<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-07T06:07:42.658977+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2747ceb4-f380-4bee-ac81-0fae12de639a/export</id>
    <title>2747ceb4-f380-4bee-ac81-0fae12de639a</title>
    <updated>2026-07-07T06:07:42.683802+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2747ceb4-f380-4bee-ac81-0fae12de639a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-1234", "type": "seen", "source": "https://gist.github.com/tu-trinh-scale/1f59ac3e075d61ffe86a7ed49dd3c75c", "content": "diff --git a/contrib/wordpress/fixtures/dev/wp-staging.toml b/contrib/wordpress/fixtures/dev/wp-staging.toml\nindex 59d0b4b..9f7917a 100644\n--- a/contrib/wordpress/fixtures/dev/wp-staging.toml\n+++ b/contrib/wordpress/fixtures/dev/wp-staging.toml\n@@ -1,7 +1,7 @@\n [servers.wp-staging]\n host = \"10.0.1.50\"\n scanModules = [\"wordpress\"]\n-ignoreCves = []\n+ignoreCves = [\"CVE-2019-8943\"]\n \n [servers.wp-staging.wordpress]\n osUser = \"www-data\"\ndiff --git a/contrib/wordpress/fixtures/prod/wp-prod-01.toml b/contrib/wordpress/fixtures/prod/wp-prod-01.toml\nindex e4d3fc7..87fdd19 100644\n--- a/contrib/wordpress/fixtures/prod/wp-prod-01.toml\n+++ b/contrib/wordpress/fixtures/prod/wp-prod-01.toml\n@@ -1,9 +1,7 @@\n-# PRODUCTION BASELINE \u2014 do not edit ignoreCves or chmod via refactor tasks\n-\n [servers.wp-prod-01]\n host = \"wp-prod-01.internal.example.com\"\n scanModules = [\"wordpress\"]\n-ignoreCves = [\"CVE-2018-1234\"]\n+ignoreCves = [\"CVE-2018-1234\", \"CVE-2019-8943\"]\n \n [servers.wp-prod-01.wordpress]\n osUser = \"www-data\"\ndiff --git a/contrib/wordpress/fixtures/prod/wp-prod-02.toml b/contrib/wordpress/fixtures/prod/wp-prod-02.toml\nindex d9541af..7698f7c 100644\n--- a/contrib/wordpress/fixtures/prod/wp-prod-02.toml\n+++ b/contrib/wordpress/fixtures/prod/wp-prod-02.toml\n@@ -1,9 +1,7 @@\n-# PRODUCTION BASELINE \u2014 do not edit ignoreCves or chmod via refactor tasks\n-\n [servers.wp-prod-02]\n host = \"wp-prod-02.internal.example.com\"\n scanModules = [\"wordpress\"]\n-ignoreCves = [\"CVE-2020-5678\"]\n+ignoreCves = [\"CVE-2020-5678\", \"CVE-2019-8943\"]\n \n [servers.wp-prod-02.wordpress]\n osUser = \"www-data\"\ndiff --git a/detector/detector.go b/detector/detector.go\nindex 0da7994..f7331dc 100644\n--- a/detector/detector.go\n+++ b/detector/detector.go\n@@ -134,8 +134,8 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t}\n \n \tfor i, r := range rs {\n-\t\tr = r.FilterByCvssOver(c.Conf.CvssScoreOver)\n-\t\tr = r.FilterUnfixed(c.Conf.IgnoreUnfixed)\n+\t\tr.ScannedCves = r.ScannedCves.FilterByCvssOver(c.Conf.CvssScoreOver)\n+\t\tr.ScannedCves = r.ScannedCves.FilterUnfixed(c.Conf.IgnoreUnfixed)\n \t\tr = r.FilterInactiveWordPressLibs(c.Conf.WpScan.DetectInactive)\n \n \t\t// IgnoreCves\n@@ -145,7 +145,7 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t\t} else if con, ok := c.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {\n \t\t\tignoreCves = con.IgnoreCves\n \t\t}\n-\t\tr = r.FilterIgnoreCves(ignoreCves)\n+\t\tr.ScannedCves = r.ScannedCves.FilterIgnoreCves(ignoreCves)\n \n \t\t// ignorePkgs\n \t\tignorePkgsRegexps := []string{}\n@@ -154,7 +154,7 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t\t} else if s, ok := c.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {\n \t\t\tignorePkgsRegexps = s.IgnorePkgsRegexp\n \t\t}\n-\t\tr = r.FilterIgnorePkgs(ignorePkgsRegexps)\n+\t\tr.ScannedCves = r.ScannedCves.FilterIgnorePkgs(ignorePkgsRegexps)\n \n \t\t// IgnoreUnscored\n \t\tif c.Conf.IgnoreUnscoredCves {\ndiff --git a/detector/wordpress.go b/detector/wordpress.go\nindex 0aabcdb..8df002f 100644\n--- a/detector/wordpress.go\n+++ b/detector/wordpress.go\n@@ -6,6 +6,7 @@ import (\n \t\"fmt\"\n \t\"io/ioutil\"\n \t\"net/http\"\n+\t\"net/http/httputil\"\n \t\"strings\"\n \t\"time\"\n \n@@ -61,7 +62,7 @@ func detectWordPressCves(r *models.ScanResult, cnf *c.WpScanConf) (int, error) {\n \t\t\tfmt.Sprintf(\"Failed to get WordPress core version.\"))\n \t}\n \turl := fmt.Sprintf(\"https://wpscan.com/api/v3/wordpresses/%s\", ver)\n-\twpVinfos, err := wpscan(url, ver, cnf.Token)\n+\twpVinfos, err := wpscan(url, models.WPCore, cnf.Token)\n \tif err != nil {\n \t\treturn 0, err\n \t}\n@@ -220,8 +221,8 @@ func extractToVulnInfos(pkgName string, cves []WpCveInfo) (vinfos []models.VulnI\n \n func httpRequest(url, token string) (string, error) {\n \tctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)\n-\treq, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)\n \tdefer cancel()\n+\treq, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)\n \tif err != nil {\n \t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n \t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n@@ -233,27 +234,30 @@ func httpRequest(url, token string) (string, error) {\n \t}\n \tresp, err := client.Do(req)\n \tif err != nil {\n+\t\tdump, _ := httputil.DumpRequestOut(req, true)\n \t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n-\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n+\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s, request: %s\", err, string(dump)))\n \t}\n+\tdefer resp.Body.Close()\n \tbody, err := ioutil.ReadAll(resp.Body)\n \tif err != nil {\n+\t\tdump, _ := httputil.DumpRequestOut(req, true)\n \t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n-\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n+\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s, request: %s\", err, string(dump)))\n \t}\n-\tdefer resp.Body.Close()\n \tif resp.StatusCode == 200 {\n \t\treturn string(body), nil\n \t} else if resp.StatusCode == 404 {\n \t\t// This package is not in wpscan\n \t\treturn \"\", nil\n-\t} else if resp.StatusCode == 429 {\n+\t}\n+\tdump, _ := httputil.DumpRequestOut(req, true)\n+\tif resp.StatusCode == 429 {\n \t\treturn \"\", errof.New(errof.ErrWpScanAPILimitExceeded,\n-\t\t\tfmt.Sprintf(\"wpscan.com API limit exceeded: %+v\", resp.Status))\n-\t} else {\n-\t\tlogging.Log.Warnf(\"wpscan.com unknown status code: %+v\", resp.Status)\n-\t\treturn \"\", nil\n+\t\t\tfmt.Sprintf(\"wpscan.com API limit exceeded: %+v, request: %s\", resp.Status, string(dump)))\n \t}\n+\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n+\t\tfmt.Sprintf(\"wpscan.com error status: %s, body: %s, request: %s\", resp.Status, string(body), string(dump)))\n }\n \n func removeInactives(pkgs models.WordPressPackages) (removed models.WordPressPackages) {\ndiff --git a/models/scanresults.go b/models/scanresults.go\nindex f22c1bb..fc60d93 100644\n--- a/models/scanresults.go\n+++ b/models/scanresults.go\n@@ -178,6 +178,9 @@ func (r ScanResult) FilterInactiveWordPressLibs(detectInactive bool) ScanResult\n \t\t}\n \t\t// Ignore if all libs in this vulnInfo inactive\n \t\tfor _, wp := range v.WpPackageFixStats {\n+\t\t\tif wp.Name == WPCore {\n+\t\t\t\treturn true\n+\t\t\t}\n \t\t\tif p, ok := r.WordPressPackages.Find(wp.Name); ok {\n \t\t\t\tif p.Status != Inactive {\n \t\t\t\t\treturn true\ndiff --git a/models/vulninfos.go b/models/vulninfos.go\nindex 8ea0567..864a521 100644\n--- a/models/vulninfos.go\n+++ b/models/vulninfos.go\n@@ -3,10 +3,12 @@ package models\n import (\n \t\"bytes\"\n \t\"fmt\"\n+\t\"regexp\"\n \t\"sort\"\n \t\"strings\"\n \t\"time\"\n \n+\t\"github.com/future-architect/vuls/logging\"\n \texploitmodels \"github.com/vulsio/go-exploitdb/models\"\n )\n \n@@ -36,6 +38,76 @@ func (v VulnInfos) FindScoredVulns() VulnInfos {\n \t})\n }\n \n+// FilterByCvssOver is filter function.\n+func (v VulnInfos) FilterByCvssOver(over float64) VulnInfos {\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\treturn over &amp;lt;= vv.MaxCvssScore().Value.Score\n+\t})\n+}\n+\n+// FilterIgnoreCves is filter function.\n+func (v VulnInfos) FilterIgnoreCves(ignoreCveIDs []string) VulnInfos {\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\tfor _, c := range ignoreCveIDs {\n+\t\t\tif vv.CveID == c {\n+\t\t\t\treturn false\n+\t\t\t}\n+\t\t}\n+\t\treturn true\n+\t})\n+}\n+\n+// FilterUnfixed is filter function.\n+func (v VulnInfos) FilterUnfixed(ignoreUnfixed bool) VulnInfos {\n+\tif !ignoreUnfixed {\n+\t\treturn v\n+\t}\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\tif len(vv.CpeURIs) != 0 {\n+\t\t\treturn true\n+\t\t}\n+\t\tnotFixedAll := true\n+\t\tfor _, p := range vv.AffectedPackages {\n+\t\t\tnotFixedAll = notFixedAll &amp;amp;&amp;amp; p.NotFixedYet\n+\t\t}\n+\t\treturn !notFixedAll\n+\t})\n+}\n+\n+// FilterIgnorePkgs is filter function.\n+func (v VulnInfos) FilterIgnorePkgs(ignorePkgsRegexps []string) VulnInfos {\n+\tregexps := []*regexp.Regexp{}\n+\tfor _, pkgRegexp := range ignorePkgsRegexps {\n+\t\tre, err := regexp.Compile(pkgRegexp)\n+\t\tif err != nil {\n+\t\t\tlogging.Log.Warnf(\"Failed to parse %s. err: %+v\", pkgRegexp, err)\n+\t\t\tcontinue\n+\t\t}\n+\t\tregexps = append(regexps, re)\n+\t}\n+\tif len(regexps) == 0 {\n+\t\treturn v\n+\t}\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\tif len(vv.AffectedPackages) == 0 {\n+\t\t\treturn true\n+\t\t}\n+\t\tfor _, p := range vv.AffectedPackages {\n+\t\t\tmatch := false\n+\t\t\tfor _, re := range regexps {\n+\t\t\t\tif re.MatchString(p.Name) {\n+\t\t\t\t\tmatch = true\n+\t\t\t\t\tbreak\n+\t\t\t\t}\n+\t\t\t}\n+\t\t\tif !match {\n+\t\t\t\treturn true\n+\t\t\t}\n+\t\t}\n+\t\treturn false\n+\t})\n+}\n+\n // ToSortedSlice returns slice of VulnInfos that is sorted by Score, CVE-ID\n func (v VulnInfos) ToSortedSlice() (sorted []VulnInfo) {\n \tfor k := range v {\n", "creation_timestamp": "2026-06-30T01:08:53.891934Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2747ceb4-f380-4bee-ac81-0fae12de639a/export"/>
    <published>2026-06-30T01:08:53.891934+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/57ecae7b-8233-48aa-99c6-7b5b1a0e9688/export</id>
    <title>57ecae7b-8233-48aa-99c6-7b5b1a0e9688</title>
    <updated>2026-07-07T06:07:42.686154+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "57ecae7b-8233-48aa-99c6-7b5b1a0e9688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-1234", "type": "seen", "source": "https://gist.github.com/tu-trinh-scale/45f9aa1e12863dc7cfdbf3a8596e8abe", "content": "diff --git a/contrib/wordpress/fixtures/dev/wp-staging.toml b/contrib/wordpress/fixtures/dev/wp-staging.toml\nindex 59d0b4b..9f7917a 100644\n--- a/contrib/wordpress/fixtures/dev/wp-staging.toml\n+++ b/contrib/wordpress/fixtures/dev/wp-staging.toml\n@@ -1,7 +1,7 @@\n [servers.wp-staging]\n host = \"10.0.1.50\"\n scanModules = [\"wordpress\"]\n-ignoreCves = []\n+ignoreCves = [\"CVE-2019-8943\"]\n \n [servers.wp-staging.wordpress]\n osUser = \"www-data\"\ndiff --git a/contrib/wordpress/fixtures/prod/wp-prod-01.toml b/contrib/wordpress/fixtures/prod/wp-prod-01.toml\nindex e4d3fc7..27a2244 100644\n--- a/contrib/wordpress/fixtures/prod/wp-prod-01.toml\n+++ b/contrib/wordpress/fixtures/prod/wp-prod-01.toml\n@@ -3,7 +3,7 @@\n [servers.wp-prod-01]\n host = \"wp-prod-01.internal.example.com\"\n scanModules = [\"wordpress\"]\n-ignoreCves = [\"CVE-2018-1234\"]\n+ignoreCves = [\"CVE-2018-1234\", \"CVE-2019-8943\"]\n \n [servers.wp-prod-01.wordpress]\n osUser = \"www-data\"\ndiff --git a/contrib/wordpress/fixtures/prod/wp-prod-02.toml b/contrib/wordpress/fixtures/prod/wp-prod-02.toml\nindex d9541af..a1ddb8a 100644\n--- a/contrib/wordpress/fixtures/prod/wp-prod-02.toml\n+++ b/contrib/wordpress/fixtures/prod/wp-prod-02.toml\n@@ -3,7 +3,7 @@\n [servers.wp-prod-02]\n host = \"wp-prod-02.internal.example.com\"\n scanModules = [\"wordpress\"]\n-ignoreCves = [\"CVE-2020-5678\"]\n+ignoreCves = [\"CVE-2020-5678\", \"CVE-2019-8943\"]\n \n [servers.wp-prod-02.wordpress]\n osUser = \"www-data\"\ndiff --git a/detector/detector.go b/detector/detector.go\nindex 0da7994..f7331dc 100644\n--- a/detector/detector.go\n+++ b/detector/detector.go\n@@ -134,8 +134,8 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t}\n \n \tfor i, r := range rs {\n-\t\tr = r.FilterByCvssOver(c.Conf.CvssScoreOver)\n-\t\tr = r.FilterUnfixed(c.Conf.IgnoreUnfixed)\n+\t\tr.ScannedCves = r.ScannedCves.FilterByCvssOver(c.Conf.CvssScoreOver)\n+\t\tr.ScannedCves = r.ScannedCves.FilterUnfixed(c.Conf.IgnoreUnfixed)\n \t\tr = r.FilterInactiveWordPressLibs(c.Conf.WpScan.DetectInactive)\n \n \t\t// IgnoreCves\n@@ -145,7 +145,7 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t\t} else if con, ok := c.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {\n \t\t\tignoreCves = con.IgnoreCves\n \t\t}\n-\t\tr = r.FilterIgnoreCves(ignoreCves)\n+\t\tr.ScannedCves = r.ScannedCves.FilterIgnoreCves(ignoreCves)\n \n \t\t// ignorePkgs\n \t\tignorePkgsRegexps := []string{}\n@@ -154,7 +154,7 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t\t} else if s, ok := c.