Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/995232?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "type": "deb", "namespace": "debian", "name": "wordpress", "version": "5.7.11+dfsg1-0+deb11u1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "6.8.3+dfsg1-0+deb13u1", "latest_non_vulnerable_version": "6.8.3+dfsg1-0+deb13u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96062?format=api", "vulnerability_id": "VCID-4g2n-5v12-yuff", "summary": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic WordPress allows Stored XSS.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from 6.1 through 6.1.6, from 6.0 through 6.0.8, from 5.9 through 5.9.9.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31111", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62759", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62763", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62753", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.6277", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62778", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62714", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62677", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62729", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62746", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31111" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074486", "reference_id": "1074486", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074486" }, { "reference_url": "https://wordpress.org/news/2024/06/wordpress-6-5-5/", "reference_id": "wordpress-6-5-5", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T13:49:17Z/" } ], "url": "https://wordpress.org/news/2024/06/wordpress-6-5-5/" }, { "reference_url": "https://patchstack.com/database/vulnerability/wordpress/wordpress-wordpress-core-core-6-5-5-cross-site-scripting-xss-via-template-part-vulnerability?_s_id=cve", "reference_id": "wordpress-wordpress-core-core-6-5-5-cross-site-scripting-xss-via-template-part-vulnerability?_s_id=cve", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T13:49:17Z/" } ], "url": "https://patchstack.com/database/vulnerability/wordpress/wordpress-wordpress-core-core-6-5-5-cross-site-scripting-xss-via-template-part-vulnerability?_s_id=cve" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995233?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1" } ], "aliases": [ "CVE-2024-31111" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4g2n-5v12-yuff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96811?format=api", "vulnerability_id": "VCID-532z-9qbb-dyfw", "summary": "Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to exploit it. This issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58246", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11038", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11054", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11022", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10856", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10869", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11099", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.1092", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10997", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.1105", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1197", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58246" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58246", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58246" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117047", "reference_id": "1117047", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117047" }, { "reference_url": "https://wordpress.org/news/2025/09/wordpress-6-8-3-release/", "reference_id": "wordpress-6-8-3-release", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T18:30:39Z/" } ], "url": "https://wordpress.org/news/2025/09/wordpress-6-8-3-release/" }, { "reference_url": "https://patchstack.com/database/wordpress/wordpress/wordpress/vulnerability/wordpress-wordpress-wordpress-6-8-2-sensitive-data-exposure-vulnerability?_s_id=cve", "reference_id": "wordpress-wordpress-wordpress-6-8-2-sensitive-data-exposure-vulnerability?_s_id=cve", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T18:30:39Z/" } ], "url": "https://patchstack.com/database/wordpress/wordpress/wordpress/vulnerability/wordpress-wordpress-wordpress-6-8-2-sensitive-data-exposure-vulnerability?_s_id=cve" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995233?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1" } ], "aliases": [ "CVE-2025-58246" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-532z-9qbb-dyfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92449?format=api", "vulnerability_id": "VCID-gyaq-8pvh-p7gg", "summary": "WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a WordPress site from a web host that uses a recent PHP version to a different web host that uses PHP 5.2. These use cases are plausible (but very unlikely) based on statistics showing widespread deployment of WordPress with obsolete PHP versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6707", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39807", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39887", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39744", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39893", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39921", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39843", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39899", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39912", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39886", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39867", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39917", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6707" }, { "reference_url": "https://core.trac.wordpress.org/ticket/21022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://core.trac.wordpress.org/ticket/21022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6707", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6707" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880868", "reference_id": "880868", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880868" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6707", "reference_id": "CVE-2012-6707", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6707" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995234?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1" } ], "aliases": [ "CVE-2012-6707" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gyaq-8pvh-p7gg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95884?format=api", "vulnerability_id": "VCID-jghn-eujf-zbdn", "summary": "WordPress Core is vulnerable to Sensitive Information Exposure in versions up to, and including, 6.4.3 via the redirect_guess_404_permalink function. This can allow unauthenticated attackers to expose the slug of a custom post whose 'publicly_queryable' post status has been set to 'false'.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00855", "scoring_system": "epss", "scoring_elements": "0.74935", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00855", "scoring_system": "epss", "scoring_elements": "0.74907", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00855", "scoring_system": "epss", "scoring_elements": "0.7499", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00855", "scoring_system": "epss", "scoring_elements": "0.74983", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00855", "scoring_system": "epss", "scoring_elements": "0.74946", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00855", "scoring_system": "epss", "scoring_elements": "0.74956", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00855", "scoring_system": "epss", "scoring_elements": "0.74977", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00855", "scoring_system": "epss", "scoring_elements": "0.74954", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00855", "scoring_system": "epss", "scoring_elements": "0.74942", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00855", "scoring_system": "epss", "scoring_elements": "0.74908", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77617", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5692" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5692" }, { "reference_url": "https://core.trac.wordpress.org/changeset/57645", "reference_id": "57645", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:58:59Z/" } ], "url": "https://core.trac.wordpress.org/changeset/57645" }, { "reference_url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6e6f993b-ce09-4050-84a1-cbe9953f36b1?source=cve", "reference_id": "6e6f993b-ce09-4050-84a1-cbe9953f36b1?source=cve", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:58:59Z/" } ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6e6f993b-ce09-4050-84a1-cbe9953f36b1?source=cve" }, { "reference_url": "https://github.com/WordPress/wordpress-develop/blob/6.3/src/wp-includes/canonical.php#L763", "reference_id": "canonical.php#L763", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:58:59Z/" } ], "url": "https://github.com/WordPress/wordpress-develop/blob/6.3/src/wp-includes/canonical.php#L763" }, { "reference_url": "https://developer.wordpress.org/reference/functions/is_post_publicly_viewable/", "reference_id": "is_post_publicly_viewable", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:58:59Z/" } ], "url": "https://developer.wordpress.org/reference/functions/is_post_publicly_viewable/" }, { "reference_url": "https://developer.wordpress.org/reference/functions/is_post_type_viewable/", "reference_id": "is_post_type_viewable", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:58:59Z/" } ], "url": "https://developer.wordpress.org/reference/functions/is_post_type_viewable/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995234?format=api", "purl": "pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1" } ], "aliases": [ "CVE-2023-5692" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jghn-eujf-zbdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96346?format=api", "vulnerability_id": "VCID-m8mf-t2td-67h7", "summary": "WordPress Core is vulnerable to Stored Cross-Site Scripting via the HTML API in various versions prior to 6.5.5 due to insufficient input sanitization and output escaping on URLs. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6307", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70437", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70352", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70397", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70412", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70436", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70421", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70406", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70448", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70457", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70356", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70373", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6307" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074486", "reference_id": "1074486", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074486" }, { "reference_url": "https://core.trac.wordpress.org/changeset/58472", "reference_id": "58472", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-06T03:09:30Z/" } ], "url": "https://core.trac.wordpress.org/changeset/58472" }, { "reference_url": "https://core.trac.wordpress.org/changeset/58473", "reference_id": "58473", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-06T03:09:30Z/" } ], "url": "https://core.trac.wordpress.org/changeset/58473" }, { "reference_url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc0d36f8-6569-49a1-b722-5cf57c4bb32a?source=cve", "reference_id": "bc0d36f8-6569-49a1-b722-5cf57c4bb32a?source=cve", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-06T03:09:30Z/" } ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc0d36f8-6569-49a1-b722-5cf57c4bb32a?source=cve" }, { "reference_url": "https://wordpress.org/news/2024/06/wordpress-6-5-5/", "reference_id": "wordpress-6-5-5", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-06T03:09:30Z/" } ], "url": "https://wordpress.org/news/2024/06/wordpress-6-5-5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995233?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1" } ], "aliases": [ "CVE-2024-6307" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m8mf-t2td-67h7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94971?format=api", "vulnerability_id": "VCID-yqam-kpce-dfg7", "summary": "WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming constraints of the WordPress.org Plugin Directory but is not yet present in that directory.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44223", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27489", "scoring_system": "epss", "scoring_elements": "0.96388", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.27489", "scoring_system": "epss", "scoring_elements": "0.96395", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.27489", "scoring_system": "epss", "scoring_elements": "0.96399", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.27489", "scoring_system": "epss", "scoring_elements": "0.96402", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.27489", "scoring_system": "epss", "scoring_elements": "0.96411", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.27489", "scoring_system": "epss", "scoring_elements": "0.96414", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.27489", "scoring_system": "epss", "scoring_elements": "0.96419", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.27489", "scoring_system": "epss", "scoring_elements": "0.9642", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.27489", "scoring_system": "epss", "scoring_elements": "0.96423", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.27489", "scoring_system": "epss", "scoring_elements": "0.9643", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.27489", "scoring_system": "epss", "scoring_elements": "0.96434", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.27489", "scoring_system": "epss", "scoring_elements": "0.96435", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44223" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995233?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1" } ], "aliases": [ "CVE-2021-44223" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yqam-kpce-dfg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96812?format=api", "vulnerability_id": "VCID-zj9a-shru-e7gs", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user privileges to execute the attack vector.This issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07411", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07516", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07502", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0749", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07412", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07399", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07453", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07436", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07493", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08189", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58674" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117047", "reference_id": "1117047", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117047" }, { "reference_url": "https://wordpress.org/news/2025/09/wordpress-6-8-3-release/", "reference_id": "wordpress-6-8-3-release", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T19:15:09Z/" } ], "url": "https://wordpress.org/news/2025/09/wordpress-6-8-3-release/" }, { "reference_url": "https://patchstack.com/database/wordpress/wordpress/wordpress/vulnerability/wordpress-wordpress-wordpress-6-8-2-cross-site-scripting-xss-vulnerability?_s_id=cve", "reference_id": "wordpress-wordpress-wordpress-6-8-2-cross-site-scripting-xss-vulnerability?_s_id=cve", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T19:15:09Z/" } ], "url": "https://patchstack.com/database/wordpress/wordpress/wordpress/vulnerability/wordpress-wordpress-wordpress-6-8-2-cross-site-scripting-xss-vulnerability?_s_id=cve" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995233?format=api", "purl": "pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1" } ], "aliases": [ "CVE-2025-58674" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zj9a-shru-e7gs" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94603?format=api", "vulnerability_id": "VCID-1by8-54pr-ubcw", "summary": "In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. When affected posts are viewed by a higher privileged user, this could lead to script execution in the editor/wp-admin. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-4046", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06854", "scoring_system": "epss", "scoring_elements": "0.91313", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06854", "scoring_system": "epss", "scoring_elements": "0.91317", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06854", "scoring_system": "epss", "scoring_elements": "0.91328", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06854", "scoring_system": "epss", "scoring_elements": "0.91335", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06854", "scoring_system": "epss", "scoring_elements": "0.91348", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06854", "scoring_system": "epss", "scoring_elements": "0.91354", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06854", "scoring_system": "epss", "scoring_elements": "0.91361", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06854", "scoring_system": "epss", "scoring_elements": "0.91364", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06854", "scoring_system": "epss", "scoring_elements": "0.91363", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06854", "scoring_system": "epss", "scoring_elements": "0.91389", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06854", "scoring_system": "epss", "scoring_elements": "0.91387", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-4046" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4046", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4046" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962685", "reference_id": "962685", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962685" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-4046" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1by8-54pr-ubcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90956?format=api", "vulnerability_id": "VCID-1j31-f88g-kfe7", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0208", "scoring_system": "epss", "scoring_elements": "0.84014", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0208", "scoring_system": "epss", "scoring_elements": "0.83917", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0208", "scoring_system": "epss", "scoring_elements": "0.83932", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0208", "scoring_system": "epss", "scoring_elements": "0.83948", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0208", "scoring_system": "epss", "scoring_elements": "0.83951", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0208", "scoring_system": "epss", "scoring_elements": "0.83974", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0208", "scoring_system": "epss", "scoring_elements": "0.83981", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0208", "scoring_system": "epss", "scoring_elements": "0.83997", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0208", "scoring_system": "epss", "scoring_elements": "0.83991", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0208", "scoring_system": "epss", "scoring_elements": "0.83986", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0208", "scoring_system": "epss", "scoring_elements": "0.8401", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0208", "scoring_system": "epss", "scoring_elements": "0.84012", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29450" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987065", "reference_id": "987065", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987065" }, { "reference_url": "https://security.archlinux.org/AVG-1831", "reference_id": "AVG-1831", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1831" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2021-29450" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1j31-f88g-kfe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79750?format=api", "vulnerability_id": "VCID-1tw6-axgs-f3hy", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11027", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.42551", "scoring_system": "epss", "scoring_elements": "0.97437", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.42551", "scoring_system": "epss", "scoring_elements": "0.97444", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.42551", "scoring_system": "epss", "scoring_elements": "0.97449", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.42551", "scoring_system": "epss", "scoring_elements": "0.9745", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.42551", "scoring_system": "epss", "scoring_elements": "0.97456", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.42551", "scoring_system": "epss", "scoring_elements": "0.97458", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.42551", "scoring_system": "epss", "scoring_elements": "0.97461", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.42551", "scoring_system": "epss", "scoring_elements": "0.97462", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.42551", "scoring_system": "epss", "scoring_elements": "0.97463", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.42551", "scoring_system": "epss", "scoring_elements": "0.97472", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.42551", "scoring_system": "epss", "scoring_elements": "0.97475", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11027" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11027", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11027" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11028", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11028" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11029", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11029" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959391", "reference_id": "959391", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959391" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/51531.py", "reference_id": "CVE-2020-11027", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/51531.py" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036920?format=api", "purl": "pkg:deb/debian/wordpress@4.7.5%2Bdfsg-2%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-1z8j-st48-qkgn" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6ejh-nyh8-gqar" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-7twj-axjh-rudj" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-8rfd-k93s-qycc" }, { "vulnerability": "VCID-9166-twpv-u3a9" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-b8ex-3tnw-yuh8" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-c62s-z1vc-nubq" }, { "vulnerability": "VCID-cce4-nh1p-f3gn" }, { "vulnerability": "VCID-cwud-1n3k-rfcs" }, { "vulnerability": "VCID-dkht-9n6n-fucn" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e37d-h1k6-sud6" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fcqu-11yk-h3af" }, { "vulnerability": "VCID-fd51-1hat-v3ee" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-ghn9-muv6-17d7" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hkp2-z1em-x3gu" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ng4k-69hk-9ueu" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-ny68-2wje-q3df" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-pz3b-294m-nqfn" }, { "vulnerability": "VCID-q146-rfqv-1ych" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-qu9h-p3s6-8bd2" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-swnk-8ave-bff2" }, { "vulnerability": "VCID-t4fg-hrp7-c7h9" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-u4ef-4sne-tbeg" }, { "vulnerability": "VCID-v2xf-n28d-kfcx" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-x733-wwnx-c7fv" }, { "vulnerability": "VCID-x7aj-4qxd-rkcu" }, { "vulnerability": "VCID-xd4w-ak3v-dybq" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-z8gv-sec9-xbam" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" }, { "vulnerability": "VCID-znb5-qcr5-pqaf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@4.7.5%252Bdfsg-2%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-11027" ], "risk_score": 0.8, "exploitability": "2.0", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1tw6-axgs-f3hy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90980?format=api", "vulnerability_id": "VCID-2gqt-ngbw-xyby", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03738", "scoring_system": "epss", "scoring_elements": "0.87961", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03738", "scoring_system": "epss", "scoring_elements": "0.87975", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03738", "scoring_system": "epss", "scoring_elements": "0.87979", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03738", "scoring_system": "epss", "scoring_elements": "0.87999", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03738", "scoring_system": "epss", "scoring_elements": "0.88006", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03738", "scoring_system": "epss", "scoring_elements": "0.88017", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03738", "scoring_system": "epss", "scoring_elements": "0.88009", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03738", "scoring_system": "epss", "scoring_elements": "0.8801", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03738", "scoring_system": "epss", "scoring_elements": "0.88024", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03738", "scoring_system": "epss", "scoring_elements": "0.88022", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21664" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21661", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21661" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21664", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21664" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003243", "reference_id": "1003243", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003243" }, { "reference_url": "https://github.com/WordPress/wordpress-develop/commit/c09ccfbc547d75b392dbccc1ef0b4442ccd3c957", "reference_id": "c09ccfbc547d75b392dbccc1ef0b4442ccd3c957", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:12:29Z/" } ], "url": "https://github.com/WordPress/wordpress-develop/commit/c09ccfbc547d75b392dbccc1ef0b4442ccd3c957" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/", "reference_id": "CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:12:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/", "reference_id": "DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:12:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5039", "reference_id": "dsa-5039", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:12:29Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5039" }, { "reference_url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-jp3p-gw8h-6x86", "reference_id": "GHSA-jp3p-gw8h-6x86", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:12:29Z/" } ], "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-jp3p-gw8h-6x86" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00019.html", "reference_id": "msg00019.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:12:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00019.html" }, { "reference_url": "https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/", "reference_id": "wordpress-5-8-3-security-release", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:12:29Z/" } ], "url": "https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2022-21664" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2gqt-ngbw-xyby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94329?format=api", "vulnerability_id": "VCID-2jgs-b7r7-zygv", "summary": "In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11030", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77343", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.7735", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77377", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77357", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77387", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77397", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77423", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77403", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77399", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77439", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77438", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.7743", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11030" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11030", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11030" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959391", "reference_id": "959391", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959391" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-11030" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2jgs-b7r7-zygv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87292?format=api", "vulnerability_id": "VCID-3171-8hu9-4uev", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00923", "scoring_system": "epss", "scoring_elements": "0.76014", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00923", "scoring_system": "epss", "scoring_elements": "0.76029", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00923", "scoring_system": "epss", "scoring_elements": "0.7593", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00923", "scoring_system": "epss", "scoring_elements": "0.75933", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00923", "scoring_system": "epss", "scoring_elements": "0.75966", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00923", "scoring_system": "epss", "scoring_elements": "0.75944", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00923", "scoring_system": "epss", "scoring_elements": "0.75978", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00923", "scoring_system": "epss", "scoring_elements": "0.75992", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00923", "scoring_system": "epss", "scoring_elements": "0.76017", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00923", "scoring_system": "epss", "scoring_elements": "0.75994", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00923", "scoring_system": "epss", "scoring_elements": "0.75987", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00923", "scoring_system": "epss", "scoring_elements": "0.76027", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17675" }, { "reference_url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html" }, { "reference_url": "https://core.trac.wordpress.org/changeset/46477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://core.trac.wordpress.org/changeset/46477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://github.com/WordPress/WordPress/commit/b183fd1cca0b44a92f0264823dd9f22d2fd8b8d0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/WordPress/WordPress/commit/b183fd1cca0b44a92f0264823dd9f22d2fd8b8d0" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9913" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459", "reference_id": "942459", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17675", "reference_id": "CVE-2019-17675", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17675" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-17675" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3171-8hu9-4uev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95466?format=api", "vulnerability_id": "VCID-3572-tc84-pyhv", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.77479", "scoring_system": "epss", "scoring_elements": "0.98989", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.77479", "scoring_system": "epss", "scoring_elements": "0.98988", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.77479", "scoring_system": "epss", "scoring_elements": "0.98987", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.79453", "scoring_system": "epss", "scoring_elements": "0.99074", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.79453", "scoring_system": "epss", "scoring_elements": "0.99078", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.79453", "scoring_system": "epss", "scoring_elements": "0.9908", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.79453", "scoring_system": "epss", "scoring_elements": "0.99081", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.79453", "scoring_system": "epss", "scoring_elements": "0.99082", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.79453", "scoring_system": "epss", "scoring_elements": "0.99083", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31210", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31210" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036296", "reference_id": "1036296", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036296" }, { "reference_url": "https://core.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=55765%40%2F&new=55765%40%2F&sfp_email=&sfph_mail=", "reference_id": "changeset?sfp_email=&sfph_mail=&reponame=&old=55765%40%2F&new=55765%40%2F&sfp_email=&sfph_mail=", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-13T16:22:24Z/" } ], "url": "https://core.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=55765%40%2F&new=55765%40%2F&sfp_email=&sfph_mail=" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52274.py", "reference_id": "CVE-2023-2745", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52274.py" }, { "reference_url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/edcf46b6-368e-49c0-b2c3-99bf6e2d358f?source=cve", "reference_id": "edcf46b6-368e-49c0-b2c3-99bf6e2d358f?source=cve", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-13T16:22:24Z/" } ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/edcf46b6-368e-49c0-b2c3-99bf6e2d358f?source=cve" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-13T16:22:24Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00024.html" }, { "reference_url": "https://wordpress.org/news/2023/05/wordpress-6-2-1-maintenance-security-release/", "reference_id": "wordpress-6-2-1-maintenance-security-release", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-13T16:22:24Z/" } ], "url": "https://wordpress.org/news/2023/05/wordpress-6-2-1-maintenance-security-release/" }, { "reference_url": "https://www.wordfence.com/blog/2023/05/wordpress-core-6-2-1-security-maintenance-release-what-you-need-to-know/", "reference_id": "wordpress-core-6-2-1-security-maintenance-release-what-you-need-to-know", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-13T16:22:24Z/" } ], "url": "https://www.wordfence.com/blog/2023/05/wordpress-core-6-2-1-security-maintenance-release-what-you-need-to-know/" }, { "reference_url": "http://packetstormsecurity.com/files/172426/WordPress-Core-6.2-XSS-CSRF-Directory-Traversal.html", "reference_id": "WordPress-Core-6.2-XSS-CSRF-Directory-Traversal.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-13T16:22:24Z/" } ], "url": "http://packetstormsecurity.com/files/172426/WordPress-Core-6.2-XSS-CSRF-Directory-Traversal.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2023-2745" ], "risk_score": 9.8, "exploitability": "2.0", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3572-tc84-pyhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87286?format=api", "vulnerability_id": "VCID-3veg-k8v2-tyhr", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.66708", "scoring_system": "epss", "scoring_elements": "0.98546", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.66708", "scoring_system": "epss", "scoring_elements": "0.98547", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.66708", "scoring_system": "epss", "scoring_elements": "0.98529", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.66708", "scoring_system": "epss", "scoring_elements": "0.98531", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.66708", "scoring_system": "epss", "scoring_elements": "0.98534", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.66708", "scoring_system": "epss", "scoring_elements": "0.98535", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.66708", "scoring_system": "epss", "scoring_elements": "0.98538", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.66708", "scoring_system": "epss", "scoring_elements": "0.9854", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.66708", "scoring_system": "epss", "scoring_elements": "0.98541", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17671" }, { "reference_url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html" }, { "reference_url": "https://core.trac.wordpress.org/changeset/46474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://core.trac.wordpress.org/changeset/46474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://github.com/WordPress/WordPress/commit/f82ed753cf00329a5e41f2cb6dc521085136f308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/WordPress/WordPress/commit/f82ed753cf00329a5e41f2cb6dc521085136f308" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9909" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459", "reference_id": "942459", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://0day.work/proof-of-concept-for-wordpress-5-2-3-viewing-unauthenticated-posts/", "reference_id": "CVE-2019-17671", "reference_type": "exploit", "scores": [], "url": "https://0day.work/proof-of-concept-for-wordpress-5-2-3-viewing-unauthenticated-posts/" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47690.md", "reference_id": "CVE-2019-17671", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47690.