Search for vulnerabilities
Vulnerability details: VCID-q4xy-rtns-2yde
Vulnerability ID VCID-q4xy-rtns-2yde
Aliases CVE-2014-5266
Summary security update
Status Published
Exploitability 2.0
Weighted Severity 0.7
Risk 1.4
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
epss 0.72764 https://api.first.org/data/v1/epss?cve=CVE-2014-5266
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2014-5266
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5205
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5240
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5265
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5266
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5267
757312 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757312
Data source Metasploit
Description Wordpress XMLRPC parsing is vulnerable to a XML based denial of service. This vulnerability affects Wordpress 3.5 - 3.9.2 (3.8.4 and 3.7.4 are also patched).
Note 
Stability:
  - crash-service-down
SideEffects: []
Reliability: []
Ransomware campaign use Unknown
Source publication date Aug. 6, 2014
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/dos/http/wordpress_xmlrpc_dos.rb
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.98712
EPSS Score 0.72764
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T09:52:03.889086+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 37.0.0