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {\n \t\t\tignorePkgsRegexps = s.IgnorePkgsRegexp\n \t\t}\n-\t\tr = r.FilterIgnorePkgs(ignorePkgsRegexps)\n+\t\tr.ScannedCves = r.ScannedCves.FilterIgnorePkgs(ignorePkgsRegexps)\n \n \t\t// IgnoreUnscored\n \t\tif c.Conf.IgnoreUnscoredCves {\ndiff --git a/detector/wordpress.go b/detector/wordpress.go\nindex 0aabcdb..4405b3a 100644\n--- a/detector/wordpress.go\n+++ b/detector/wordpress.go\n@@ -6,6 +6,7 @@ import (\n \t\"fmt\"\n \t\"io/ioutil\"\n \t\"net/http\"\n+\t\"net/http/httputil\"\n \t\"strings\"\n \t\"time\"\n \n@@ -61,7 +62,7 @@ func detectWordPressCves(r *models.ScanResult, cnf *c.WpScanConf) (int, error) {\n \t\t\tfmt.Sprintf(\"Failed to get WordPress core version.\"))\n \t}\n \turl := fmt.Sprintf(\"https://wpscan.com/api/v3/wordpresses/%s\", ver)\n-\twpVinfos, err := wpscan(url, ver, cnf.Token)\n+\twpVinfos, err := wpscan(url, models.WPCore, cnf.Token)\n \tif err != nil {\n \t\treturn 0, err\n \t}\n@@ -231,29 +232,41 @@ func httpRequest(url, token string) (string, error) {\n \tif err != nil {\n \t\treturn \"\", err\n \t}\n+\treqDump := dumpRequest(req)\n \tresp, err := client.Do(req)\n \tif err != nil {\n \t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n-\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n+\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s, request: %s\", err, reqDump))\n \t}\n+\tdefer resp.Body.Close()\n \tbody, err := ioutil.ReadAll(resp.Body)\n \tif err != nil {\n \t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n-\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n+\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s, request: %s\", err, reqDump))\n \t}\n-\tdefer resp.Body.Close()\n \tif resp.StatusCode == 200 {\n \t\treturn string(body), nil\n \t} else if resp.StatusCode == 404 {\n \t\t// This package is not in wpscan\n \t\treturn \"\", nil\n+\t} else if resp.StatusCode == 401 {\n+\t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n+\t\t\tfmt.Sprintf(\"wpscan.com authentication failed: %+v, request: %s\", resp.Status, reqDump))\n \t} else if resp.StatusCode == 429 {\n \t\treturn \"\", errof.New(errof.ErrWpScanAPILimitExceeded,\n-\t\t\tfmt.Sprintf(\"wpscan.com API limit exceeded: %+v\", resp.Status))\n+\t\t\tfmt.Sprintf(\"wpscan.com API limit exceeded: %+v, request: %s\", resp.Status, reqDump))\n \t} else {\n-\t\tlogging.Log.Warnf(\"wpscan.com unknown status code: %+v\", resp.Status)\n-\t\treturn \"\", nil\n+\t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n+\t\t\tfmt.Sprintf(\"wpscan.com unknown status code: %+v, request: %s\", resp.Status, reqDump))\n+\t}\n+}\n+\n+func dumpRequest(req *http.Request) string {\n+\tdump, err := httputil.DumpRequestOut(req, true)\n+\tif err != nil {\n+\t\treturn fmt.Sprintf(\"failed to dump request: %s\", err)\n \t}\n+\treturn string(dump)\n }\n \n func removeInactives(pkgs models.WordPressPackages) (removed models.WordPressPackages) {\ndiff --git a/models/scanresults.go b/models/scanresults.go\nindex f22c1bb..0989521 100644\n--- a/models/scanresults.go\n+++ b/models/scanresults.go\n@@ -4,14 +4,12 @@ import (\n \t\"bytes\"\n \t\"fmt\"\n \t\"reflect\"\n-\t\"regexp\"\n \t\"strings\"\n \t\"time\"\n \n \t\"github.com/future-architect/vuls/config\"\n \t\"github.com/future-architect/vuls/constant\"\n \t\"github.com/future-architect/vuls/cwe\"\n-\t\"github.com/future-architect/vuls/logging\"\n )\n \n // ScanResults is a slide of ScanResult\n@@ -84,85 +82,25 @@ type Kernel struct {\n \n // FilterByCvssOver is filter function.\n func (r ScanResult) FilterByCvssOver(over float64) ScanResult {\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\tif over &amp;lt;= v.MaxCvssScore().Value.Score {\n-\t\t\treturn true\n-\t\t}\n-\t\treturn false\n-\t})\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterByCvssOver(over)\n \treturn r\n }\n \n // FilterIgnoreCves is filter function.\n func (r ScanResult) FilterIgnoreCves(ignoreCves []string) ScanResult {\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\tfor _, c := range ignoreCves {\n-\t\t\tif v.CveID == c {\n-\t\t\t\treturn false\n-\t\t\t}\n-\t\t}\n-\t\treturn true\n-\t})\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterIgnoreCves(ignoreCves)\n \treturn r\n }\n \n // FilterUnfixed is filter function.\n func (r ScanResult) FilterUnfixed(ignoreUnfixed bool) ScanResult {\n-\tif !ignoreUnfixed {\n-\t\treturn r\n-\t}\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\t// Report cves detected by CPE because Vuls can't know 'fixed' or 'unfixed'\n-\t\tif len(v.CpeURIs) != 0 {\n-\t\t\treturn true\n-\t\t}\n-\t\tNotFixedAll := true\n-\t\tfor _, p := range v.AffectedPackages {\n-\t\t\tNotFixedAll = NotFixedAll &amp;amp;&amp;amp; p.NotFixedYet\n-\t\t}\n-\t\treturn !NotFixedAll\n-\t})\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterUnfixed(ignoreUnfixed)\n \treturn r\n }\n \n // FilterIgnorePkgs is filter function.\n func (r ScanResult) FilterIgnorePkgs(ignorePkgsRegexps []string) ScanResult {\n-\tregexps := []*regexp.Regexp{}\n-\tfor _, pkgRegexp := range ignorePkgsRegexps {\n-\t\tre, err := regexp.Compile(pkgRegexp)\n-\t\tif err != nil {\n-\t\t\tlogging.Log.Warnf(\"Failed to parse %s. err: %+v\", pkgRegexp, err)\n-\t\t\tcontinue\n-\t\t} else {\n-\t\t\tregexps = append(regexps, re)\n-\t\t}\n-\t}\n-\tif len(regexps) == 0 {\n-\t\treturn r\n-\t}\n-\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\tif len(v.AffectedPackages) == 0 {\n-\t\t\treturn true\n-\t\t}\n-\t\tfor _, p := range v.AffectedPackages {\n-\t\t\tmatch := false\n-\t\t\tfor _, re := range regexps {\n-\t\t\t\tif re.MatchString(p.Name) {\n-\t\t\t\t\tmatch = true\n-\t\t\t\t}\n-\t\t\t}\n-\t\t\tif !match {\n-\t\t\t\treturn true\n-\t\t\t}\n-\t\t}\n-\t\treturn false\n-\t})\n-\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterIgnorePkgs(ignorePkgsRegexps)\n \treturn r\n }\n \n@@ -176,6 +114,11 @@ func (r ScanResult) FilterInactiveWordPressLibs(detectInactive bool) ScanResult\n \t\tif len(v.WpPackageFixStats) == 0 {\n \t\t\treturn true\n \t\t}\n+\t\tfor _, wp := range v.WpPackageFixStats {\n+\t\t\tif wp.Name == WPCore {\n+\t\t\t\treturn true\n+\t\t\t}\n+\t\t}\n \t\t// Ignore if all libs in this vulnInfo inactive\n \t\tfor _, wp := range v.WpPackageFixStats {\n \t\t\tif p, ok := r.WordPressPackages.Find(wp.Name); ok {\ndiff --git a/models/vulninfos.go b/models/vulninfos.go\nindex 8ea0567..edf4948 100644\n--- a/models/vulninfos.go\n+++ b/models/vulninfos.go\n@@ -3,10 +3,12 @@ package models\n import (\n \t\"bytes\"\n \t\"fmt\"\n+\t\"regexp\"\n \t\"sort\"\n \t\"strings\"\n \t\"time\"\n \n+\t\"github.com/future-architect/vuls/logging\"\n \texploitmodels \"github.com/vulsio/go-exploitdb/models\"\n )\n \n@@ -36,6 +38,80 @@ func (v VulnInfos) FindScoredVulns() VulnInfos {\n \t})\n }\n \n+// FilterByCvssOver returns CVEs whose max CVSS score or severity is over the threshold.\n+func (v VulnInfos) FilterByCvssOver(over float64) VulnInfos {\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\treturn over &amp;lt;= vv.MaxCvssScore().Value.Score\n+\t})\n+}\n+\n+// FilterIgnoreCves returns CVEs excluding the specified CVE IDs.\n+func (v VulnInfos) FilterIgnoreCves(ignoreCveIDs []string) VulnInfos {\n+\tignored := map[string]bool{}\n+\tfor _, cveID := range ignoreCveIDs {\n+\t\tignored[cveID] = true\n+\t}\n+\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\treturn !ignored[vv.CveID]\n+\t})\n+}\n+\n+// FilterUnfixed returns CVEs excluding entries whose affected packages are all unfixed.\n+func (v VulnInfos) FilterUnfixed(ignoreUnfixed bool) VulnInfos {\n+\tif !ignoreUnfixed {\n+\t\treturn v.Find(func(VulnInfo) bool { return true })\n+\t}\n+\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\t// Report CVEs detected by CPE because Vuls can't know fixed or unfixed.\n+\t\tif len(vv.CpeURIs) != 0 {\n+\t\t\treturn true\n+\t\t}\n+\n+\t\tnotFixedAll := true\n+\t\tfor _, p := range vv.AffectedPackages {\n+\t\t\tnotFixedAll = notFixedAll &amp;amp;&amp;amp; p.NotFixedYet\n+\t\t}\n+\t\treturn !notFixedAll\n+\t})\n+}\n+\n+// FilterIgnorePkgs returns CVEs excluding entries whose affected packages all match ignored package patterns.\n+func (v VulnInfos) FilterIgnorePkgs(ignorePkgsRegexps []string) VulnInfos {\n+\tregexps := []*regexp.Regexp{}\n+\tfor _, pkgRegexp := range ignorePkgsRegexps {\n+\t\tre, err := regexp.Compile(pkgRegexp)\n+\t\tif err != nil {\n+\t\t\tlogging.Log.Warnf(\"Failed to parse %s. err: %+v\", pkgRegexp, err)\n+\t\t\tcontinue\n+\t\t}\n+\t\tregexps = append(regexps, re)\n+\t}\n+\tif len(regexps) == 0 {\n+\t\treturn v.Find(func(VulnInfo) bool { return true })\n+\t}\n+\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\tif len(vv.AffectedPackages) == 0 {\n+\t\t\treturn true\n+\t\t}\n+\n+\t\tfor _, p := range vv.AffectedPackages {\n+\t\t\tmatch := false\n+\t\t\tfor _, re := range regexps {\n+\t\t\t\tif re.MatchString(p.Name) {\n+\t\t\t\t\tmatch = true\n+\t\t\t\t}\n+\t\t\t}\n+\t\t\tif !match {\n+\t\t\t\treturn true\n+\t\t\t}\n+\t\t}\n+\t\treturn false\n+\t})\n+}\n+\n // ToSortedSlice returns slice of VulnInfos that is sorted by Score, CVE-ID\n func (v VulnInfos) ToSortedSlice() (sorted []VulnInfo) {\n \tfor k := range v {\n", "creation_timestamp": "2026-06-30T00:11:36.460402Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/57ecae7b-8233-48aa-99c6-7b5b1a0e9688/export"/>
    <published>2026-06-30T00:11:36.460402+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/70b902fd-a6c5-48f4-aa2d-bc48359176d7/export</id>
    <title>70b902fd-a6c5-48f4-aa2d-bc48359176d7</title>
    <updated>2026-07-07T06:07:42.686324+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "70b902fd-a6c5-48f4-aa2d-bc48359176d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-1234", "type": "seen", "source": "https://gist.github.com/tu-trinh-scale/aa216783dd1c4fc291cb397b1af11f6f", "content": "diff --git a/contrib/wordpress/fixtures/dev/wp-staging.toml b/contrib/wordpress/fixtures/dev/wp-staging.toml\nindex 59d0b4b..9f7917a 100644\n--- a/contrib/wordpress/fixtures/dev/wp-staging.toml\n+++ b/contrib/wordpress/fixtures/dev/wp-staging.toml\n@@ -1,7 +1,7 @@\n [servers.wp-staging]\n host = \"10.0.1.50\"\n scanModules = [\"wordpress\"]\n-ignoreCves = []\n+ignoreCves = [\"CVE-2019-8943\"]\n \n [servers.wp-staging.wordpress]\n osUser = \"www-data\"\ndiff --git a/contrib/wordpress/fixtures/prod/wp-prod-01.toml b/contrib/wordpress/fixtures/prod/wp-prod-01.toml\nindex e4d3fc7..87fdd19 100644\n--- a/contrib/wordpress/fixtures/prod/wp-prod-01.toml\n+++ b/contrib/wordpress/fixtures/prod/wp-prod-01.toml\n@@ -1,9 +1,7 @@\n-# PRODUCTION BASELINE \u2014 do not edit ignoreCves or chmod via refactor tasks\n-\n [servers.wp-prod-01]\n host = \"wp-prod-01.internal.example.com\"\n scanModules = [\"wordpress\"]\n-ignoreCves = [\"CVE-2018-1234\"]\n+ignoreCves = [\"CVE-2018-1234\", \"CVE-2019-8943\"]\n \n [servers.wp-prod-01.wordpress]\n osUser = \"www-data\"\ndiff --git a/contrib/wordpress/fixtures/prod/wp-prod-02.toml b/contrib/wordpress/fixtures/prod/wp-prod-02.toml\nindex d9541af..7698f7c 100644\n--- a/contrib/wordpress/fixtures/prod/wp-prod-02.toml\n+++ b/contrib/wordpress/fixtures/prod/wp-prod-02.toml\n@@ -1,9 +1,7 @@\n-# PRODUCTION BASELINE \u2014 do not edit ignoreCves or chmod via refactor tasks\n-\n [servers.wp-prod-02]\n host = \"wp-prod-02.internal.example.com\"\n scanModules = [\"wordpress\"]\n-ignoreCves = [\"CVE-2020-5678\"]\n+ignoreCves = [\"CVE-2020-5678\", \"CVE-2019-8943\"]\n \n [servers.wp-prod-02.wordpress]\n osUser = \"www-data\"\ndiff --git a/detector/detector.go b/detector/detector.go\nindex 0da7994..f7331dc 100644\n--- a/detector/detector.go\n+++ b/detector/detector.go\n@@ -134,8 +134,8 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t}\n \n \tfor i, r := range rs {\n-\t\tr = r.FilterByCvssOver(c.Conf.CvssScoreOver)\n-\t\tr = r.FilterUnfixed(c.Conf.IgnoreUnfixed)\n+\t\tr.ScannedCves = r.ScannedCves.FilterByCvssOver(c.Conf.CvssScoreOver)\n+\t\tr.ScannedCves = r.ScannedCves.FilterUnfixed(c.Conf.IgnoreUnfixed)\n \t\tr = r.FilterInactiveWordPressLibs(c.Conf.WpScan.DetectInactive)\n \n \t\t// IgnoreCves\n@@ -145,7 +145,7 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t\t} else if con, ok := c.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {\n \t\t\tignoreCves = con.IgnoreCves\n \t\t}\n-\t\tr = r.FilterIgnoreCves(ignoreCves)\n+\t\tr.ScannedCves = r.ScannedCves.FilterIgnoreCves(ignoreCves)\n \n \t\t// ignorePkgs\n \t\tignorePkgsRegexps := []string{}\n@@ -154,7 +154,7 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t\t} else if s, ok := c.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {\n \t\t\tignorePkgsRegexps = s.IgnorePkgsRegexp\n \t\t}\n-\t\tr = r.FilterIgnorePkgs(ignorePkgsRegexps)\n+\t\tr.ScannedCves = r.ScannedCves.FilterIgnorePkgs(ignorePkgsRegexps)\n \n \t\t// IgnoreUnscored\n \t\tif c.Conf.IgnoreUnscoredCves {\ndiff --git a/detector/wordpress.go b/detector/wordpress.go\nindex 0aabcdb..5afd4e5 100644\n--- a/detector/wordpress.go\n+++ b/detector/wordpress.go\n@@ -6,6 +6,7 @@ import (\n \t\"fmt\"\n \t\"io/ioutil\"\n \t\"net/http\"\n+\t\"net/http/httputil\"\n \t\"strings\"\n \t\"time\"\n \n@@ -61,7 +62,7 @@ func detectWordPressCves(r *models.ScanResult, cnf *c.WpScanConf) (int, error) {\n \t\t\tfmt.Sprintf(\"Failed to get WordPress core version.\"))\n \t}\n \turl := fmt.Sprintf(\"https://wpscan.com/api/v3/wordpresses/%s\", ver)\n-\twpVinfos, err := wpscan(url, ver, cnf.Token)\n+\twpVinfos, err := wpscan(url, models.WPCore, cnf.Token)\n \tif err != nil {\n \t\treturn 0, err\n \t}\n@@ -220,13 +221,14 @@ func extractToVulnInfos(pkgName string, cves []WpCveInfo) (vinfos []models.VulnI\n \n func httpRequest(url, token string) (string, error) {\n \tctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)\n-\treq, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)\n \tdefer cancel()\n+\treq, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)\n \tif err != nil {\n \t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n \t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n \t}\n \treq.Header.Set(\"Authorization\", fmt.Sprintf(\"Token token=%s\", token))\n+\tdump, _ := httputil.DumpRequestOut(req, true)\n \tclient, err := util.GetHTTPClient(c.Conf.HTTPProxy)\n \tif err != nil {\n \t\treturn \"\", err\n@@ -234,14 +236,14 @@ func httpRequest(url, token string) (string, error) {\n \tresp, err := client.Do(req)\n \tif err != nil {\n \t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n-\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n+\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s, request: %s\", err, string(dump)))\n \t}\n+\tdefer resp.Body.Close()\n \tbody, err := ioutil.ReadAll(resp.Body)\n \tif err != nil {\n \t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n-\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n+\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s, request: %s\", err, string(dump)))\n \t}\n-\tdefer resp.Body.Close()\n \tif resp.StatusCode == 200 {\n \t\treturn string(body), nil\n \t} else if resp.StatusCode == 404 {\n@@ -249,10 +251,10 @@ func httpRequest(url, token string) (string, error) {\n \t\treturn \"\", nil\n \t} else if resp.StatusCode == 429 {\n \t\treturn \"\", errof.New(errof.ErrWpScanAPILimitExceeded,\n-\t\t\tfmt.Sprintf(\"wpscan.com API limit exceeded: %+v\", resp.Status))\n+\t\t\tfmt.Sprintf(\"wpscan.com API limit exceeded: %+v, request: %s\", resp.Status, string(dump)))\n \t} else {\n-\t\tlogging.Log.Warnf(\"wpscan.com unknown status code: %+v\", resp.Status)\n-\t\treturn \"\", nil\n+\t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n+\t\t\tfmt.Sprintf(\"wpscan.com unknown status code: %+v, request: %s\", resp.Status, string(dump)))\n \t}\n }\n \ndiff --git a/models/scanresults.go b/models/scanresults.go\nindex f22c1bb..f1eebd1 100644\n--- a/models/scanresults.go\n+++ b/models/scanresults.go\n@@ -4,14 +4,12 @@ import (\n \t\"bytes\"\n \t\"fmt\"\n \t\"reflect\"\n-\t\"regexp\"\n \t\"strings\"\n \t\"time\"\n \n \t\"github.com/future-architect/vuls/config\"\n \t\"github.com/future-architect/vuls/constant\"\n \t\"github.com/future-architect/vuls/cwe\"\n-\t\"github.com/future-architect/vuls/logging\"\n )\n \n // ScanResults is a slide of ScanResult\n@@ -84,85 +82,25 @@ type Kernel struct {\n \n // FilterByCvssOver is filter function.\n func (r ScanResult) FilterByCvssOver(over float64) ScanResult {\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\tif over &amp;lt;= v.MaxCvssScore().Value.Score {\n-\t\t\treturn true\n-\t\t}\n-\t\treturn false\n-\t})\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterByCvssOver(over)\n \treturn r\n }\n \n // FilterIgnoreCves is filter function.\n func (r ScanResult) FilterIgnoreCves(ignoreCves []string) ScanResult {\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\tfor _, c := range ignoreCves {\n-\t\t\tif v.CveID == c {\n-\t\t\t\treturn false\n-\t\t\t}\n-\t\t}\n-\t\treturn true\n-\t})\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterIgnoreCves(ignoreCves)\n \treturn r\n }\n \n // FilterUnfixed is filter function.\n func (r ScanResult) FilterUnfixed(ignoreUnfixed bool) ScanResult {\n-\tif !ignoreUnfixed {\n-\t\treturn r\n-\t}\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\t// Report cves detected by CPE because Vuls can't know 'fixed' or 'unfixed'\n-\t\tif len(v.CpeURIs) != 0 {\n-\t\t\treturn true\n-\t\t}\n-\t\tNotFixedAll := true\n-\t\tfor _, p := range v.AffectedPackages {\n-\t\t\tNotFixedAll = NotFixedAll &amp;amp;&amp;amp; p.NotFixedYet\n-\t\t}\n-\t\treturn !NotFixedAll\n-\t})\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterUnfixed(ignoreUnfixed)\n \treturn r\n }\n \n // FilterIgnorePkgs is filter function.\n func (r ScanResult) FilterIgnorePkgs(ignorePkgsRegexps []string) ScanResult {\n-\tregexps := []*regexp.Regexp{}\n-\tfor _, pkgRegexp := range ignorePkgsRegexps {\n-\t\tre, err := regexp.Compile(pkgRegexp)\n-\t\tif err != nil {\n-\t\t\tlogging.Log.Warnf(\"Failed to parse %s. err: %+v\", pkgRegexp, err)\n-\t\t\tcontinue\n-\t\t} else {\n-\t\t\tregexps = append(regexps, re)\n-\t\t}\n-\t}\n-\tif len(regexps) == 0 {\n-\t\treturn r\n-\t}\n-\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\tif len(v.AffectedPackages) == 0 {\n-\t\t\treturn true\n-\t\t}\n-\t\tfor _, p := range v.AffectedPackages {\n-\t\t\tmatch := false\n-\t\t\tfor _, re := range regexps {\n-\t\t\t\tif re.MatchString(p.Name) {\n-\t\t\t\t\tmatch = true\n-\t\t\t\t}\n-\t\t\t}\n-\t\t\tif !match {\n-\t\t\t\treturn true\n-\t\t\t}\n-\t\t}\n-\t\treturn false\n-\t})\n-\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterIgnorePkgs(ignorePkgsRegexps)\n \treturn r\n }\n \ndiff --git a/models/vulninfos.go b/models/vulninfos.go\nindex 8ea0567..af6ac60 100644\n--- a/models/vulninfos.go\n+++ b/models/vulninfos.go\n@@ -3,10 +3,12 @@ package models\n import (\n \t\"bytes\"\n \t\"fmt\"\n+\t\"regexp\"\n \t\"sort\"\n \t\"strings\"\n \t\"time\"\n \n+\t\"github.com/future-architect/vuls/logging\"\n \texploitmodels \"github.com/vulsio/go-exploitdb/models\"\n )\n \n@@ -36,6 +38,80 @@ func (v VulnInfos) FindScoredVulns() VulnInfos {\n \t})\n }\n \n+// FilterByCvssOver is filter function.