Search for packages
| purl | pkg:deb/debian/wordpress@3.0.4%2Bdfsg-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-5d4e-5ngu-mfgy | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via HTML input. |
CVE-2010-2230
GHSA-3gm8-32vv-q8mp |
| VCID-y1em-tppz-7qew | Multiple cross-site scripting (XSS) vulnerabilities in KSES, as used in WordPress before 3.0.4, allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the & (ampersand) character, (2) the case of an attribute name, (3) a padded entity, and (4) an entity that is not in normalized form. |
CVE-2010-4536
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T13:12:01.580198+00:00 | Debian Importer | Fixing | VCID-5d4e-5ngu-mfgy | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T10:44:25.187827+00:00 | Debian Importer | Fixing | VCID-y1em-tppz-7qew | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T09:05:03.410577+00:00 | Debian Importer | Fixing | VCID-5d4e-5ngu-mfgy | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T07:15:45.259865+00:00 | Debian Importer | Fixing | VCID-y1em-tppz-7qew | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:57:50.305966+00:00 | Debian Importer | Fixing | VCID-y1em-tppz-7qew | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:57:50.214880+00:00 | Debian Importer | Fixing | VCID-5d4e-5ngu-mfgy | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |