Z
9
value 0.01268
scoring_system epss
scoring_elements 0.79451
published_at 2026-04-04T12:55:00Z
10
value 0.01268
scoring_system epss
scoring_elements 0.79437
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4973
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4973
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4973
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018863
reference_id 1018863
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018863
3
reference_url https://core.trac.wordpress.org/changeset/53961
reference_id 53961
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T12:59:16Z/
url https://core.trac.wordpress.org/changeset/53961
4
reference_url https://www.wordfence.com/threat-intel/vulnerabilities/id/b5582e89-83e6-4898-b9fe-09eddeb5f7ae?source=cve
reference_id b5582e89-83e6-4898-b9fe-09eddeb5f7ae?source=cve
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T12:59:16Z/
url https://www.wordfence.com/threat-intel/vulnerabilities/id/b5582e89-83e6-4898-b9fe-09eddeb5f7ae?source=cve
5
reference_url https://wordpress.org/news/2022/08/wordpress-6-0-2-security-and-maintenance-release/
reference_id wordpress-6-0-2-security-and-maintenance-release
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T12:59:16Z/
url https://wordpress.org/news/2022/08/wordpress-6-0-2-security-and-maintenance-release/
6
reference_url https://www.wordfence.com/blog/2022/08/wordpress-core-6-0-2-security-maintenance-release-what-you-need-to-know/
reference_id wordpress-core-6-0-2-security-maintenance-release-what-you-need-to-know
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T12:59:16Z/
url https://www.wordfence.com/blog/2022/08/wordpress-core-6-0-2-security-maintenance-release-what-you-need-to-know/
fixed_packages
0
url pkg:deb/debian/wordpress@5.7.8%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.8%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.8%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
2
vulnerability VCID-yqam-kpce-dfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/wordpress@6.0.2%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.0.2%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.0.2%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gyaq-8pvh-p7gg
1
vulnerability VCID-jghn-eujf-zbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2022-4973
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sszr-mn9y-kkhg
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.0.2%252Bdfsg1-1%3Fdistro=trixie