Search for vulnerabilities
Vulnerability details: VCID-bumz-hzxr-aqg1
Vulnerability ID VCID-bumz-hzxr-aqg1
Aliases CVE-2017-1001000
Summary
Status Published
Exploitability 2.0
Weighted Severity 0.7
Risk 1.4
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.79728 https://api.first.org/data/v1/epss?cve=CVE-2017-1001000
epss 0.79728 https://api.first.org/data/v1/epss?cve=CVE-2017-1001000
epss 0.79728 https://api.first.org/data/v1/epss?cve=CVE-2017-1001000
epss 0.79728 https://api.first.org/data/v1/epss?cve=CVE-2017-1001000
epss 0.79728 https://api.first.org/data/v1/epss?cve=CVE-2017-1001000
epss 0.79728 https://api.first.org/data/v1/epss?cve=CVE-2017-1001000
epss 0.79728 https://api.first.org/data/v1/epss?cve=CVE-2017-1001000
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2017-1001000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1001000
Data source Metasploit
Description This module exploits a content injection vulnerability in WordPress versions 4.7 and 4.7.1 via type juggling in the REST API.
Note 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
Ransomware campaign use Unknown
Source publication date Feb. 1, 2017
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/http/wordpress_content_injection.rb
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.99042
EPSS Score 0.79728
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T11:56:36.704414+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 37.0.0