Search for packages
| purl | pkg:deb/debian/wordpress@3.4.2%2Bdfsg-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-4h9a-f492-cqgx | wp-admin/plugins.php in WordPress before 3.4.2, when the multisite feature is enabled, does not check for network-administrator privileges before performing a network-wide activation of an installed plugin, which might allow remote authenticated users to make unintended plugin changes by leveraging the Administrator role. |
CVE-2012-4422
|
| VCID-e1ud-yfqb-4kca | The create_post function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not perform a capability check, which allows remote authenticated users to bypass intended access restrictions and publish new posts by leveraging the Contributor role and using the Atom Publishing Protocol (aka AtomPub) feature. |
CVE-2012-4421
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T13:18:45.343982+00:00 | Debian Importer | Fixing | VCID-4h9a-f492-cqgx | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T12:24:21.882103+00:00 | Debian Importer | Fixing | VCID-e1ud-yfqb-4kca | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T09:10:19.461155+00:00 | Debian Importer | Fixing | VCID-4h9a-f492-cqgx | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T08:29:27.537878+00:00 | Debian Importer | Fixing | VCID-e1ud-yfqb-4kca | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:57:51.729435+00:00 | Debian Importer | Fixing | VCID-4h9a-f492-cqgx | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:57:51.688502+00:00 | Debian Importer | Fixing | VCID-e1ud-yfqb-4kca | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |