Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-fmzc-gyam-akdt
Vulnerability ID VCID-fmzc-gyam-akdt
Aliases CVE-2009-2335
Summary wordpress: multiple vulnerabilities
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.85338 https://api.first.org/data/v1/epss?cve=CVE-2009-2335
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2335.json
https://api.first.org/data/v1/epss?cve=CVE-2009-2335
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2335
510745 https://bugzilla.redhat.com/show_bug.cgi?id=510745
536724 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536724
CVE-2009-2335;OSVDB-55713 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17702.rb
Data source Exploit-DB
Date added Aug. 20, 2011
Description WordPress Plugin Block-Spam-By-Math-Reloaded - Bypass
Ransomware campaign use Unknown
Source publication date Aug. 20, 2011
Exploit type webapps
Platform php
Source update date Aug. 20, 2011
Data source Metasploit
Description WordPress Authentication Brute Force and User Enumeration Utility
Note 
{}
Ransomware campaign use Unknown
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/http/wordpress_login_enum.rb
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.99377
EPSS Score 0.85338
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T10:16:34.115051+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2335.json 38.6.0