Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-htr5-ugyh-7yaz
Vulnerability ID VCID-htr5-ugyh-7yaz
Aliases CVE-2021-29447
Summary security update
Status Published
Exploitability 2.0
Weighted Severity 6.2
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.89975 https://api.first.org/data/v1/epss?cve=CVE-2021-29447
epss 0.89975 https://api.first.org/data/v1/epss?cve=CVE-2021-29447
epss 0.89975 https://api.first.org/data/v1/epss?cve=CVE-2021-29447
epss 0.89975 https://api.first.org/data/v1/epss?cve=CVE-2021-29447
epss 0.89975 https://api.first.org/data/v1/epss?cve=CVE-2021-29447
archlinux Medium https://security.archlinux.org/AVG-1831
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2021-29447
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29447
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29450
AVG-1831 https://security.archlinux.org/AVG-1831
CVE-2021-29447 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50304.sh
Data source Exploit-DB
Date added Sept. 20, 2021
Description WordPress 5.7 - 'Media Library' XML External Entity Injection (XXE) (Authenticated)
Ransomware campaign use Unknown
Source publication date Sept. 20, 2021
Exploit type webapps
Platform php
Source update date Sept. 20, 2021
Exploit Prediction Scoring System (EPSS)
Percentile 0.99576
EPSS Score 0.89975
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T16:21:53.567073+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.0.0