Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/wordpress@3.5.1%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/wordpress@3.5.1%2Bdfsg-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-juwh-zmez-dfhy Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used in WordPress before 3.5.1 and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. CVE-2013-0237
VCID-nrq5-a7qq-mucd Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) gallery shortcodes or (2) the content of a post. CVE-2013-0236
VCID-p4r5-fz39-hkej The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, related to a Server-Side Request Forgery (SSRF) issue. CVE-2013-0235
VCID-y2jb-7zbk-27cg Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function. CVE-2012-3414

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T12:52:41.436098+00:00 Debian Importer Fixing VCID-y2jb-7zbk-27cg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:30:04.092262+00:00 Debian Importer Fixing VCID-p4r5-fz39-hkej https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:11:59.207754+00:00 Debian Importer Fixing VCID-juwh-zmez-dfhy https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:39:41.742502+00:00 Debian Importer Fixing VCID-nrq5-a7qq-mucd https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T08:50:26.613365+00:00 Debian Importer Fixing VCID-y2jb-7zbk-27cg https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:50:18.825146+00:00 Debian Importer Fixing VCID-p4r5-fz39-hkej https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:51:20.445010+00:00 Debian Importer Fixing VCID-juwh-zmez-dfhy https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:49:21.136048+00:00 Debian Importer Fixing VCID-nrq5-a7qq-mucd https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:57:52.162598+00:00 Debian Importer Fixing VCID-juwh-zmez-dfhy https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:52.113509+00:00 Debian Importer Fixing VCID-nrq5-a7qq-mucd https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:52.063470+00:00 Debian Importer Fixing VCID-p4r5-fz39-hkej https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:51.643293+00:00 Debian Importer Fixing VCID-y2jb-7zbk-27cg https://security-tracker.debian.org/tracker/data/json 38.1.0