System	Score	Found at
epss	0.05476	https://api.first.org/data/v1/epss?cve=CVE-2015-3440
epss	0.05476	https://api.first.org/data/v1/epss?cve=CVE-2015-3440
epss	0.05476	https://api.first.org/data/v1/epss?cve=CVE-2015-3440
epss	0.05476	https://api.first.org/data/v1/epss?cve=CVE-2015-3440
epss	0.05476	https://api.first.org/data/v1/epss?cve=CVE-2015-3440
epss	0.05823	https://api.first.org/data/v1/epss?cve=CVE-2015-3440
epss	0.05823	https://api.first.org/data/v1/epss?cve=CVE-2015-3440
epss	0.05823	https://api.first.org/data/v1/epss?cve=CVE-2015-3440
epss	0.05823	https://api.first.org/data/v1/epss?cve=CVE-2015-3440
epss	0.05823	https://api.first.org/data/v1/epss?cve=CVE-2015-3440
epss	0.05823	https://api.first.org/data/v1/epss?cve=CVE-2015-3440
epss	0.05823	https://api.first.org/data/v1/epss?cve=CVE-2015-3440
epss	0.05823	https://api.first.org/data/v1/epss?cve=CVE-2015-3440

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2015-3440
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3438
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3439
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3440
783554		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783554
OSVDB-121320;CVE-2015-3440	Exploit	http://klikki.fi/adv/wordpress2.html
OSVDB-121320;CVE-2015-3440	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/36844.txt

Data source	Exploit-DB
Date added	April 27, 2015
Description	WordPress Core 4.2 - Persistent Cross-Site Scripting
Ransomware campaign use	Known
Source publication date	April 27, 2015
Exploit type	webapps
Platform	php
Source update date	May 4, 2017
Source URL	http://klikki.fi/adv/wordpress2.html

There are no known vectors.

Percentile	0.89893
EPSS Score	0.05476
Published At	Aug. 1, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T09:55:47.436946+00:00	Debian Oval Importer	Import	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	37.0.0