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17671", "reference_id": "CVE-2019-17671", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17671" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-17671" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3veg-k8v2-tyhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96065?format=api", "vulnerability_id": "VCID-47fm-x1rg-vbct", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31210", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75932", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75944", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75946", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75851", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75883", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75862", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75895", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75908", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75931", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75912", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75905", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31210" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31210", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31210" }, { "reference_url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-x79f-xrjv-jx5r", "reference_id": "GHSA-x79f-xrjv-jx5r", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T13:59:35Z/" } ], "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-x79f-xrjv-jx5r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2024-31210" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "6.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-47fm-x1rg-vbct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94866?format=api", "vulnerability_id": "VCID-47he-853j-8qdn", "summary": "WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under certain conditions, which can include data like nonces. It can then be used to perform actions on your behalf. This has been patched in WordPress 5.8.1, along with any older affected versions via minor releases. It's strongly recommended that you keep auto-updates enabled to receive the fix.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-39200", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01767", "scoring_system": "epss", "scoring_elements": "0.82672", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01767", "scoring_system": "epss", "scoring_elements": "0.82563", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01767", "scoring_system": "epss", "scoring_elements": "0.82578", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01767", "scoring_system": "epss", "scoring_elements": "0.82593", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01767", "scoring_system": "epss", "scoring_elements": "0.82589", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01767", "scoring_system": "epss", "scoring_elements": "0.82615", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01767", "scoring_system": "epss", "scoring_elements": "0.82623", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01767", "scoring_system": "epss", "scoring_elements": "0.82641", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01767", "scoring_system": "epss", "scoring_elements": "0.82635", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01767", "scoring_system": "epss", "scoring_elements": "0.82631", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01767", "scoring_system": "epss", "scoring_elements": "0.82669", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-39200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39200" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994060", "reference_id": "994060", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994060" }, { "reference_url": "https://security.archlinux.org/AVG-2373", "reference_id": "AVG-2373", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2373" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2021-39200" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-47he-853j-8qdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87281?format=api", "vulnerability_id": "VCID-4ty5-fp9a-8qhg", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03486", "scoring_system": "epss", "scoring_elements": "0.87522", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03486", "scoring_system": "epss", "scoring_elements": "0.87533", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03486", "scoring_system": "epss", "scoring_elements": "0.87546", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03486", "scoring_system": "epss", "scoring_elements": "0.87548", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03486", "scoring_system": "epss", "scoring_elements": "0.87567", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03486", "scoring_system": "epss", "scoring_elements": "0.87574", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03486", "scoring_system": "epss", "scoring_elements": "0.87585", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03486", "scoring_system": "epss", "scoring_elements": "0.87581", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03486", "scoring_system": "epss", "scoring_elements": "0.87577", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03486", "scoring_system": "epss", "scoring_elements": "0.87592", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03486", "scoring_system": "epss", "scoring_elements": "0.87593", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03486", "scoring_system": "epss", "scoring_elements": "0.87591", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946905", "reference_id": "946905", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946905" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-16781" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ty5-fp9a-8qhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94081?format=api", "vulnerability_id": "VCID-5698-c229-bqc9", "summary": "WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17670", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0554", "scoring_system": "epss", "scoring_elements": "0.90278", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0554", "scoring_system": "epss", "scoring_elements": "0.90282", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0554", "scoring_system": "epss", "scoring_elements": "0.90221", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0554", "scoring_system": "epss", "scoring_elements": "0.90223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0554", "scoring_system": "epss", "scoring_elements": "0.90236", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0554", "scoring_system": "epss", "scoring_elements": "0.90241", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0554", "scoring_system": "epss", "scoring_elements": "0.90256", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0554", "scoring_system": "epss", "scoring_elements": "0.90263", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0554", "scoring_system": "epss", "scoring_elements": "0.90271", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0554", "scoring_system": "epss", "scoring_elements": "0.9027", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0554", "scoring_system": "epss", "scoring_elements": "0.90265", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0554", "scoring_system": "epss", "scoring_elements": "0.90281", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17670" }, { "reference_url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html" }, { "reference_url": "https://core.trac.wordpress.org/changeset/46472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://core.trac.wordpress.org/changeset/46472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17670" }, { "reference_url": "https://github.com/WordPress/WordPress/commit/9db44754b9e4044690a6c32fd74b9d5fe26b07b2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/WordPress/WordPress/commit/9db44754b9e4044690a6c32fd74b9d5fe26b07b2" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00010.html" }, { "reference_url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9912" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459", "reference_id": "942459", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17670", "reference_id": "CVE-2019-17670", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17670" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-17670" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5698-c229-bqc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95291?format=api", "vulnerability_id": "VCID-6j54-w242-hfce", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43504", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86256", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86247", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86245", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86241", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86258", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86263", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86189", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86202", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86203", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86222", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86233", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43504" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022575", "reference_id": "1022575", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022575" }, { "reference_url": "https://wordpress.org/download/", "reference_id": "download", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:04:12Z/" } ], "url": "https://wordpress.org/download/" }, { "reference_url": "https://jvn.jp/en/jp/JVN09409909/index.html", "reference_id": "index.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:04:12Z/" } ], "url": "https://jvn.jp/en/jp/JVN09409909/index.html" }, { "reference_url": "https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/", "reference_id": "wordpress-6-0-3-security-release", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:04:12Z/" } ], "url": "https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2022-43504" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6j54-w242-hfce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95880?format=api", "vulnerability_id": "VCID-722f-e2hf-xyc9", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5561", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.53022", "scoring_system": "epss", "scoring_elements": "0.97941", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.53022", "scoring_system": "epss", "scoring_elements": "0.97943", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.53022", "scoring_system": "epss", "scoring_elements": "0.97946", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.53022", "scoring_system": "epss", "scoring_elements": "0.97951", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.53022", "scoring_system": "epss", "scoring_elements": "0.97953", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.53022", "scoring_system": "epss", "scoring_elements": "0.97956", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.53022", "scoring_system": "epss", "scoring_elements": "0.97958", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.53022", "scoring_system": "epss", "scoring_elements": "0.97959", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.53022", "scoring_system": "epss", "scoring_elements": "0.97965", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.53022", "scoring_system": "epss", "scoring_elements": "0.97966", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31210", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31210" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2023-5561" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-722f-e2hf-xyc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87284?format=api", "vulnerability_id": "VCID-767p-btpd-tudb", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08377", "scoring_system": "epss", "scoring_elements": "0.92321", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08377", "scoring_system": "epss", "scoring_elements": "0.92322", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08377", "scoring_system": "epss", "scoring_elements": "0.92274", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08377", "scoring_system": "epss", "scoring_elements": "0.92281", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08377", "scoring_system": "epss", "scoring_elements": "0.92287", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08377", "scoring_system": "epss", "scoring_elements": "0.9229", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08377", "scoring_system": "epss", "scoring_elements": "0.92301", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08377", "scoring_system": "epss", "scoring_elements": "0.92305", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08377", "scoring_system": "epss", "scoring_elements": "0.92311", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08377", "scoring_system": "epss", "scoring_elements": "0.92312", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08377", "scoring_system": "epss", "scoring_elements": "0.9231", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17669" }, { "reference_url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html" }, { "reference_url": "https://core.trac.wordpress.org/changeset/46475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://core.trac.wordpress.org/changeset/46475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://github.com/WordPress/WordPress/commit/608d39faed63ea212b6c6cdf9fe2bef92e2120ea", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/WordPress/WordPress/commit/608d39faed63ea212b6c6cdf9fe2bef92e2120ea" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9912" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459", "reference_id": "942459", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17669", "reference_id": "CVE-2019-17669", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17669" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-17669" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-767p-btpd-tudb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94308?format=api", "vulnerability_id": "VCID-8mat-2mjd-7fgm", "summary": "WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9787", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.81017", "scoring_system": "epss", "scoring_elements": "0.99157", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.81017", "scoring_system": "epss", "scoring_elements": "0.99155", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.81017", "scoring_system": "epss", "scoring_elements": "0.99146", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.81017", "scoring_system": "epss", "scoring_elements": "0.99147", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.81017", "scoring_system": "epss", "scoring_elements": "0.9915", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.81017", "scoring_system": "epss", "scoring_elements": "0.99153", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.81017", "scoring_system": "epss", "scoring_elements": "0.99154", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9787" }, { "reference_url": "https://blog.ripstech.com/2019/wordpress-csrf-to-rce/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.ripstech.com/2019/wordpress-csrf-to-rce/" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9787" }, { "reference_url": "https://github.com/WordPress/WordPress/commit/0292de60ec78c5a44956765189403654fe4d080b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/WordPress/WordPress/commit/0292de60ec78c5a44956765189403654fe4d080b" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00044.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00044.html" }, { "reference_url": "https://wordpress.org/news/2019/03/wordpress-5-1-1-security-and-maintenance-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/03/wordpress-5-1-1-security-and-maintenance-release/" }, { "reference_url": "https://wordpress.org/support/wordpress-version/version-5-1-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/support/wordpress-version/version-5-1-1/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9230" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "http://www.securityfocus.com/bid/107411", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107411" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924546", "reference_id": "924546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924546" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9787", "reference_id": "CVE-2019-9787", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9787" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-9787" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8mat-2mjd-7fgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90918?format=api", "vulnerability_id": "VCID-92fa-nrxb-e3gj", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25814", "scoring_system": "epss", "scoring_elements": "0.96272", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.25814", "scoring_system": "epss", "scoring_elements": "0.96221", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.25814", "scoring_system": "epss", "scoring_elements": "0.96229", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.25814", "scoring_system": "epss", "scoring_elements": "0.96236", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.25814", "scoring_system": "epss", "scoring_elements": "0.9624", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25814", "scoring_system": "epss", "scoring_elements": "0.96249", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25814", "scoring_system": "epss", "scoring_elements": "0.96252", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.25814", "scoring_system": "epss", "scoring_elements": "0.96256", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.25814", "scoring_system": "epss", "scoring_elements": "0.96257", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.25814", "scoring_system": "epss", "scoring_elements": "0.96266", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.25814", "scoring_system": "epss", "scoring_elements": "0.96271", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562", "reference_id": "973562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562" }, { "reference_url": "https://security.archlinux.org/ASA-202011-3", "reference_id": "ASA-202011-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-3" }, { "reference_url": "https://security.archlinux.org/AVG-1257", "reference_id": "AVG-1257", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1257" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-28032" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-92fa-nrxb-e3gj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87291?format=api", "vulnerability_id": "VCID-98e3-ffna-jfbs", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02484", "scoring_system": "epss", "scoring_elements": "0.85316", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02484", "scoring_system": "epss", "scoring_elements": "0.85319", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02484", "scoring_system": "epss", "scoring_elements": "0.85226", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02484", "scoring_system": "epss", "scoring_elements": "0.85238", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02484", "scoring_system": "epss", "scoring_elements": "0.85257", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02484", "scoring_system": "epss", "scoring_elements": "0.85259", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02484", "scoring_system": "epss", "scoring_elements": "0.85281", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02484", "scoring_system": "epss", "scoring_elements": "0.85289", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02484", "scoring_system": "epss", "scoring_elements": "0.85303", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02484", "scoring_system": "epss", "scoring_elements": "0.85302", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02484", "scoring_system": "epss", "scoring_elements": "0.85298", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02484", "scoring_system": "epss", "scoring_elements": "0.85318", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17674" }, { "reference_url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9908" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459", "reference_id": "942459", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17674", "reference_id": "CVE-2019-17674", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17674" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-17674" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-98e3-ffna-jfbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87268?format=api", "vulnerability_id": "VCID-agpu-husf-6be4", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02575", "scoring_system": "epss", "scoring_elements": "0.85576", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02575", "scoring_system": "epss", "scoring_elements": "0.8558", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02575", "scoring_system": "epss", "scoring_elements": "0.85481", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02575", "scoring_system": "epss", "scoring_elements": "0.85494", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02575", "scoring_system": "epss", "scoring_elements": "0.8551", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02575", "scoring_system": "epss", "scoring_elements": "0.85514", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02575", "scoring_system": "epss", "scoring_elements": "0.85534", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02575", "scoring_system": "epss", "scoring_elements": "0.85543", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02575", "scoring_system": "epss", "scoring_elements": "0.85557", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02575", "scoring_system": "epss", "scoring_elements": "0.85555", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02575", "scoring_system": "epss", "scoring_elements": "0.85551", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02575", "scoring_system": "epss", "scoring_elements": "0.85574", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16217" }, { "reference_url": "https://core.trac.wordpress.org/changeset/45936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://core.trac.wordpress.org/changeset/45936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543", "reference_id": "939543", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16217", "reference_id": "CVE-2019-16217", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16217" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-16217" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-agpu-husf-6be4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87274?format=api", "vulnerability_id": "VCID-ajrt-bhrw-k7an", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.74432", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.74442", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.7435", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.74354", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.74381", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.74355", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.74388", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.74403", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.74424", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.74404", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.74396", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.74433", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16220" }, { "reference_url": "https://core.trac.wordpress.org/changeset/45971", "reference_id": "", "reference_type": "", "scores": [], "url": "https://core.trac.wordpress.org/changeset/45971" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://github.com/WordPress/WordPress/commit/c86ee39ff4c1a79b93c967eb88522f5c09614a28", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/WordPress/WordPress/commit/c86ee39ff4c1a79b93c967eb88522f5c09614a28" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html" }, { "reference_url": "https://medium.com/@theodorejackson.us/rediscovering-an-old-vulnerability-cve-2019-16220-d25cc441752f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://medium.com/@theodorejackson.us/rediscovering-an-old-vulnerability-cve-2019-16220-d25cc441752f" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9863" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543", "reference_id": "939543", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16220", "reference_id": "CVE-2019-16220", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16220" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-16220" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajrt-bhrw-k7an" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87277?format=api", "vulnerability_id": "VCID-aup2-49ee-jkdf", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.85003", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.85006", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.84906", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.84922", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.84939", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.84944", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.84967", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.84974", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.84989", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.84988", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.84984", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.85004", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16222" }, { "reference_url": "https://core.trac.wordpress.org/changeset/45997", "reference_id": "", "reference_type": "", "scores": [], "url": "https://core.trac.wordpress.org/changeset/45997" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://github.com/WordPress/WordPress/commit/30ac67579559fe42251b5a9f887211bf61a8ed68", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/WordPress/WordPress/commit/30ac67579559fe42251b5a9f887211bf61a8ed68" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9867" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543", "reference_id": "939543", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16222", "reference_id": "CVE-2019-16222", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16222" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-16222" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aup2-49ee-jkdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90909?format=api", "vulnerability_id": "VCID-azsx-2ydf-zyag", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-4050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02416", "scoring_system": "epss", "scoring_elements": "0.85038", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02416", "scoring_system": "epss", "scoring_elements": "0.85051", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02416", "scoring_system": "epss", "scoring_elements": "0.85068", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02416", "scoring_system": "epss", "scoring_elements": "0.85073", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02416", "scoring_system": "epss", "scoring_elements": "0.85094", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02416", "scoring_system": "epss", "scoring_elements": "0.85101", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02416", "scoring_system": "epss", "scoring_elements": "0.85117", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02416", "scoring_system": "epss", "scoring_elements": "0.85114", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02416", "scoring_system": "epss", "scoring_elements": "0.85111", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02416", "scoring_system": "epss", "scoring_elements": "0.85133", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02416", "scoring_system": "epss", "scoring_elements": "0.85135", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02416", "scoring_system": "epss", "scoring_elements": "0.85132", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-4050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4050" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962685", "reference_id": "962685", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962685" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-4050" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-azsx-2ydf-zyag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90970?format=api", "vulnerability_id": "VCID-azyj-28v6-ufhg", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-39201", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65694", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65743", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65773", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65738", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65791", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65802", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65822", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65808", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65778", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65812", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65826", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65813", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-39201" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39201", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39201" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994059", "reference_id": "994059", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994059" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2021-39201" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-azyj-28v6-ufhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90977?format=api", "vulnerability_id": "VCID-bb3n-jh6p-vfhm", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21661", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.90526", "scoring_system": "epss", "scoring_elements": "0.99614", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.90904", "scoring_system": "epss", "scoring_elements": "0.9963", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.90904", "scoring_system": "epss", "scoring_elements": "0.99629", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.90904", "scoring_system": "epss", "scoring_elements": "0.99633", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.90904", "scoring_system": "epss", "scoring_elements": "0.99632", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.90904", "scoring_system": "epss", "scoring_elements": "0.99631", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21661" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21661", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21661" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21664", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21664" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003243", "reference_id": "1003243", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003243" }, { "reference_url": "https://github.com/WordPress/wordpress-develop/commit/17efac8c8ec64555eff5cf51a3eff81e06317214", "reference_id": "17efac8c8ec64555eff5cf51a3eff81e06317214", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-09T14:12:39Z/" } ], "url": "https://github.com/WordPress/wordpress-develop/commit/17efac8c8ec64555eff5cf51a3eff81e06317214" }, { "reference_url": "https://www.exploit-db.com/exploits/50663", "reference_id": "50663", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-09T14:12:39Z/" } ], "url": "https://www.exploit-db.com/exploits/50663" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/", "reference_id": "CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-09T14:12:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50663.txt", "reference_id": "CVE-2022-21661", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50663.txt" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/", "reference_id": "DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-09T14:12:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5039", "reference_id": "dsa-5039", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-09T14:12:39Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5039" }, { "reference_url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-6676-cqfm-gw84", "reference_id": "GHSA-6676-cqfm-gw84", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-09T14:12:39Z/" } ], "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-6676-cqfm-gw84" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00019.html", "reference_id": "msg00019.html", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-09T14:12:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00019.html" }, { "reference_url": "https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/", "reference_id": "wordpress-5-8-3-security-release", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-09T14:12:39Z/" } ], "url": "https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/" }, { "reference_url": "http://packetstormsecurity.com/files/165540/WordPress-Core-5.8.2-SQL-Injection.html", "reference_id": "WordPress-Core-5.8.2-SQL-Injection.html", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-09T14:12:39Z/" } ], "url": "http://packetstormsecurity.com/files/165540/WordPress-Core-5.8.2-SQL-Injection.html" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-22-020/", "reference_id": "ZDI-22-020", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-09T14:12:39Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-020/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2022-21661" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bb3n-jh6p-vfhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87270?format=api", "vulnerability_id": "VCID-c2ta-7w7f-kbed", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85222", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.8522", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85129", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85141", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85158", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.8516", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85182", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.8519", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85205", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85199", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9861" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543", "reference_id": "939543", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16218", "reference_id": "CVE-2019-16218", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16218" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-16218" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c2ta-7w7f-kbed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87294?format=api", "vulnerability_id": "VCID-dzgs-vwe3-fub1", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0505", "scoring_system": "epss", "scoring_elements": "0.8973", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0505", "scoring_system": "epss", "scoring_elements": "0.89733", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0505", "scoring_system": "epss", "scoring_elements": "0.89748", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0505", "scoring_system": "epss", "scoring_elements": "0.89749", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0505", "scoring_system": "epss", "scoring_elements": "0.89766", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0505", "scoring_system": "epss", "scoring_elements": "0.89773", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0505", "scoring_system": "epss", "scoring_elements": "0.8978", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0505", "scoring_system": "epss", "scoring_elements": "0.89778", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0505", "scoring_system": "epss", "scoring_elements": "0.89771", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0505", "scoring_system": "epss", "scoring_elements": "0.89787", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0505", "scoring_system": "epss", "scoring_elements": "0.89781", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946905", "reference_id": "946905", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946905" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-20042" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dzgs-vwe3-fub1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97135?format=api", "vulnerability_id": "VCID-e8zy-mzdn-g7gz", "summary": "security update", "references": [], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "DSA-5279-2 wordpress" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e8zy-mzdn-g7gz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87275?format=api", "vulnerability_id": "VCID-ejtq-a5ca-ffbu", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85222", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.8522", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85129", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85141", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85158", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.8516", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85182", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.8519", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85205", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02449", "scoring_system": "epss", "scoring_elements": "0.85199", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9865" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543", "reference_id": "939543", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16221", "reference_id": "CVE-2019-16221", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16221" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-16221" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ejtq-a5ca-ffbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87280?format=api", "vulnerability_id": "VCID-fpwa-74w6-mugt", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03606", "scoring_system": "epss", "scoring_elements": "0.87723", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03606", "scoring_system": "epss", "scoring_elements": "0.87734", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03606", "scoring_system": "epss", "scoring_elements": "0.87747", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03606", "scoring_system": "epss", "scoring_elements": "0.87749", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03606", "scoring_system": "epss", "scoring_elements": "0.8777", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03606", "scoring_system": "epss", "scoring_elements": "0.87776", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03606", "scoring_system": "epss", "scoring_elements": "0.87787", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03606", "scoring_system": "epss", "scoring_elements": "0.87782", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03606", "scoring_system": "epss", "scoring_elements": "0.87781", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03606", "scoring_system": "epss", "scoring_elements": "0.87795", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03606", "scoring_system": "epss", "scoring_elements": "0.87794", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03606", "scoring_system": "epss", "scoring_elements": "0.87792", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946905", "reference_id": "946905", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946905" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-16780" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fpwa-74w6-mugt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34628?format=api", "vulnerability_id": "VCID-fra3-hye6-kqh7", "summary": "Insecure Deserialization of untrusted data in rmccue/requests\n### Impact\nUnserialization of untrusted data.