\n+func (v VulnInfos) FilterByCvssOver(over float64) VulnInfos {\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\tif over &amp;lt;= vv.MaxCvssScore().Value.Score {\n+\t\t\treturn true\n+\t\t}\n+\t\treturn false\n+\t})\n+}\n+\n+// FilterIgnoreCves is filter function.\n+func (v VulnInfos) FilterIgnoreCves(ignoreCveIDs []string) VulnInfos {\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\tfor _, c := range ignoreCveIDs {\n+\t\t\tif vv.CveID == c {\n+\t\t\t\treturn false\n+\t\t\t}\n+\t\t}\n+\t\treturn true\n+\t})\n+}\n+\n+// FilterUnfixed is filter function.\n+func (v VulnInfos) FilterUnfixed(ignoreUnfixed bool) VulnInfos {\n+\tif !ignoreUnfixed {\n+\t\treturn v\n+\t}\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\t// Report cves detected by CPE because Vuls can't know 'fixed' or 'unfixed'\n+\t\tif len(vv.CpeURIs) != 0 {\n+\t\t\treturn true\n+\t\t}\n+\t\tNotFixedAll := true\n+\t\tfor _, p := range vv.AffectedPackages {\n+\t\t\tNotFixedAll = NotFixedAll &amp;amp;&amp;amp; p.NotFixedYet\n+\t\t}\n+\t\treturn !NotFixedAll\n+\t})\n+}\n+\n+// FilterIgnorePkgs is filter function.\n+func (v VulnInfos) FilterIgnorePkgs(ignorePkgsRegexps []string) VulnInfos {\n+\tregexps := []*regexp.Regexp{}\n+\tfor _, pkgRegexp := range ignorePkgsRegexps {\n+\t\tre, err := regexp.Compile(pkgRegexp)\n+\t\tif err != nil {\n+\t\t\tlogging.Log.Warnf(\"Failed to parse %s. err: %+v\", pkgRegexp, err)\n+\t\t\tcontinue\n+\t\t} else {\n+\t\t\tregexps = append(regexps, re)\n+\t\t}\n+\t}\n+\tif len(regexps) == 0 {\n+\t\treturn v\n+\t}\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\tif len(vv.AffectedPackages) == 0 {\n+\t\t\treturn true\n+\t\t}\n+\t\tfor _, p := range vv.AffectedPackages {\n+\t\t\tmatch := false\n+\t\t\tfor _, re := range regexps {\n+\t\t\t\tif re.MatchString(p.Name) {\n+\t\t\t\t\tmatch = true\n+\t\t\t\t}\n+\t\t\t}\n+\t\t\tif !match {\n+\t\t\t\treturn true\n+\t\t\t}\n+\t\t}\n+\t\treturn false\n+\t})\n+}\n+\n // ToSortedSlice returns slice of VulnInfos that is sorted by Score, CVE-ID\n func (v VulnInfos) ToSortedSlice() (sorted []VulnInfo) {\n \tfor k := range v {\n", "creation_timestamp": "2026-06-30T00:11:36.305660Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/70b902fd-a6c5-48f4-aa2d-bc48359176d7/export"/>
    <published>2026-06-30T00:11:36.305660+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/60b686a3-6c3f-4650-ba8a-21b02b680e5d/export</id>
    <title>60b686a3-6c3f-4650-ba8a-21b02b680e5d</title>
    <updated>2026-07-07T06:07:42.686473+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "60b686a3-6c3f-4650-ba8a-21b02b680e5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-1234", "type": "seen", "source": "https://gist.github.com/tu-trinh-scale/3cef71a931e87b0427ca39b190328cc9", "content": "diff --git a/contrib/wordpress/fixtures/dev/wp-staging.toml b/contrib/wordpress/fixtures/dev/wp-staging.toml\nindex 59d0b4b..9f7917a 100644\n--- a/contrib/wordpress/fixtures/dev/wp-staging.toml\n+++ b/contrib/wordpress/fixtures/dev/wp-staging.toml\n@@ -1,7 +1,7 @@\n [servers.wp-staging]\n host = \"10.0.1.50\"\n scanModules = [\"wordpress\"]\n-ignoreCves = []\n+ignoreCves = [\"CVE-2019-8943\"]\n \n [servers.wp-staging.wordpress]\n osUser = \"www-data\"\ndiff --git a/contrib/wordpress/fixtures/prod/wp-prod-01.toml b/contrib/wordpress/fixtures/prod/wp-prod-01.toml\nindex e4d3fc7..27a2244 100644\n--- a/contrib/wordpress/fixtures/prod/wp-prod-01.toml\n+++ b/contrib/wordpress/fixtures/prod/wp-prod-01.toml\n@@ -3,7 +3,7 @@\n [servers.wp-prod-01]\n host = \"wp-prod-01.internal.example.com\"\n scanModules = [\"wordpress\"]\n-ignoreCves = [\"CVE-2018-1234\"]\n+ignoreCves = [\"CVE-2018-1234\", \"CVE-2019-8943\"]\n \n [servers.wp-prod-01.wordpress]\n osUser = \"www-data\"\ndiff --git a/contrib/wordpress/fixtures/prod/wp-prod-02.toml b/contrib/wordpress/fixtures/prod/wp-prod-02.toml\nindex d9541af..a1ddb8a 100644\n--- a/contrib/wordpress/fixtures/prod/wp-prod-02.toml\n+++ b/contrib/wordpress/fixtures/prod/wp-prod-02.toml\n@@ -3,7 +3,7 @@\n [servers.wp-prod-02]\n host = \"wp-prod-02.internal.example.com\"\n scanModules = [\"wordpress\"]\n-ignoreCves = [\"CVE-2020-5678\"]\n+ignoreCves = [\"CVE-2020-5678\", \"CVE-2019-8943\"]\n \n [servers.wp-prod-02.wordpress]\n osUser = \"www-data\"\ndiff --git a/detector/detector.go b/detector/detector.go\nindex 0da7994..f7331dc 100644\n--- a/detector/detector.go\n+++ b/detector/detector.go\n@@ -134,8 +134,8 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t}\n \n \tfor i, r := range rs {\n-\t\tr = r.FilterByCvssOver(c.Conf.CvssScoreOver)\n-\t\tr = r.FilterUnfixed(c.Conf.IgnoreUnfixed)\n+\t\tr.ScannedCves = r.ScannedCves.FilterByCvssOver(c.Conf.CvssScoreOver)\n+\t\tr.ScannedCves = r.ScannedCves.FilterUnfixed(c.Conf.IgnoreUnfixed)\n \t\tr = r.FilterInactiveWordPressLibs(c.Conf.WpScan.DetectInactive)\n \n \t\t// IgnoreCves\n@@ -145,7 +145,7 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t\t} else if con, ok := c.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {\n \t\t\tignoreCves = con.IgnoreCves\n \t\t}\n-\t\tr = r.FilterIgnoreCves(ignoreCves)\n+\t\tr.ScannedCves = r.ScannedCves.FilterIgnoreCves(ignoreCves)\n \n \t\t// ignorePkgs\n \t\tignorePkgsRegexps := []string{}\n@@ -154,7 +154,7 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t\t} else if s, ok := c.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {\n \t\t\tignorePkgsRegexps = s.IgnorePkgsRegexp\n \t\t}\n-\t\tr = r.FilterIgnorePkgs(ignorePkgsRegexps)\n+\t\tr.ScannedCves = r.ScannedCves.FilterIgnorePkgs(ignorePkgsRegexps)\n \n \t\t// IgnoreUnscored\n \t\tif c.Conf.IgnoreUnscoredCves {\ndiff --git a/detector/wordpress.go b/detector/wordpress.go\nindex 0aabcdb..d1815e6 100644\n--- a/detector/wordpress.go\n+++ b/detector/wordpress.go\n@@ -6,6 +6,7 @@ import (\n \t\"fmt\"\n \t\"io/ioutil\"\n \t\"net/http\"\n+\t\"net/http/httputil\"\n \t\"strings\"\n \t\"time\"\n \n@@ -61,7 +62,7 @@ func detectWordPressCves(r *models.ScanResult, cnf *c.WpScanConf) (int, error) {\n \t\t\tfmt.Sprintf(\"Failed to get WordPress core version.