Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/wordpress@5.5.3%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/wordpress@5.5.3%2Bdfsg1-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (10)
Vulnerability Summary Aliases
VCID-92fa-nrxb-e3gj security update CVE-2020-28032
VCID-fra3-hye6-kqh7 Insecure Deserialization of untrusted data in rmccue/requests ### Impact Unserialization of untrusted data. ### Patches The issue has been patched and users of `Requests` 1.6.0, 1.6.1 and 1.7.0 should update to version 1.8.0. ### References Publications about the vulnerability: * https://dannewitz.ninja/posts/php-unserialize-object-injection-yet-another-stars-rating-wordpress * https://github.com/ambionics/phpggc/issues/52 * https://blog.detectify.com/2019/07/23/improving-wordpress-plugin-security/ * https://i.blackhat.com/us-18/Thu-August-9/us-18-Thomas-Its-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-Know-It.pdf * https://cdn2.hubspot.net/hubfs/3853213/us-18-Thomas-It%27s-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-....pdf * https://2018.zeronights.ru/wp-content/uploads/materials/9%20ZN2018%20WV%20-%20PHP%20unserialize.pdf * https://medium.com/@knownsec404team/extend-the-attack-surface-of-php-deserialization-vulnerability-via-phar-d6455c6a1066#3c0f Originally fixed in WordPress 5.5.2: * https://github.com/WordPress/wordpress-develop/commit/add6bedf3a53b647d0ebda2970057912d3cd79d3 * https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/ Related Security Advisories: * https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-28032 * https://nvd.nist.gov/vuln/detail/CVE-2020-28032 Notification to the Requests repo including a fix in: * https://github.com/rmccue/Requests/pull/421 and * https://github.com/rmccue/Requests/pull/422 ### For more information If you have any questions or comments about this advisory: * Open an issue in [Request](https://github.com/WordPress/Requests/) CVE-2021-29476
GHSA-52qp-jpq7-6c54
VCID-gy54-apzn-7kef security update CVE-2020-28036
VCID-h97y-a92u-2fay security update CVE-2020-28040
VCID-n7ne-unru-7fhn security update CVE-2020-28035
VCID-ngkc-cwzj-nbdk security update CVE-2020-28033
VCID-pkjb-8649-fqd2 security update CVE-2020-28034
VCID-psca-f78j-hbc2 security update CVE-2020-28039
VCID-tffx-7mmd-gkcf security update CVE-2020-28038
VCID-zmhc-4gku-13ga security update CVE-2020-28037

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:28:15.059398+00:00 Debian Importer Fixing VCID-pkjb-8649-fqd2 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T13:22:19.829930+00:00 Debian Importer Fixing VCID-gy54-apzn-7kef https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T13:18:31.268552+00:00 Debian Importer Fixing VCID-psca-f78j-hbc2 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:50:23.376827+00:00 Debian Importer Fixing VCID-ngkc-cwzj-nbdk https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:04:27.243757+00:00 Debian Importer Fixing VCID-92fa-nrxb-e3gj https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:59:12.312174+00:00 Debian Importer Fixing VCID-fra3-hye6-kqh7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:36:02.156260+00:00 Debian Importer Fixing VCID-h97y-a92u-2fay https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:56:50.824655+00:00 Debian Importer Fixing VCID-tffx-7mmd-gkcf https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:31:56.249399+00:00 Debian Importer Fixing VCID-zmhc-4gku-13ga https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:08:57.538398+00:00 Debian Importer Fixing VCID-n7ne-unru-7fhn https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:17:42.547219+00:00 Debian Importer Fixing VCID-pkjb-8649-fqd2 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T09:13:07.283348+00:00 Debian Importer Fixing VCID-gy54-apzn-7kef https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T09:10:07.636714+00:00 Debian Importer Fixing VCID-psca-f78j-hbc2 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:48:40.833344+00:00 Debian Importer Fixing VCID-ngkc-cwzj-nbdk https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:15:01.967409+00:00 Debian Importer Fixing VCID-92fa-nrxb-e3gj https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:11:03.875839+00:00 Debian Importer Fixing VCID-fra3-hye6-kqh7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:54:30.306341+00:00 Debian Importer Fixing VCID-h97y-a92u-2fay https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:25:26.844750+00:00 Debian Importer Fixing VCID-tffx-7mmd-gkcf https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:06:34.210167+00:00 Debian Importer Fixing VCID-zmhc-4gku-13ga https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:07:33.168577+00:00 Debian Importer Fixing VCID-n7ne-unru-7fhn https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:58:00.161677+00:00 Debian Importer Fixing VCID-fra3-hye6-kqh7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:59.783447+00:00 Debian Importer Fixing VCID-h97y-a92u-2fay https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:59.734315+00:00 Debian Importer Fixing VCID-psca-f78j-hbc2 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:59.685455+00:00 Debian Importer Fixing VCID-tffx-7mmd-gkcf https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:59.637044+00:00 Debian Importer Fixing VCID-zmhc-4gku-13ga https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:59.588417+00:00 Debian Importer Fixing VCID-gy54-apzn-7kef https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:59.540064+00:00 Debian Importer Fixing VCID-n7ne-unru-7fhn https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:59.491309+00:00 Debian Importer Fixing VCID-pkjb-8649-fqd2 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:59.442069+00:00 Debian Importer Fixing VCID-ngkc-cwzj-nbdk https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:57:59.393314+00:00 Debian Importer Fixing VCID-92fa-nrxb-e3gj https://security-tracker.debian.org/tracker/data/json 38.1.0