\n\n### Patches\nThe issue has been patched and users of `Requests` 1.6.0, 1.6.1 and 1.7.0 should update to version 1.8.0.\n\n### References\nPublications about the vulnerability:\n* https://dannewitz.ninja/posts/php-unserialize-object-injection-yet-another-stars-rating-wordpress\n* https://github.com/ambionics/phpggc/issues/52\n* https://blog.detectify.com/2019/07/23/improving-wordpress-plugin-security/\n* https://i.blackhat.com/us-18/Thu-August-9/us-18-Thomas-Its-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-Know-It.pdf\n* https://cdn2.hubspot.net/hubfs/3853213/us-18-Thomas-It%27s-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-....pdf\n* https://2018.zeronights.ru/wp-content/uploads/materials/9%20ZN2018%20WV%20-%20PHP%20unserialize.pdf\n* https://medium.com/@knownsec404team/extend-the-attack-surface-of-php-deserialization-vulnerability-via-phar-d6455c6a1066#3c0f\n\nOriginally fixed in WordPress 5.5.2:\n* https://github.com/WordPress/wordpress-develop/commit/add6bedf3a53b647d0ebda2970057912d3cd79d3\n* https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/\n\nRelated Security Advisories:\n* https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-28032\n* https://nvd.nist.gov/vuln/detail/CVE-2020-28032\n\nNotification to the Requests repo including a fix in:\n* https://github.com/rmccue/Requests/pull/421 and\n* https://github.com/rmccue/Requests/pull/422\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Request](https://github.com/WordPress/Requests/)", "references": [ { "reference_url": "https://2018.zeronights.ru/wp-content/uploads/materials/9%20ZN2018%20WV%20-%20PHP%20unserialize.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://2018.zeronights.ru/wp-content/uploads/materials/9%20ZN2018%20WV%20-%20PHP%20unserialize.pdf" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02219", "scoring_system": "epss", "scoring_elements": "0.8451", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02219", "scoring_system": "epss", "scoring_elements": "0.84489", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02219", "scoring_system": "epss", "scoring_elements": "0.84493", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02219", "scoring_system": "epss", "scoring_elements": "0.845", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02219", "scoring_system": "epss", "scoring_elements": "0.84481", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02219", "scoring_system": "epss", "scoring_elements": "0.84475", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02219", "scoring_system": "epss", "scoring_elements": "0.84418", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02219", "scoring_system": "epss", "scoring_elements": "0.84512", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02219", "scoring_system": "epss", "scoring_elements": "0.84454", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02219", "scoring_system": "epss", "scoring_elements": "0.84452", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02219", "scoring_system": "epss", "scoring_elements": "0.84433", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29476" }, { "reference_url": "https://blog.detectify.com/2019/07/23/improving-wordpress-plugin-security", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.detectify.com/2019/07/23/improving-wordpress-plugin-security" }, { "reference_url": "https://blog.detectify.com/2019/07/23/improving-wordpress-plugin-security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.detectify.com/2019/07/23/improving-wordpress-plugin-security/" }, { "reference_url": "https://cdn2.hubspot.net/hubfs/3853213/us-18-Thomas-It%27s-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-....pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cdn2.hubspot.net/hubfs/3853213/us-18-Thomas-It%27s-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-....pdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29476" }, { "reference_url": "https://dannewitz.ninja/posts/php-unserialize-object-injection-yet-another-stars-rating-wordpress", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://dannewitz.ninja/posts/php-unserialize-object-injection-yet-another-stars-rating-wordpress" }, { "reference_url": "https://github.com/ambionics/phpggc/issues/52", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ambionics/phpggc/issues/52" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/rmccue/requests/CVE-2021-29476.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/rmccue/requests/CVE-2021-29476.yaml" }, { "reference_url": "https://github.com/rmccue/Requests/pull/421", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rmccue/Requests/pull/421" }, { "reference_url": "https://github.com/WordPress/Requests/security/advisories/GHSA-52qp-jpq7-6c54", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/WordPress/Requests/security/advisories/GHSA-52qp-jpq7-6c54" }, { "reference_url": "https://github.com/WordPress/wordpress-develop/commit/add6bedf3a53b647d0ebda2970057912d3cd79d3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/WordPress/wordpress-develop/commit/add6bedf3a53b647d0ebda2970057912d3cd79d3" }, { "reference_url": "https://i.blackhat.com/us-18/Thu-August-9/us-18-Thomas-Its-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-Know-It.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://i.blackhat.com/us-18/Thu-August-9/us-18-Thomas-Its-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-Know-It.pdf" }, { "reference_url": "https://medium.com/@knownsec404team/extend-the-attack-surface-of-php-deserialization-vulnerability-via-phar-d6455c6a1066#3c0f", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://medium.com/@knownsec404team/extend-the-attack-surface-of-php-deserialization-vulnerability-via-phar-d6455c6a1066#3c0f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29476", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29476" }, { "reference_url": "https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release" }, { "reference_url": "https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/" }, { "reference_url": "https://github.com/advisories/GHSA-52qp-jpq7-6c54", "reference_id": "GHSA-52qp-jpq7-6c54", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-52qp-jpq7-6c54" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2021-29476", "GHSA-52qp-jpq7-6c54" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fra3-hye6-kqh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87289?format=api", "vulnerability_id": "VCID-fuma-nkmd-zkc1", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03574", "scoring_system": "epss", "scoring_elements": "0.87745", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03574", "scoring_system": "epss", "scoring_elements": "0.87746", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03574", "scoring_system": "epss", "scoring_elements": "0.87678", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03574", "scoring_system": "epss", "scoring_elements": "0.87689", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03574", "scoring_system": "epss", "scoring_elements": "0.87701", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03574", "scoring_system": "epss", "scoring_elements": "0.87703", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03574", "scoring_system": "epss", "scoring_elements": "0.87724", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03574", "scoring_system": "epss", "scoring_elements": "0.8773", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03574", "scoring_system": "epss", "scoring_elements": "0.87741", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03574", "scoring_system": "epss", "scoring_elements": "0.87735", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03574", "scoring_system": "epss", "scoring_elements": "0.87733", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03574", "scoring_system": "epss", "scoring_elements": "0.87747", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17673" }, { "reference_url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html" }, { "reference_url": "https://core.trac.wordpress.org/changeset/46478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://core.trac.wordpress.org/changeset/46478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://github.com/WordPress/WordPress/commit/b224c251adfa16a5f84074a3c0886270c9df38de", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/WordPress/WordPress/commit/b224c251adfa16a5f84074a3c0886270c9df38de" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9911" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459", "reference_id": "942459", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17673", "reference_id": "CVE-2019-17673", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17673" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-17673" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fuma-nkmd-zkc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90922?format=api", "vulnerability_id": "VCID-gy54-apzn-7kef", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28036", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04185", "scoring_system": "epss", "scoring_elements": "0.88666", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04185", "scoring_system": "epss", "scoring_elements": "0.88682", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04185", "scoring_system": "epss", "scoring_elements": "0.88683", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04185", "scoring_system": "epss", "scoring_elements": "0.88701", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04185", "scoring_system": "epss", "scoring_elements": "0.88657", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06074", "scoring_system": "epss", "scoring_elements": "0.90776", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06074", "scoring_system": "epss", "scoring_elements": "0.90773", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06074", "scoring_system": "epss", "scoring_elements": "0.90772", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06074", "scoring_system": "epss", "scoring_elements": "0.90752", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06074", "scoring_system": "epss", "scoring_elements": "0.90761", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06074", "scoring_system": "epss", "scoring_elements": "0.9076", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06074", "scoring_system": "epss", "scoring_elements": "0.90757", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562", "reference_id": "973562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562" }, { "reference_url": "https://security.archlinux.org/ASA-202011-3", "reference_id": "ASA-202011-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-3" }, { "reference_url": "https://security.archlinux.org/AVG-1257", "reference_id": "AVG-1257", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1257" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-28036" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gy54-apzn-7kef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95289?format=api", "vulnerability_id": "VCID-h5up-s13c-2ygg", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.8128", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81265", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81251", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81243", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81279", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81281", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81188", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81211", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81239", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81244", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43504" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022575", "reference_id": "1022575", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022575" }, { "reference_url": "https://wordpress.org/download/", "reference_id": "download", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:09:53Z/" } ], "url": "https://wordpress.org/download/" }, { "reference_url": "https://jvn.jp/en/jp/JVN09409909/index.html", "reference_id": "index.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:09:53Z/" } ], "url": "https://jvn.jp/en/jp/JVN09409909/index.html" }, { "reference_url": "https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/", "reference_id": "wordpress-6-0-3-security-release", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:09:53Z/" } ], "url": "https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2022-43497" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5up-s13c-2ygg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90926?format=api", "vulnerability_id": "VCID-h97y-a92u-2fay", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28040", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53881", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53772", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53792", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53818", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53844", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53842", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.5389", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53873", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53857", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53895", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.539", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562", "reference_id": "973562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562" }, { "reference_url": "https://security.archlinux.org/ASA-202011-3", "reference_id": "ASA-202011-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-3" }, { "reference_url": "https://security.archlinux.org/AVG-1257", "reference_id": "AVG-1257", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1257" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-28040" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h97y-a92u-2fay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87279?format=api", "vulnerability_id": "VCID-hndb-7b4f-7bbw", "summary": "security update", "references": [ { "reference_url": "http://packetstormsecurity.com/files/160745/WordPress-Core-5.2.2-Cross-Site-Scripting.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/160745/WordPress-Core-5.2.2-Cross-Site-Scripting.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04337", "scoring_system": "epss", "scoring_elements": "0.88936", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04337", "scoring_system": "epss", "scoring_elements": "0.8894", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04337", "scoring_system": "epss", "scoring_elements": "0.88874", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04337", "scoring_system": "epss", "scoring_elements": "0.88882", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04337", "scoring_system": "epss", "scoring_elements": "0.88897", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04337", "scoring_system": "epss", "scoring_elements": "0.88899", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04337", "scoring_system": "epss", "scoring_elements": "0.88918", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04337", "scoring_system": "epss", "scoring_elements": "0.88923", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04337", "scoring_system": "epss", "scoring_elements": "0.88934", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04337", "scoring_system": "epss", "scoring_elements": "0.88929", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04337", "scoring_system": "epss", "scoring_elements": "0.88928", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04337", "scoring_system": "epss", "scoring_elements": "0.88942", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9862", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9862" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543", "reference_id": "939543", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49338.txt", "reference_id": "CVE-2019-16223", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49338.