Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/wordpress@4.6.1%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/wordpress@4.6.1%2Bdfsg-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-6cda-2819-puhp security update CVE-2016-7168
VCID-d6e4-71uw-xyeb The wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a get_plugin_data call before checking the update_plugins capability, which allows remote authenticated users to bypass intended read-access restrictions via the plugin parameter to wp-admin/admin-ajax.php, a related issue to CVE-2016-6896. CVE-2016-10148
VCID-rcvm-b2u5-43dc Cross-site request forgery (CSRF) vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 allows remote attackers to hijack the authentication of subscribers for /dev/random read operations by leveraging a late call to the check_ajax_referer function, a related issue to CVE-2016-6896. CVE-2016-6897
VCID-ujms-xfg5-77e8 Directory traversal vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress 4.5.3 allows remote authenticated users to cause a denial of service or read certain text files via a .. (dot dot) in the plugin parameter to wp-admin/admin-ajax.php, as demonstrated by /dev/random read operations that deplete the entropy pool. CVE-2016-6896
VCID-zyqs-75ad-8kcd security update CVE-2016-7169

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T11:50:49.162716+00:00 Debian Importer Fixing VCID-ujms-xfg5-77e8 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:21:51.989176+00:00 Debian Importer Fixing VCID-zyqs-75ad-8kcd https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:15:55.362778+00:00 Debian Importer Fixing VCID-6cda-2819-puhp https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:39:29.893663+00:00 Debian Importer Fixing VCID-rcvm-b2u5-43dc https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:53:53.579504+00:00 Debian Importer Fixing VCID-d6e4-71uw-xyeb https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T08:05:10.598085+00:00 Debian Importer Fixing VCID-ujms-xfg5-77e8 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:58:52.758716+00:00 Debian Importer Fixing VCID-zyqs-75ad-8kcd https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:54:18.522462+00:00 Debian Importer Fixing VCID-6cda-2819-puhp https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:25:39.346195+00:00 Debian Importer Fixing VCID-rcvm-b2u5-43dc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:58:15.695217+00:00 Debian Importer Fixing VCID-d6e4-71uw-xyeb https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:57:55.363425+00:00 Debian Importer Fixing VCID-zyqs-75ad-8kcd https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:55.322445+00:00 Debian Importer Fixing VCID-6cda-2819-puhp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:55.277455+00:00 Debian Importer Fixing VCID-rcvm-b2u5-43dc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:55.229820+00:00 Debian Importer Fixing VCID-ujms-xfg5-77e8 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:54.525178+00:00 Debian Importer Fixing VCID-d6e4-71uw-xyeb https://security-tracker.debian.org/tracker/data/json 38.1.0