Search for vulnerabilities
| Vulnerability ID | VCID-5pv4-ff9z-r3hp |
| Aliases |
CVE-2006-6808
|
| Summary | WordPress is vulnerable to SQL injection, information disclosure, and cross-site scripting attacks. |
| Status | Published |
| Exploitability | None |
| Weighted Severity | None |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| There are no known CWE. |
| Data source | Exploit-DB |
|---|---|
| Date added | Dec. 27, 2006 |
| Description | WordPress Core 1.x/2.0.x - 'template.php' HTML Injection |
| Ransomware campaign use | Known |
| Source publication date | Dec. 27, 2006 |
| Exploit type | webapps |
| Platform | php |
| Source update date | Nov. 1, 2013 |
| Source URL | https://www.securityfocus.com/bid/21782/info |
| Exploitability (E) | Access Vector (AV) | Access Complexity (AC) | Authentication (Au) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
|---|---|---|---|---|---|---|
high functional unproven proof_of_concept not_defined |
local adjacent_network network |
high medium low |
multiple single none |
none partial complete |
none partial complete |
none partial complete |
| Percentile | 0.87519 |
| EPSS Score | 0.03483 |
| Published At | April 1, 2026, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-04-01T13:14:51.677935+00:00 | Gentoo Importer | Import | https://security.gentoo.org/glsa/200701-10 | 38.0.0 |