{"url":"http://public2.vulnerablecode.io/api/packages/942967?format=json","purl":"pkg:deb/debian/wordpress@2.8.3-1?distro=trixie","type":"deb","namespace":"debian","name":"wordpress","version":"2.8.3-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.8.3-2","latest_non_vulnerable_version":"6.9.4+dfsg1-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88123?format=json","vulnerability_id":"VCID-4cs6-n1vc-13cd","summary":"wordpress: multiple vulnerabilities","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2336.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2336.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2336","reference_id":"","reference_type":"","scores":[{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84671","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84686","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84706","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84708","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.8473","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84737","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84755","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84751","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84745","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84766","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84768","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84793","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84802","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02303","scoring_system":"epss","scoring_elements":"0.84818","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2336"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2336","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2336"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=510745","reference_id":"510745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=510745"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536724","reference_id":"536724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942967?format=json","purl":"pkg:deb/debian/wordpress@2.8.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.8.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2336"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4cs6-n1vc-13cd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88121?format=json","vulnerability_id":"VCID-7wx9-apzc-qqar","summary":"wordpress: multiple vulnerabilities","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2334.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2334.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2334","reference_id":"","reference_type":"","scores":[{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93825","published_at":"2026-04-01T12:55:00Z"},{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93834","published_at":"2026-04-02T12:55:00Z"},{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93844","published_at":"2026-04-04T12:55:00Z"},{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93847","published_at":"2026-04-07T12:55:00Z"},{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93855","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93859","published_at":"2026-04-09T12:55:00Z"},{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93864","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93886","published_at":"2026-04-16T12:55:00Z"},{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93892","published_at":"2026-04-18T12:55:00Z"},{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93893","published_at":"2026-04-26T12:55:00Z"},{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93895","published_at":"2026-04-24T12:55:00Z"},{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93891","published_at":"2026-04-29T12:55:00Z"},{"value":"0.12303","scoring_system":"epss","scoring_elements":"0.93901","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2334"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=510745","reference_id":"510745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=510745"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536724","reference_id":"536724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536724"},{"reference_url":"http://corelabs.coresecurity.com/index.php?action=view&type=advisory&name=WordPress_Privileges_Unchecked","reference_id":"CVE-2009-2334;OSVDB-55712","reference_type":"exploit","scores":[],"url":"http://corelabs.coresecurity.com/index.php?action=view&type=advisory&name=WordPress_Privileges_Unchecked"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/9110.txt","reference_id":"CVE-2009-2334;OSVDB-55712","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/9110.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942967?format=json","purl":"pkg:deb/debian/wordpress@2.8.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.8.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2334"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7wx9-apzc-qqar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91949?format=json","vulnerability_id":"VCID-8n5j-65xk-wqbp","summary":"Wordpress before 2.8.3 does not check capabilities for certain actions, which allows remote attackers to make unauthorized edits or additions via a direct request to (1) edit-comments.php, (2) edit-pages.php, (3) edit.php, (4) edit-category-form.php, (5) edit-link-category-form.php, (6) edit-tag-form.php, (7) export.php, (8) import.php, or (9) link-add.php in wp-admin/.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2854","reference_id":"","reference_type":"","scores":[{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80499","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80506","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80528","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80517","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80547","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80556","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80574","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80561","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80553","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80581","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80583","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80586","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80612","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80615","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01415","scoring_system":"epss","scoring_elements":"0.80631","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01911","scoring_system":"epss","scoring_elements":"0.8339","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2854"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942967?format=json","purl":"pkg:deb/debian/wordpress@2.8.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.8.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2854"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8n5j-65xk-wqbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91948?format=json","vulnerability_id":"VCID-ajbz-j6qz-vua9","summary":"Wordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.php, and (8) edit-tag-form.php in wp-admin/.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2853","reference_id":"","reference_type":"","scores":[{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.78843","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.7885","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.78878","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.78861","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.78886","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.78892","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.78916","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.789","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.7889","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.78919","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.78914","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.78944","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.78951","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.78968","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01198","scoring_system":"epss","scoring_elements":"0.78983","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2853"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942967?format=json","purl":"pkg:deb/debian/wordpress@2.8.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.8.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2853"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ajbz-j6qz-vua9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91898?format=json","vulnerability_id":"VCID-b4h4-1gys-uqcc","summary":"wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the application, and possibly cause a denial of service (application outage), via a direct request.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-6767","reference_id":"","reference_type":"","scores":[{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72855","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72863","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72883","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72858","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72895","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72909","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72934","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72917","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72911","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72952","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72962","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72955","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72996","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.73006","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.73003","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.72997","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-6767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6767"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531736","reference_id":"531736","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531736"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942967?format=json","purl":"pkg:deb/debian/wordpress@2.8.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.8.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2008-6767"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b4h4-1gys-uqcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91897?format=json","vulnerability_id":"VCID-qj5d-cu2t-efah","summary":"Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-6762","reference_id":"","reference_type":"","scores":[{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52108","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52152","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52179","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52143","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52197","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52193","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52244","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52228","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52214","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52252","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52256","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52239","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52187","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52194","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52158","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52104","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-6762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6762"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531736","reference_id":"531736","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531736"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942967?format=json","purl":"pkg:deb/debian/wordpress@2.8.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.8.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2008-6762"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qj5d-cu2t-efah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88124?format=json","vulnerability_id":"VCID-uymd-e4m2-muem","summary":"wordpress: multiple vulnerabilities","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2431.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2431.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2431","reference_id":"","reference_type":"","scores":[{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78748","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78755","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78786","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78769","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78794","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78802","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78825","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78808","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78799","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78827","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78822","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.7885","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78856","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78873","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01187","scoring_system":"epss","scoring_elements":"0.78891","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2431"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2431","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2431"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=510745","reference_id":"510745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=510745"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537146","reference_id":"537146","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537146"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942967?format=json","purl":"pkg:deb/debian/wordpress@2.8.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.8.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2431"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uymd-e4m2-muem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88213?format=json","vulnerability_id":"VCID-xsz3-bme6-ubfn","summary":"WordPress: XSS via unescaped HTML URLs as author comments in the admin page","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2851.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2851.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2851","reference_id":"","reference_type":"","scores":[{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86477","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86487","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86506","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86505","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86525","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86535","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.8655","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86547","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86541","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86556","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86561","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86554","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86573","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86582","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.8658","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02987","scoring_system":"epss","scoring_elements":"0.86602","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2851"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=512900","reference_id":"512900","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=512900"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/9250.sh","reference_id":"CVE-2009-2851;OSVDB-56193","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/9250.sh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942967?format=json","purl":"pkg:deb/debian/wordpress@2.8.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.8.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2851"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xsz3-bme6-ubfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88125?format=json","vulnerability_id":"VCID-ymp4-217x-6ub4","summary":"wordpress: multiple vulnerabilities","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2432.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2432.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2432","reference_id":"","reference_type":"","scores":[{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.7769","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77697","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77725","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77708","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77736","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77741","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77767","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77751","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.7775","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77787","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77785","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77779","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77811","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.7782","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77835","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01072","scoring_system":"epss","scoring_elements":"0.77846","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2432","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2432"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=510745","reference_id":"510745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=510745"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537146","reference_id":"537146","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537146"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942967?format=json","purl":"pkg:deb/debian/wordpress@2.8.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.8.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2432"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ymp4-217x-6ub4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88122?format=json","vulnerability_id":"VCID-ztfv-xfxe-kket","summary":"wordpress: multiple vulnerabilities","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2335.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2335.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2335","reference_id":"","reference_type":"","scores":[{"value":"0.85338","scoring_system":"epss","scoring_elements":"0.99356","published_at":"2026-04-01T12:55:00Z"},{"value":"0.85338","scoring_system":"epss","scoring_elements":"0.99357","published_at":"2026-04-02T12:55:00Z"},{"value":"0.85338","scoring_system":"epss","scoring_elements":"0.99359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.85338","scoring_system":"epss","scoring_elements":"0.9936","published_at":"2026-04-07T12:55:00Z"},{"value":"0.85338","scoring_system":"epss","scoring_elements":"0.99362","published_at":"2026-04-09T12:55:00Z"},{"value":"0.85338","scoring_system":"epss","scoring_elements":"0.99363","published_at":"2026-04-11T12:55:00Z"},{"value":"0.85338","scoring_system":"epss","scoring_elements":"0.99364","published_at":"2026-04-13T12:55:00Z"},{"value":"0.85338","scoring_system":"epss","scoring_elements":"0.99367","published_at":"2026-04-18T12:55:00Z"},{"value":"0.85338","scoring_system":"epss","scoring_elements":"0.99366","published_at":"2026-04-21T12:55:00Z"},{"value":"0.85338","scoring_system":"epss","scoring_elements":"0.99369","published_at":"2026-04-26T12:55:00Z"},{"value":"0.85338","scoring_system":"epss","scoring_elements":"0.99368","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2335"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=510745","reference_id":"510745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=510745"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536724","reference_id":"536724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536724"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17702.rb","reference_id":"CVE-2009-2335;OSVDB-55713","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17702.rb"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942967?format=json","purl":"pkg:deb/debian/wordpress@2.8.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.8.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2335"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ztfv-xfxe-kket"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.8.3-1%3Fdistro=trixie"}