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16223", "reference_id": "CVE-2019-16223", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16223" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-16223" ], "risk_score": 9.8, "exploitability": "2.0", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hndb-7b4f-7bbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90979?format=api", "vulnerability_id": "VCID-htec-cnsd-4ke4", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.5412", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54149", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54125", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54176", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54174", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54224", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54206", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54185", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54223", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54227", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54209", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21661", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21661" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21664", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21664" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003243", "reference_id": "1003243", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003243" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/", "reference_id": "CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:27Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/", "reference_id": "DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:27Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5039", "reference_id": "dsa-5039", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:27Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5039" }, { "reference_url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-jmmq-m8p8-332h", "reference_id": "GHSA-jmmq-m8p8-332h", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:27Z/" } ], "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-jmmq-m8p8-332h" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00019.html", "reference_id": "msg00019.html", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:27Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00019.html" }, { "reference_url": "https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/", "reference_id": "wordpress-5-8-3-security-release", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:27Z/" } ], "url": "https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/" }, { "reference_url": "https://blog.sonarsource.com/wordpress-object-injection-vulnerability/", "reference_id": "wordpress-object-injection-vulnerability", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:27Z/" } ], "url": "https://blog.sonarsource.com/wordpress-object-injection-vulnerability/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2022-21663" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-htec-cnsd-4ke4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90955?format=api", "vulnerability_id": "VCID-htr5-ugyh-7yaz", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.89634", "scoring_system": "epss", "scoring_elements": "0.99565", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.89975", "scoring_system": "epss", "scoring_elements": "0.99577", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.89975", "scoring_system": "epss", "scoring_elements": "0.99578", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.89975", "scoring_system": "epss", "scoring_elements": "0.99576", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.89975", "scoring_system": "epss", "scoring_elements": "0.9958", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.89975", "scoring_system": "epss", "scoring_elements": "0.99581", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.89975", "scoring_system": "epss", "scoring_elements": "0.99579", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29450" }, { "reference_url": "https://security.archlinux.org/AVG-1831", "reference_id": "AVG-1831", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1831" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50304.sh", "reference_id": "CVE-2021-29447", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50304.sh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2021-29447" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-htr5-ugyh-7yaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87293?format=api", "vulnerability_id": "VCID-jjjw-sspg-q3c3", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01366", "scoring_system": "epss", "scoring_elements": "0.8014", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01366", "scoring_system": "epss", "scoring_elements": "0.80147", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01366", "scoring_system": "epss", "scoring_elements": "0.80167", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01366", "scoring_system": "epss", "scoring_elements": "0.80156", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01366", "scoring_system": "epss", "scoring_elements": "0.80184", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01366", "scoring_system": "epss", "scoring_elements": "0.80192", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01366", "scoring_system": "epss", "scoring_elements": "0.80211", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01366", "scoring_system": "epss", "scoring_elements": "0.80196", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01366", "scoring_system": "epss", "scoring_elements": "0.80188", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01366", "scoring_system": "epss", "scoring_elements": "0.80217", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01366", "scoring_system": "epss", "scoring_elements": "0.8022", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946905", "reference_id": "946905", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946905" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-20041" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jjjw-sspg-q3c3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87272?format=api", "vulnerability_id": "VCID-k52x-fa57-hkfk", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04685", "scoring_system": "epss", "scoring_elements": "0.89353", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04685", "scoring_system": "epss", "scoring_elements": "0.89356", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04685", "scoring_system": "epss", "scoring_elements": "0.89298", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04685", "scoring_system": "epss", "scoring_elements": "0.89304", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04685", "scoring_system": "epss", "scoring_elements": "0.89318", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04685", "scoring_system": "epss", "scoring_elements": "0.8932", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04685", "scoring_system": "epss", "scoring_elements": "0.89336", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04685", "scoring_system": "epss", "scoring_elements": "0.89341", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04685", "scoring_system": "epss", "scoring_elements": "0.8935", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04685", "scoring_system": "epss", "scoring_elements": "0.89347", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04685", "scoring_system": "epss", "scoring_elements": "0.89343", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04685", "scoring_system": "epss", "scoring_elements": "0.89357", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://fortiguard.com/zeroday/FG-VD-18-165", "reference_id": "", "reference_type": "", "scores": [], "url": "https://fortiguard.com/zeroday/FG-VD-18-165" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9864" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543", "reference_id": "939543", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939543" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16219", "reference_id": "CVE-2019-16219", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16219" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-16219" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k52x-fa57-hkfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90907?format=api", "vulnerability_id": "VCID-kk83-bnn5-tuar", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-4048", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03502", "scoring_system": "epss", "scoring_elements": "0.87556", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03502", "scoring_system": "epss", "scoring_elements": "0.87565", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03502", "scoring_system": "epss", "scoring_elements": "0.87579", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03502", "scoring_system": "epss", "scoring_elements": "0.87581", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03502", "scoring_system": "epss", "scoring_elements": "0.876", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03502", "scoring_system": "epss", "scoring_elements": "0.87606", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03502", "scoring_system": "epss", "scoring_elements": "0.87618", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03502", "scoring_system": "epss", "scoring_elements": "0.87613", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03502", "scoring_system": "epss", "scoring_elements": "0.8761", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03502", "scoring_system": "epss", "scoring_elements": "0.87625", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03502", "scoring_system": "epss", "scoring_elements": "0.87623", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-4048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4050" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962685", "reference_id": "962685", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962685" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-4048" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kk83-bnn5-tuar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87295?format=api", "vulnerability_id": "VCID-kn9s-5v5u-d3fj", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78609", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78615", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78646", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78627", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78653", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.7866", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78685", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78666", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78658", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78686", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78684", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78681", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20043" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946905", "reference_id": "946905", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946905" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-20043" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kn9s-5v5u-d3fj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90921?format=api", "vulnerability_id": "VCID-n7ne-unru-7fhn", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06561", "scoring_system": "epss", "scoring_elements": "0.9117", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06561", "scoring_system": "epss", "scoring_elements": "0.91092", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06561", "scoring_system": "epss", "scoring_elements": "0.91098", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06561", "scoring_system": "epss", "scoring_elements": "0.91106", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06561", "scoring_system": "epss", "scoring_elements": "0.91114", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06561", "scoring_system": "epss", "scoring_elements": "0.91127", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06561", "scoring_system": "epss", "scoring_elements": "0.91133", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06561", "scoring_system": "epss", "scoring_elements": "0.91141", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06561", "scoring_system": "epss", "scoring_elements": "0.91142", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06561", "scoring_system": "epss", "scoring_elements": "0.91166", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562", "reference_id": "973562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562" }, { "reference_url": "https://security.archlinux.org/ASA-202011-3", "reference_id": "ASA-202011-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-3" }, { "reference_url": "https://security.archlinux.org/AVG-1257", "reference_id": "AVG-1257", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1257" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-28035" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n7ne-unru-7fhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90919?format=api", "vulnerability_id": "VCID-ngkc-cwzj-nbdk", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28033", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01258", "scoring_system": "epss", "scoring_elements": "0.79428", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01258", "scoring_system": "epss", "scoring_elements": "0.79348", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01258", "scoring_system": "epss", "scoring_elements": "0.79355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01258", "scoring_system": "epss", "scoring_elements": "0.79377", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01258", "scoring_system": "epss", "scoring_elements": "0.79363", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01258", "scoring_system": "epss", "scoring_elements": "0.7939", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01258", "scoring_system": "epss", "scoring_elements": "0.79399", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01258", "scoring_system": "epss", "scoring_elements": "0.79422", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01258", "scoring_system": "epss", "scoring_elements": "0.79406", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01258", "scoring_system": "epss", "scoring_elements": "0.79395", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01258", "scoring_system": "epss", "scoring_elements": "0.79427", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01258", "scoring_system": "epss", "scoring_elements": "0.79425", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562", "reference_id": "973562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562" }, { "reference_url": "https://security.archlinux.org/ASA-202011-3", "reference_id": "ASA-202011-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-3" }, { "reference_url": "https://security.archlinux.org/AVG-1257", "reference_id": "AVG-1257", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1257" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-28033" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ngkc-cwzj-nbdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90920?format=api", "vulnerability_id": "VCID-pkjb-8649-fqd2", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.85851", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.85761", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.85774", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.85792", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.85797", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.85816", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.85827", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.85841", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.85838", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.85834", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.85853", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.85857", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562", "reference_id": "973562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562" }, { "reference_url": "https://security.archlinux.org/ASA-202011-3", "reference_id": "ASA-202011-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-3" }, { "reference_url": "https://security.archlinux.org/AVG-1257", "reference_id": "AVG-1257", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1257" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-28034" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pkjb-8649-fqd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90925?format=api", "vulnerability_id": "VCID-psca-f78j-hbc2", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28039", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05996", "scoring_system": "epss", "scoring_elements": "0.90701", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05996", "scoring_system": "epss", "scoring_elements": "0.90642", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05996", "scoring_system": "epss", "scoring_elements": "0.90646", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05996", "scoring_system": "epss", "scoring_elements": "0.90657", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05996", "scoring_system": "epss", "scoring_elements": "0.90665", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05996", "scoring_system": "epss", "scoring_elements": "0.90676", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05996", "scoring_system": "epss", "scoring_elements": "0.90682", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05996", "scoring_system": "epss", "scoring_elements": "0.9069", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05996", "scoring_system": "epss", "scoring_elements": "0.90691", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05996", "scoring_system": "epss", "scoring_elements": "0.90687", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05996", "scoring_system": "epss", "scoring_elements": "0.90706", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05996", "scoring_system": "epss", "scoring_elements": "0.90703", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562", "reference_id": "973562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562" }, { "reference_url": "https://security.archlinux.org/ASA-202011-3", "reference_id": "ASA-202011-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-3" }, { "reference_url": "https://security.archlinux.org/AVG-1257", "reference_id": "AVG-1257", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1257" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-28039" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-psca-f78j-hbc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79748?format=api", "vulnerability_id": "VCID-pyzc-scrd-bufa", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80576", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80583", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80605", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80598", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80625", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80635", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80651", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80638", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.8063", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80659", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80661", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80663", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11027", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11027" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11028", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11028" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11029", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11029" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959391", "reference_id": "959391", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959391" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036920?format=api", "purl": "pkg:deb/debian/wordpress@4.7.5%2Bdfsg-2%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-1z8j-st48-qkgn" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6ejh-nyh8-gqar" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-7twj-axjh-rudj" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-8rfd-k93s-qycc" }, { "vulnerability": "VCID-9166-twpv-u3a9" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-b8ex-3tnw-yuh8" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-c62s-z1vc-nubq" }, { "vulnerability": "VCID-cce4-nh1p-f3gn" }, { "vulnerability": "VCID-cwud-1n3k-rfcs" }, { "vulnerability": "VCID-dkht-9n6n-fucn" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e37d-h1k6-sud6" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fcqu-11yk-h3af" }, { "vulnerability": "VCID-fd51-1hat-v3ee" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-ghn9-muv6-17d7" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hkp2-z1em-x3gu" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ng4k-69hk-9ueu" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-ny68-2wje-q3df" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-pz3b-294m-nqfn" }, { "vulnerability": "VCID-q146-rfqv-1ych" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-qu9h-p3s6-8bd2" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-swnk-8ave-bff2" }, { "vulnerability": "VCID-t4fg-hrp7-c7h9" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-u4ef-4sne-tbeg" }, { "vulnerability": "VCID-v2xf-n28d-kfcx" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-x733-wwnx-c7fv" }, { "vulnerability": "VCID-x7aj-4qxd-rkcu" }, { "vulnerability": "VCID-xd4w-ak3v-dybq" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-z8gv-sec9-xbam" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" }, { "vulnerability": "VCID-znb5-qcr5-pqaf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@4.7.5%252Bdfsg-2%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-11025" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pyzc-scrd-bufa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90910?format=api", "vulnerability_id": "VCID-q84d-utmc-g3fn", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25286", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0058", "scoring_system": "epss", "scoring_elements": "0.68824", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0058", "scoring_system": "epss", "scoring_elements": "0.68842", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0058", "scoring_system": "epss", "scoring_elements": "0.68863", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0058", "scoring_system": "epss", "scoring_elements": "0.68843", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0058", "scoring_system": "epss", "scoring_elements": "0.68893", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0058", "scoring_system": "epss", "scoring_elements": "0.68912", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0058", "scoring_system": "epss", "scoring_elements": "0.68934", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0058", "scoring_system": "epss", "scoring_elements": "0.6892", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0058", "scoring_system": "epss", "scoring_elements": "0.68891", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0058", "scoring_system": "epss", "scoring_elements": "0.68932", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0058", "scoring_system": "epss", "scoring_elements": "0.68942", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0058", "scoring_system": "epss", "scoring_elements": "0.68921", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4050" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962685", "reference_id": "962685", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962685" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-25286" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q84d-utmc-g3fn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87288?format=api", "vulnerability_id": "VCID-r4qy-1wa6-t7gh", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05346", "scoring_system": "epss", "scoring_elements": "0.90085", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05346", "scoring_system": "epss", "scoring_elements": "0.90087", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05346", "scoring_system": "epss", "scoring_elements": "0.90029", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05346", "scoring_system": "epss", "scoring_elements": "0.90032", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05346", "scoring_system": "epss", "scoring_elements": "0.90043", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05346", "scoring_system": "epss", "scoring_elements": "0.90048", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05346", "scoring_system": "epss", "scoring_elements": "0.90064", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05346", "scoring_system": "epss", "scoring_elements": "0.90069", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05346", "scoring_system": "epss", "scoring_elements": "0.90078", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05346", "scoring_system": "epss", "scoring_elements": "0.90076", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05346", "scoring_system": "epss", "scoring_elements": "0.9007", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17672" }, { "reference_url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/8" }, { "reference_url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/" }, { "reference_url": "https://wpvulndb.com/vulnerabilities/9910", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wpvulndb.com/vulnerabilities/9910" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4599" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4677" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459", "reference_id": "942459", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17672", "reference_id": "CVE-2019-17672", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17672" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2019-17672" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r4qy-1wa6-t7gh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95357?format=api", "vulnerability_id": "VCID-sszr-mn9y-kkhg", "summary": "WordPress Core, in versions up to 6.0.2, is vulnerable to Authenticated Stored Cross-Site Scripting that can be exploited by users with access to the WordPress post and page editor, typically consisting of Authors, Contributors, and Editors making it possible to inject arbitrary web scripts into posts and pages that execute if the the_meta(); function is called on that page.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4973", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01268", "scoring_system": "epss", "scoring_elements": "0.79503", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01268", "scoring_system": "epss", "scoring_elements": "0.79466", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01268", "scoring_system": "epss", "scoring_elements": "0.79476", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01268", "scoring_system": "epss", "scoring_elements": "0.79498", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01268", "scoring_system": "epss", "scoring_elements": "0.79481", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01268", "scoring_system": "epss", "scoring_elements": "0.79471", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01268", "scoring_system": "epss", "scoring_elements": "0.79501", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01268", "scoring_system": "epss", "scoring_elements": "0.79499", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01268", "scoring_system": "epss", "scoring_elements": "0.79428", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01268", "scoring_system": "epss", "scoring_elements": "0.79451", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01268", "scoring_system": "epss", "scoring_elements": "0.79437", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4973" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4973", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4973" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018863", "reference_id": "1018863", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018863" }, { "reference_url": "https://core.trac.wordpress.org/changeset/53961", "reference_id": "53961", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T12:59:16Z/" } ], "url": "https://core.trac.wordpress.org/changeset/53961" }, { "reference_url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b5582e89-83e6-4898-b9fe-09eddeb5f7ae?source=cve", "reference_id": "b5582e89-83e6-4898-b9fe-09eddeb5f7ae?source=cve", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T12:59:16Z/" } ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b5582e89-83e6-4898-b9fe-09eddeb5f7ae?source=cve" }, { "reference_url": "https://wordpress.org/news/2022/08/wordpress-6-0-2-security-and-maintenance-release/", "reference_id": "wordpress-6-0-2-security-and-maintenance-release", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T12:59:16Z/" } ], "url": "https://wordpress.org/news/2022/08/wordpress-6-0-2-security-and-maintenance-release/" }, { "reference_url": "https://www.wordfence.com/blog/2022/08/wordpress-core-6-0-2-security-maintenance-release-what-you-need-to-know/", "reference_id": "wordpress-core-6-0-2-security-maintenance-release-what-you-need-to-know", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T12:59:16Z/" } ], "url": "https://www.wordfence.com/blog/2022/08/wordpress-core-6-0-2-security-maintenance-release-what-you-need-to-know/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2022-4973" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sszr-mn9y-kkhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90924?format=api", "vulnerability_id": "VCID-tffx-7mmd-gkcf", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28038", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16023", "scoring_system": "epss", "scoring_elements": "0.94794", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.16023", "scoring_system": "epss", "scoring_elements": "0.94745", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.16023", "scoring_system": "epss", "scoring_elements": "0.94754", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.16023", "scoring_system": "epss", "scoring_elements": "0.94758", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.16023", "scoring_system": "epss", "scoring_elements": "0.94759", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.16023", "scoring_system": "epss", "scoring_elements": "0.94768", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.16023", "scoring_system": "epss", "scoring_elements": "0.94773", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.16023", "scoring_system": "epss", "scoring_elements": "0.94776", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.16023", "scoring_system": "epss", "scoring_elements": "0.9478", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.16023", "scoring_system": "epss", "scoring_elements": "0.94781", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.16023", "scoring_system": "epss", "scoring_elements": "0.94789", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.16023", "scoring_system": "epss", "scoring_elements": "0.94792", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562", "reference_id": "973562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562" }, { "reference_url": "https://security.archlinux.org/ASA-202011-3", "reference_id": "ASA-202011-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-3" }, { "reference_url": "https://security.archlinux.org/AVG-1257", "reference_id": "AVG-1257", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1257" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-28038" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tffx-7mmd-gkcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90908?format=api", "vulnerability_id": "VCID-tgfm-2c63-d7dk", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-4049", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05886", "scoring_system": "epss", "scoring_elements": "0.90536", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05886", "scoring_system": "epss", "scoring_elements": "0.9054", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05886", "scoring_system": "epss", "scoring_elements": "0.90551", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05886", "scoring_system": "epss", "scoring_elements": "0.90558", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05886", "scoring_system": "epss", "scoring_elements": "0.9057", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05886", "scoring_system": "epss", "scoring_elements": "0.90576", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05886", "scoring_system": "epss", "scoring_elements": "0.90585", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05886", "scoring_system": "epss", "scoring_elements": "0.90579", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05886", "scoring_system": "epss", "scoring_elements": "0.90597", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05886", "scoring_system": "epss", "scoring_elements": "0.90594", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-4049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4050" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962685", "reference_id": "962685", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962685" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-4049" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tgfm-2c63-d7dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90906?format=api", "vulnerability_id": "VCID-u1fw-ahar-8uc1", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-4047", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05566", "scoring_system": "epss", "scoring_elements": "0.90242", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05566", "scoring_system": "epss", "scoring_elements": "0.90245", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05566", "scoring_system": "epss", "scoring_elements": "0.90258", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05566", "scoring_system": "epss", "scoring_elements": "0.90262", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05566", "scoring_system": "epss", "scoring_elements": "0.90277", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05566", "scoring_system": "epss", "scoring_elements": "0.90284", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05566", "scoring_system": "epss", "scoring_elements": "0.90292", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05566", "scoring_system": "epss", "scoring_elements": "0.90286", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05566", "scoring_system": "epss", "scoring_elements": "0.90302", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05566", "scoring_system": "epss", "scoring_elements": "0.90299", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-4047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4050" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962685", "reference_id": "962685", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962685" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-4047" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u1fw-ahar-8uc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79752?format=api", "vulnerability_id": "VCID-v5s7-vwe3-5bak", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85684", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85697", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85715", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85721", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.8574", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85751", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85766", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85763", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85777", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85782", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85775", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11029" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11027", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11027" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11028", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11028" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11029", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11029" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959391", "reference_id": "959391", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959391" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036920?format=api", "purl": "pkg:deb/debian/wordpress@4.7.5%2Bdfsg-2%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-1z8j-st48-qkgn" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6ejh-nyh8-gqar" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-7twj-axjh-rudj" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-8rfd-k93s-qycc" }, { "vulnerability": "VCID-9166-twpv-u3a9" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-b8ex-3tnw-yuh8" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-c62s-z1vc-nubq" }, { "vulnerability": "VCID-cce4-nh1p-f3gn" }, { "vulnerability": "VCID-cwud-1n3k-rfcs" }, { "vulnerability": "VCID-dkht-9n6n-fucn" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e37d-h1k6-sud6" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fcqu-11yk-h3af" }, { "vulnerability": "VCID-fd51-1hat-v3ee" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-ghn9-muv6-17d7" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hkp2-z1em-x3gu" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ng4k-69hk-9ueu" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-ny68-2wje-q3df" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-pz3b-294m-nqfn" }, { "vulnerability": "VCID-q146-rfqv-1ych" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-qu9h-p3s6-8bd2" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-swnk-8ave-bff2" }, { "vulnerability": "VCID-t4fg-hrp7-c7h9" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-u4ef-4sne-tbeg" }, { "vulnerability": "VCID-v2xf-n28d-kfcx" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-x733-wwnx-c7fv" }, { "vulnerability": "VCID-x7aj-4qxd-rkcu" }, { "vulnerability": "VCID-xd4w-ak3v-dybq" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-z8gv-sec9-xbam" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" }, { "vulnerability": "VCID-znb5-qcr5-pqaf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@4.7.5%252Bdfsg-2%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-11029" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v5s7-vwe3-5bak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95290?format=api", "vulnerability_id": "VCID-v7ph-mtd1-y3e1", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43500", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.7748", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77472", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77452", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77449", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77489", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77487", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77401", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77427", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77407", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77437", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77446", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43504" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022575", "reference_id": "1022575", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022575" }, { "reference_url": "https://wordpress.org/download/", "reference_id": "download", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:06:13Z/" } ], "url": "https://wordpress.org/download/" }, { "reference_url": "https://jvn.jp/en/jp/JVN09409909/index.html", "reference_id": "index.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:06:13Z/" } ], "url": "https://jvn.jp/en/jp/JVN09409909/index.html" }, { "reference_url": "https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/", "reference_id": "wordpress-6-0-3-security-release", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:06:13Z/" } ], "url": "https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2022-43500" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v7ph-mtd1-y3e1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79749?format=api", "vulnerability_id": "VCID-w8w1-e5zu-ffgx", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0441", "scoring_system": "epss", "scoring_elements": "0.88962", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0441", "scoring_system": "epss", "scoring_elements": "0.8897", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0441", "scoring_system": "epss", "scoring_elements": "0.88986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0441", "scoring_system": "epss", "scoring_elements": "0.88989", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0441", "scoring_system": "epss", "scoring_elements": "0.89007", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0441", "scoring_system": "epss", "scoring_elements": "0.89012", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0441", "scoring_system": "epss", "scoring_elements": "0.89024", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0441", "scoring_system": "epss", "scoring_elements": "0.89019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0441", "scoring_system": "epss", "scoring_elements": "0.89017", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0441", "scoring_system": "epss", "scoring_elements": "0.8903", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0441", "scoring_system": "epss", "scoring_elements": "0.89029", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11027", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11027" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11028", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11028" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11029", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11029" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959391", "reference_id": "959391", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959391" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036920?format=api", "purl": "pkg:deb/debian/wordpress@4.7.5%2Bdfsg-2%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-1z8j-st48-qkgn" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6ejh-nyh8-gqar" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-7twj-axjh-rudj" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-8rfd-k93s-qycc" }, { "vulnerability": "VCID-9166-twpv-u3a9" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-b8ex-3tnw-yuh8" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-c62s-z1vc-nubq" }, { "vulnerability": "VCID-cce4-nh1p-f3gn" }, { "vulnerability": "VCID-cwud-1n3k-rfcs" }, { "vulnerability": "VCID-dkht-9n6n-fucn" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e37d-h1k6-sud6" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fcqu-11yk-h3af" }, { "vulnerability": "VCID-fd51-1hat-v3ee" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-ghn9-muv6-17d7" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hkp2-z1em-x3gu" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ng4k-69hk-9ueu" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-ny68-2wje-q3df" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-pz3b-294m-nqfn" }, { "vulnerability": "VCID-q146-rfqv-1ych" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-qu9h-p3s6-8bd2" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-swnk-8ave-bff2" }, { "vulnerability": "VCID-t4fg-hrp7-c7h9" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-u4ef-4sne-tbeg" }, { "vulnerability": "VCID-v2xf-n28d-kfcx" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-x733-wwnx-c7fv" }, { "vulnerability": "VCID-x7aj-4qxd-rkcu" }, { "vulnerability": "VCID-xd4w-ak3v-dybq" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-z8gv-sec9-xbam" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" }, { "vulnerability": "VCID-znb5-qcr5-pqaf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@4.7.5%252Bdfsg-2%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-11026" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w8w1-e5zu-ffgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79751?format=api", "vulnerability_id": "VCID-wenb-bpws-mkar", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11028", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76293", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76296", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76327", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76306", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76339", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76352", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76379", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76357", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76392", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76399", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76383", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11028" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11027", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11027" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11028", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11028" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11029", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11029" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959391", "reference_id": "959391", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959391" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036920?format=api", "purl": "pkg:deb/debian/wordpress@4.7.5%2Bdfsg-2%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-1z8j-st48-qkgn" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6ejh-nyh8-gqar" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-7twj-axjh-rudj" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-8rfd-k93s-qycc" }, { "vulnerability": "VCID-9166-twpv-u3a9" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-b8ex-3tnw-yuh8" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-c62s-z1vc-nubq" }, { "vulnerability": "VCID-cce4-nh1p-f3gn" }, { "vulnerability": "VCID-cwud-1n3k-rfcs" }, { "vulnerability": "VCID-dkht-9n6n-fucn" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e37d-h1k6-sud6" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fcqu-11yk-h3af" }, { "vulnerability": "VCID-fd51-1hat-v3ee" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-ghn9-muv6-17d7" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hkp2-z1em-x3gu" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ng4k-69hk-9ueu" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-ny68-2wje-q3df" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-pz3b-294m-nqfn" }, { "vulnerability": "VCID-q146-rfqv-1ych" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-qu9h-p3s6-8bd2" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-swnk-8ave-bff2" }, { "vulnerability": "VCID-t4fg-hrp7-c7h9" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-u4ef-4sne-tbeg" }, { "vulnerability": "VCID-v2xf-n28d-kfcx" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-x733-wwnx-c7fv" }, { "vulnerability": "VCID-x7aj-4qxd-rkcu" }, { "vulnerability": "VCID-xd4w-ak3v-dybq" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-z8gv-sec9-xbam" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" }, { "vulnerability": "VCID-znb5-qcr5-pqaf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@4.7.5%252Bdfsg-2%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-11028" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wenb-bpws-mkar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95686?format=api", "vulnerability_id": "VCID-xfxs-pjex-3bh3", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00895", "scoring_system": "epss", "scoring_elements": "0.75544", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00895", "scoring_system": "epss", "scoring_elements": "0.75574", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00895", "scoring_system": "epss", "scoring_elements": "0.75553", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00895", "scoring_system": "epss", "scoring_elements": "0.75587", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00895", "scoring_system": "epss", "scoring_elements": "0.75598", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00895", "scoring_system": "epss", "scoring_elements": "0.75623", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00895", "scoring_system": "epss", "scoring_elements": "0.75604", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00895", "scoring_system": "epss", "scoring_elements": "0.75635", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00895", "scoring_system": "epss", "scoring_elements": "0.75639", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00895", "scoring_system": "epss", "scoring_elements": "0.75624", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31210", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31210" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2023-39999" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xfxs-pjex-3bh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90978?format=api", "vulnerability_id": "VCID-xzu6-fn31-43ej", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14241", "scoring_system": "epss", "scoring_elements": "0.94363", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.14241", "scoring_system": "epss", "scoring_elements": "0.94373", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.14241", "scoring_system": "epss", "scoring_elements": "0.94374", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14241", "scoring_system": "epss", "scoring_elements": "0.94384", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14241", "scoring_system": "epss", "scoring_elements": "0.94388", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14241", "scoring_system": "epss", "scoring_elements": "0.94391", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.14241", "scoring_system": "epss", "scoring_elements": "0.94392", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.14241", "scoring_system": "epss", "scoring_elements": "0.94393", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14241", "scoring_system": "epss", "scoring_elements": "0.94408", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.14241", "scoring_system": "epss", "scoring_elements": "0.94413", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.14241", "scoring_system": "epss", "scoring_elements": "0.94416", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21661", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21661" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21664", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21664" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003243", "reference_id": "1003243", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003243" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/", "reference_id": "CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4UNEC63UU5GEU47IIR4RMTZAHNEOJG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/", "reference_id": "DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DM6XPH3JN6V4NF4WBOJTOXZIVE6VKKE3/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5039", "reference_id": "dsa-5039", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:20Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5039" }, { "reference_url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-699q-3hj9-889w", "reference_id": "GHSA-699q-3hj9-889w", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:20Z/" } ], "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-699q-3hj9-889w" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00019.html", "reference_id": "msg00019.html", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:20Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00019.html" }, { "reference_url": "https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/", "reference_id": "wordpress-5-8-3-security-release", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:20Z/" } ], "url": "https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2022-21662" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xzu6-fn31-43ej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90923?format=api", "vulnerability_id": "VCID-zmhc-4gku-13ga", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28037", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1273", "scoring_system": "epss", "scoring_elements": "0.9402", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.1273", "scoring_system": "epss", "scoring_elements": "0.93961", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.1273", "scoring_system": "epss", "scoring_elements": "0.9397", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.1273", "scoring_system": "epss", "scoring_elements": "0.93979", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.1273", "scoring_system": "epss", "scoring_elements": "0.93982", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.1273", "scoring_system": "epss", "scoring_elements": "0.93991", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.1273", "scoring_system": "epss", "scoring_elements": "0.93994", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.1273", "scoring_system": "epss", "scoring_elements": "0.93999", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.1273", "scoring_system": "epss", "scoring_elements": "0.93998", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.1273", "scoring_system": "epss", "scoring_elements": "0.94014", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.1273", "scoring_system": "epss", "scoring_elements": "0.94019", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28040" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562", "reference_id": "973562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973562" }, { "reference_url": "https://security.archlinux.org/ASA-202011-3", "reference_id": "ASA-202011-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-3" }, { "reference_url": "https://security.archlinux.org/AVG-1257", "reference_id": "AVG-1257", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1257" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037851?format=api", "purl": "pkg:deb/debian/wordpress@5.0.15%2Bdfsg1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1by8-54pr-ubcw" }, { "vulnerability": "VCID-1j31-f88g-kfe7" }, { "vulnerability": "VCID-1tw6-axgs-f3hy" }, { "vulnerability": "VCID-2gqt-ngbw-xyby" }, { "vulnerability": "VCID-2jgs-b7r7-zygv" }, { "vulnerability": "VCID-3171-8hu9-4uev" }, { "vulnerability": "VCID-3572-tc84-pyhv" }, { "vulnerability": "VCID-3veg-k8v2-tyhr" }, { "vulnerability": "VCID-47fm-x1rg-vbct" }, { "vulnerability": "VCID-47he-853j-8qdn" }, { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-4ty5-fp9a-8qhg" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-5698-c229-bqc9" }, { "vulnerability": "VCID-6j54-w242-hfce" }, { "vulnerability": "VCID-722f-e2hf-xyc9" }, { "vulnerability": "VCID-767p-btpd-tudb" }, { "vulnerability": "VCID-8mat-2mjd-7fgm" }, { "vulnerability": "VCID-92fa-nrxb-e3gj" }, { "vulnerability": "VCID-98e3-ffna-jfbs" }, { "vulnerability": "VCID-agpu-husf-6be4" }, { "vulnerability": "VCID-ajrt-bhrw-k7an" }, { "vulnerability": "VCID-aup2-49ee-jkdf" }, { "vulnerability": "VCID-azsx-2ydf-zyag" }, { "vulnerability": "VCID-azyj-28v6-ufhg" }, { "vulnerability": "VCID-bb3n-jh6p-vfhm" }, { "vulnerability": "VCID-c2ta-7w7f-kbed" }, { "vulnerability": "VCID-dzgs-vwe3-fub1" }, { "vulnerability": "VCID-e8zy-mzdn-g7gz" }, { "vulnerability": "VCID-ejtq-a5ca-ffbu" }, { "vulnerability": "VCID-fpwa-74w6-mugt" }, { "vulnerability": "VCID-fra3-hye6-kqh7" }, { "vulnerability": "VCID-fuma-nkmd-zkc1" }, { "vulnerability": "VCID-gy54-apzn-7kef" }, { "vulnerability": "VCID-h5up-s13c-2ygg" }, { "vulnerability": "VCID-h97y-a92u-2fay" }, { "vulnerability": "VCID-hndb-7b4f-7bbw" }, { "vulnerability": "VCID-htec-cnsd-4ke4" }, { "vulnerability": "VCID-htr5-ugyh-7yaz" }, { "vulnerability": "VCID-jjjw-sspg-q3c3" }, { "vulnerability": "VCID-k52x-fa57-hkfk" }, { "vulnerability": "VCID-kk83-bnn5-tuar" }, { "vulnerability": "VCID-kn9s-5v5u-d3fj" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-n7ne-unru-7fhn" }, { "vulnerability": "VCID-ngkc-cwzj-nbdk" }, { "vulnerability": "VCID-pkjb-8649-fqd2" }, { "vulnerability": "VCID-psca-f78j-hbc2" }, { "vulnerability": "VCID-pyzc-scrd-bufa" }, { "vulnerability": "VCID-q84d-utmc-g3fn" }, { "vulnerability": "VCID-r4qy-1wa6-t7gh" }, { "vulnerability": "VCID-sszr-mn9y-kkhg" }, { "vulnerability": "VCID-tffx-7mmd-gkcf" }, { "vulnerability": "VCID-tgfm-2c63-d7dk" }, { "vulnerability": "VCID-u1fw-ahar-8uc1" }, { "vulnerability": "VCID-v5s7-vwe3-5bak" }, { "vulnerability": "VCID-v7ph-mtd1-y3e1" }, { "vulnerability": "VCID-w8w1-e5zu-ffgx" }, { "vulnerability": "VCID-wenb-bpws-mkar" }, { "vulnerability": "VCID-xfxs-pjex-3bh3" }, { "vulnerability": "VCID-xzu6-fn31-43ej" }, { "vulnerability": "VCID-zj9a-shru-e7gs" }, { "vulnerability": "VCID-zmhc-4gku-13ga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.0.15%252Bdfsg1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995232?format=api", "purl": "pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g2n-5v12-yuff" }, { "vulnerability": "VCID-532z-9qbb-dyfw" }, { "vulnerability": "VCID-gyaq-8pvh-p7gg" }, { "vulnerability": "VCID-jghn-eujf-zbdn" }, { "vulnerability": "VCID-m8mf-t2td-67h7" }, { "vulnerability": "VCID-yqam-kpce-dfg7" }, { "vulnerability": "VCID-zj9a-shru-e7gs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" } ], "aliases": [ "CVE-2020-28037" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zmhc-4gku-13ga" } ], "risk_score": "3.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1" }