VulnerableCode Package Details - pkg:deb/debian/wordpress@5.4.2%2Bdfsg1-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1by8-54pr-ubcw	In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. When affected posts are viewed by a higher privileged user, this could lead to script execution in the editor/wp-admin. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).	CVE-2020-4046
VCID-azsx-2ydf-zyag	security update	CVE-2020-4050
VCID-kk83-bnn5-tuar	security update	CVE-2020-4048
VCID-q84d-utmc-g3fn	security update	CVE-2020-25286
VCID-tgfm-2c63-d7dk	security update	CVE-2020-4049
VCID-u1fw-ahar-8uc1	security update	CVE-2020-4047

Vulnerability

Summary

Aliases

VCID-1by8-54pr-ubcw

In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. When affected posts are viewed by a higher privileged user, this could lead to script execution in the editor/wp-admin. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).

CVE-2020-4046

VCID-azsx-2ydf-zyag

security update

CVE-2020-4050

VCID-kk83-bnn5-tuar

security update

CVE-2020-4048

VCID-q84d-utmc-g3fn

security update

CVE-2020-25286

VCID-tgfm-2c63-d7dk

security update

CVE-2020-4049

VCID-u1fw-ahar-8uc1

security update

CVE-2020-4047

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:15:19.036037+00:00	Debian Importer	Fixing	VCID-azsx-2ydf-zyag	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:48:38.800910+00:00	Debian Importer	Fixing	VCID-1by8-54pr-ubcw	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:07:11.329053+00:00	Debian Importer	Fixing	VCID-kk83-bnn5-tuar	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:10:37.380058+00:00	Debian Importer	Fixing	VCID-q84d-utmc-g3fn	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:53:52.233763+00:00	Debian Importer	Fixing	VCID-tgfm-2c63-d7dk	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:24:17.104821+00:00	Debian Importer	Fixing	VCID-u1fw-ahar-8uc1	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:07:39.263445+00:00	Debian Importer	Fixing	VCID-azsx-2ydf-zyag	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:47:19.300686+00:00	Debian Importer	Fixing	VCID-1by8-54pr-ubcw	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:17:12.085690+00:00	Debian Importer	Fixing	VCID-kk83-bnn5-tuar	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:35:49.427068+00:00	Debian Importer	Fixing	VCID-q84d-utmc-g3fn	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:23:06.677784+00:00	Debian Importer	Fixing	VCID-tgfm-2c63-d7dk	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:00:53.843458+00:00	Debian Importer	Fixing	VCID-u1fw-ahar-8uc1	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:58:00.023048+00:00	Debian Importer	Fixing	VCID-azsx-2ydf-zyag	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:57:59.975349+00:00	Debian Importer	Fixing	VCID-tgfm-2c63-d7dk	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:57:59.927509+00:00	Debian Importer	Fixing	VCID-kk83-bnn5-tuar	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:57:59.879915+00:00	Debian Importer	Fixing	VCID-u1fw-ahar-8uc1	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:57:59.831594+00:00	Debian Importer	Fixing	VCID-1by8-54pr-ubcw	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:57:59.342700+00:00	Debian Importer	Fixing	VCID-q84d-utmc-g3fn	https://security-tracker.debian.org/tracker/data/json	38.1.0