VulnerableCode Package Details - pkg:deb/debian/wordpress@1.5.2-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6vg6-xewr-ryfv	Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.	CVE-2005-2612
VCID-ar2m-eryr-hba4	WordPress before 1.5.2 allows remote attackers to obtain sensitive information via a direct request to (1) wp-includes/vars.php, (2) wp-content/plugins/hello.php, (3) wp-admin/upgrade-functions.php, (4) wp-admin/edit-form.php, (5) wp-settings.php, and (6) wp-admin/edit-form-comment.php, which leaks the path in an error message related to undefined functions or failed includes. NOTE: the wp-admin/menu-header.php vector is already covered by CVE-2005-2110. NOTE: the vars.php, edit-form.php, wp-settings.php, and edit-form-comment.php vectors were also reported to affect WordPress 2.0.1.	CVE-2005-4463

Vulnerability

Summary

Aliases

VCID-6vg6-xewr-ryfv

Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.

CVE-2005-2612

VCID-ar2m-eryr-hba4

WordPress before 1.5.2 allows remote attackers to obtain sensitive information via a direct request to (1) wp-includes/vars.php, (2) wp-content/plugins/hello.php, (3) wp-admin/upgrade-functions.php, (4) wp-admin/edit-form.php, (5) wp-settings.php, and (6) wp-admin/edit-form-comment.php, which leaks the path in an error message related to undefined functions or failed includes. NOTE: the wp-admin/menu-header.php vector is already covered by CVE-2005-2110. NOTE: the vars.php, edit-form.php, wp-settings.php, and edit-form-comment.php vectors were also reported to affect WordPress 2.0.1.

CVE-2005-4463

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:27:51.137613+00:00	Debian Importer	Fixing	VCID-ar2m-eryr-hba4	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:09:04.303194+00:00	Debian Importer	Fixing	VCID-6vg6-xewr-ryfv	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:31:57.089690+00:00	Debian Importer	Fixing	VCID-ar2m-eryr-hba4	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:18:31.920971+00:00	Debian Importer	Fixing	VCID-6vg6-xewr-ryfv	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:57:46.011881+00:00	Debian Importer	Fixing	VCID-ar2m-eryr-hba4	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:57:45.924752+00:00	Debian Importer	Fixing	VCID-6vg6-xewr-ryfv	https://security-tracker.debian.org/tracker/data/json	38.1.0