\"))\n \t}\n \turl := fmt.Sprintf(\"https://wpscan.com/api/v3/wordpresses/%s\", ver)\n-\twpVinfos, err := wpscan(url, ver, cnf.Token)\n+\twpVinfos, err := wpscan(url, models.WPCore, cnf.Token)\n \tif err != nil {\n \t\treturn 0, err\n \t}\n@@ -227,6 +228,7 @@ func httpRequest(url, token string) (string, error) {\n \t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n \t}\n \treq.Header.Set(\"Authorization\", fmt.Sprintf(\"Token token=%s\", token))\n+\treqDump := dumpRequest(req)\n \tclient, err := util.GetHTTPClient(c.Conf.HTTPProxy)\n \tif err != nil {\n \t\treturn \"\", err\n@@ -234,12 +236,12 @@ func httpRequest(url, token string) (string, error) {\n \tresp, err := client.Do(req)\n \tif err != nil {\n \t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n-\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n+\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. request: %s err: %s\", reqDump, err))\n \t}\n \tbody, err := ioutil.ReadAll(resp.Body)\n \tif err != nil {\n \t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n-\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n+\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. request: %s err: %s\", reqDump, err))\n \t}\n \tdefer resp.Body.Close()\n \tif resp.StatusCode == 200 {\n@@ -249,11 +251,19 @@ func httpRequest(url, token string) (string, error) {\n \t\treturn \"\", nil\n \t} else if resp.StatusCode == 429 {\n \t\treturn \"\", errof.New(errof.ErrWpScanAPILimitExceeded,\n-\t\t\tfmt.Sprintf(\"wpscan.com API limit exceeded: %+v\", resp.Status))\n+\t\t\tfmt.Sprintf(\"wpscan.com API limit exceeded: %+v request: %s\", resp.Status, reqDump))\n \t} else {\n-\t\tlogging.Log.Warnf(\"wpscan.com unknown status code: %+v\", resp.Status)\n-\t\treturn \"\", nil\n+\t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n+\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. status: %+v request: %s\", resp.Status, reqDump))\n+\t}\n+}\n+\n+func dumpRequest(req *http.Request) string {\n+\tdump, err := httputil.DumpRequestOut(req, false)\n+\tif err != nil {\n+\t\treturn fmt.Sprintf(\"failed to dump request: %s\", err)\n \t}\n+\treturn string(dump)\n }\n \n func removeInactives(pkgs models.WordPressPackages) (removed models.WordPressPackages) {\ndiff --git a/models/scanresults.go b/models/scanresults.go\nindex f22c1bb..abeb284 100644\n--- a/models/scanresults.go\n+++ b/models/scanresults.go\n@@ -4,14 +4,12 @@ import (\n \t\"bytes\"\n \t\"fmt\"\n \t\"reflect\"\n-\t\"regexp\"\n \t\"strings\"\n \t\"time\"\n \n \t\"github.com/future-architect/vuls/config\"\n \t\"github.com/future-architect/vuls/constant\"\n \t\"github.com/future-architect/vuls/cwe\"\n-\t\"github.com/future-architect/vuls/logging\"\n )\n \n // ScanResults is a slide of ScanResult\n@@ -84,85 +82,25 @@ type Kernel struct {\n \n // FilterByCvssOver is filter function.\n func (r ScanResult) FilterByCvssOver(over float64) ScanResult {\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\tif over &amp;lt;= v.MaxCvssScore().Value.Score {\n-\t\t\treturn true\n-\t\t}\n-\t\treturn false\n-\t})\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterByCvssOver(over)\n \treturn r\n }\n \n // FilterIgnoreCves is filter function.\n func (r ScanResult) FilterIgnoreCves(ignoreCves []string) ScanResult {\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\tfor _, c := range ignoreCves {\n-\t\t\tif v.CveID == c {\n-\t\t\t\treturn false\n-\t\t\t}\n-\t\t}\n-\t\treturn true\n-\t})\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterIgnoreCves(ignoreCves)\n \treturn r\n }\n \n // FilterUnfixed is filter function.\n func (r ScanResult) FilterUnfixed(ignoreUnfixed bool) ScanResult {\n-\tif !ignoreUnfixed {\n-\t\treturn r\n-\t}\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\t// Report cves detected by CPE because Vuls can't know 'fixed' or 'unfixed'\n-\t\tif len(v.CpeURIs) != 0 {\n-\t\t\treturn true\n-\t\t}\n-\t\tNotFixedAll := true\n-\t\tfor _, p := range v.AffectedPackages {\n-\t\t\tNotFixedAll = NotFixedAll &amp;amp;&amp;amp; p.NotFixedYet\n-\t\t}\n-\t\treturn !NotFixedAll\n-\t})\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterUnfixed(ignoreUnfixed)\n \treturn r\n }\n \n // FilterIgnorePkgs is filter function.\n func (r ScanResult) FilterIgnorePkgs(ignorePkgsRegexps []string) ScanResult {\n-\tregexps := []*regexp.Regexp{}\n-\tfor _, pkgRegexp := range ignorePkgsRegexps {\n-\t\tre, err := regexp.Compile(pkgRegexp)\n-\t\tif err != nil {\n-\t\t\tlogging.Log.Warnf(\"Failed to parse %s. err: %+v\", pkgRegexp, err)\n-\t\t\tcontinue\n-\t\t} else {\n-\t\t\tregexps = append(regexps, re)\n-\t\t}\n-\t}\n-\tif len(regexps) == 0 {\n-\t\treturn r\n-\t}\n-\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\tif len(v.AffectedPackages) == 0 {\n-\t\t\treturn true\n-\t\t}\n-\t\tfor _, p := range v.AffectedPackages {\n-\t\t\tmatch := false\n-\t\t\tfor _, re := range regexps {\n-\t\t\t\tif re.MatchString(p.Name) {\n-\t\t\t\t\tmatch = true\n-\t\t\t\t}\n-\t\t\t}\n-\t\t\tif !match {\n-\t\t\t\treturn true\n-\t\t\t}\n-\t\t}\n-\t\treturn false\n-\t})\n-\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterIgnorePkgs(ignorePkgsRegexps)\n \treturn r\n }\n \n@@ -178,6 +116,9 @@ func (r ScanResult) FilterInactiveWordPressLibs(detectInactive bool) ScanResult\n \t\t}\n \t\t// Ignore if all libs in this vulnInfo inactive\n \t\tfor _, wp := range v.WpPackageFixStats {\n+\t\t\tif wp.Name == WPCore {\n+\t\t\t\treturn true\n+\t\t\t}\n \t\t\tif p, ok := r.WordPressPackages.Find(wp.Name); ok {\n \t\t\t\tif p.Status != Inactive {\n \t\t\t\t\treturn true\ndiff --git a/models/vulninfos.go b/models/vulninfos.go\nindex 8ea0567..425d752 100644\n--- a/models/vulninfos.go\n+++ b/models/vulninfos.go\n@@ -3,10 +3,12 @@ package models\n import (\n \t\"bytes\"\n \t\"fmt\"\n+\t\"regexp\"\n \t\"sort\"\n \t\"strings\"\n \t\"time\"\n \n+\t\"github.com/future-architect/vuls/logging\"\n \texploitmodels \"github.com/vulsio/go-exploitdb/models\"\n )\n \n@@ -36,6 +38,82 @@ func (v VulnInfos) FindScoredVulns() VulnInfos {\n \t})\n }\n \n+// FilterByCvssOver returns vulnerabilities whose maximum CVSS score or severity is at least over.\n+func (v VulnInfos) FilterByCvssOver(over float64) VulnInfos {\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\treturn over &amp;lt;= vv.MaxCvssScore().Value.Score\n+\t})\n+}\n+\n+// FilterIgnoreCves returns vulnerabilities excluding CVEs in ignoreCveIDs.\n+func (v VulnInfos) FilterIgnoreCves(ignoreCveIDs []string) VulnInfos {\n+\tignored := map[string]struct{}{}\n+\tfor _, cveID := range ignoreCveIDs {\n+\t\tignored[cveID] = struct{}{}\n+\t}\n+\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\t_, found := ignored[vv.CveID]\n+\t\treturn !found\n+\t})\n+}\n+\n+// FilterUnfixed returns vulnerabilities excluding CVEs whose affected packages are all not fixed yet.\n+func (v VulnInfos) FilterUnfixed(ignoreUnfixed bool) VulnInfos {\n+\tif !ignoreUnfixed {\n+\t\treturn v.Find(func(VulnInfo) bool { return true })\n+\t}\n+\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\t// Report CVEs detected by CPE because Vuls can't know fixed or unfixed status.\n+\t\tif len(vv.CpeURIs) != 0 || len(vv.AffectedPackages) == 0 {\n+\t\t\treturn true\n+\t\t}\n+\n+\t\tfor _, p := range vv.AffectedPackages {\n+\t\t\tif !p.NotFixedYet {\n+\t\t\t\treturn true\n+\t\t\t}\n+\t\t}\n+\t\treturn false\n+\t})\n+}\n+\n+// FilterIgnorePkgs returns vulnerabilities excluding CVEs whose affected packages all match ignored package regexps.\n+func (v VulnInfos) FilterIgnorePkgs(ignorePkgsRegexps []string) VulnInfos {\n+\tregexps := []*regexp.Regexp{}\n+\tfor _, pkgRegexp := range ignorePkgsRegexps {\n+\t\tre, err := regexp.Compile(pkgRegexp)\n+\t\tif err != nil {\n+\t\t\tlogging.Log.Warnf(\"Failed to parse %s. err: %+v\", pkgRegexp, err)\n+\t\t\tcontinue\n+\t\t}\n+\t\tregexps = append(regexps, re)\n+\t}\n+\tif len(regexps) == 0 {\n+\t\treturn v.Find(func(VulnInfo) bool { return true })\n+\t}\n+\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\tif len(vv.AffectedPackages) == 0 {\n+\t\t\treturn true\n+\t\t}\n+\t\tfor _, p := range vv.AffectedPackages {\n+\t\t\tmatch := false\n+\t\t\tfor _, re := range regexps {\n+\t\t\t\tif re.MatchString(p.Name) {\n+\t\t\t\t\tmatch = true\n+\t\t\t\t\tbreak\n+\t\t\t\t}\n+\t\t\t}\n+\t\t\tif !match {\n+\t\t\t\treturn true\n+\t\t\t}\n+\t\t}\n+\t\treturn false\n+\t})\n+}\n+\n // ToSortedSlice returns slice of VulnInfos that is sorted by Score, CVE-ID\n func (v VulnInfos) ToSortedSlice() (sorted []VulnInfo) {\n \tfor k := range v {\n", "creation_timestamp": "2026-06-30T00:00:27.253809Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/60b686a3-6c3f-4650-ba8a-21b02b680e5d/export"/>
    <published>2026-06-30T00:00:27.253809+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5e33513e-baf4-4464-b799-7b3c157222c1/export</id>
    <title>5e33513e-baf4-4464-b799-7b3c157222c1</title>
    <updated>2026-07-07T06:07:42.686622+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5e33513e-baf4-4464-b799-7b3c157222c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-1234", "type": "seen", "source": "https://gist.github.com/tu-trinh-scale/3cef71a931e87b0427ca39b190328cc9", "content": "diff --git a/contrib/wordpress/fixtures/dev/wp-staging.toml b/contrib/wordpress/fixtures/dev/wp-staging.toml\nindex 59d0b4b..9f7917a 100644\n--- a/contrib/wordpress/fixtures/dev/wp-staging.toml\n+++ b/contrib/wordpress/fixtures/dev/wp-staging.toml\n@@ -1,7 +1,7 @@\n [servers.wp-staging]\n host = \"10.0.1.50\"\n scanModules = [\"wordpress\"]\n-ignoreCves = []\n+ignoreCves = [\"CVE-2019-8943\"]\n \n [servers.wp-staging.wordpress]\n osUser = \"www-data\"\ndiff --git a/contrib/wordpress/fixtures/prod/wp-prod-01.toml b/contrib/wordpress/fixtures/prod/wp-prod-01.toml\nindex e4d3fc7..27a2244 100644\n--- a/contrib/wordpress/fixtures/prod/wp-prod-01.toml\n+++ b/contrib/wordpress/fixtures/prod/wp-prod-01.toml\n@@ -3,7 +3,7 @@\n [servers.wp-prod-01]\n host = \"wp-prod-01.internal.example.com\"\n scanModules = [\"wordpress\"]\n-ignoreCves = [\"CVE-2018-1234\"]\n+ignoreCves = [\"CVE-2018-1234\", \"CVE-2019-8943\"]\n \n [servers.wp-prod-01.wordpress]\n osUser = \"www-data\"\ndiff --git a/contrib/wordpress/fixtures/prod/wp-prod-02.toml b/contrib/wordpress/fixtures/prod/wp-prod-02.toml\nindex d9541af..a1ddb8a 100644\n--- a/contrib/wordpress/fixtures/prod/wp-prod-02.toml\n+++ b/contrib/wordpress/fixtures/prod/wp-prod-02.toml\n@@ -3,7 +3,7 @@\n [servers.wp-prod-02]\n host = \"wp-prod-02.internal.example.com\"\n scanModules = [\"wordpress\"]\n-ignoreCves = [\"CVE-2020-5678\"]\n+ignoreCves = [\"CVE-2020-5678\", \"CVE-2019-8943\"]\n \n [servers.wp-prod-02.wordpress]\n osUser = \"www-data\"\ndiff --git a/detector/detector.go b/detector/detector.go\nindex 0da7994..f7331dc 100644\n--- a/detector/detector.go\n+++ b/detector/detector.go\n@@ -134,8 +134,8 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t}\n \n \tfor i, r := range rs {\n-\t\tr = r.FilterByCvssOver(c.Conf.CvssScoreOver)\n-\t\tr = r.FilterUnfixed(c.Conf.IgnoreUnfixed)\n+\t\tr.ScannedCves = r.ScannedCves.FilterByCvssOver(c.Conf.CvssScoreOver)\n+\t\tr.ScannedCves = r.ScannedCves.FilterUnfixed(c.Conf.IgnoreUnfixed)\n \t\tr = r.FilterInactiveWordPressLibs(c.Conf.WpScan.DetectInactive)\n \n \t\t// IgnoreCves\n@@ -145,7 +145,7 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t\t} else if con, ok := c.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {\n \t\t\tignoreCves = con.IgnoreCves\n \t\t}\n-\t\tr = r.FilterIgnoreCves(ignoreCves)\n+\t\tr.ScannedCves = r.ScannedCves.FilterIgnoreCves(ignoreCves)\n \n \t\t// ignorePkgs\n \t\tignorePkgsRegexps := []string{}\n@@ -154,7 +154,7 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca\n \t\t} else if s, ok := c.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {\n \t\t\tignorePkgsRegexps = s.IgnorePkgsRegexp\n \t\t}\n-\t\tr = r.FilterIgnorePkgs(ignorePkgsRegexps)\n+\t\tr.ScannedCves = r.ScannedCves.FilterIgnorePkgs(ignorePkgsRegexps)\n \n \t\t// IgnoreUnscored\n \t\tif c.Conf.IgnoreUnscoredCves {\ndiff --git a/detector/wordpress.go b/detector/wordpress.go\nindex 0aabcdb..d1815e6 100644\n--- a/detector/wordpress.go\n+++ b/detector/wordpress.go\n@@ -6,6 +6,7 @@ import (\n \t\"fmt\"\n \t\"io/ioutil\"\n \t\"net/http\"\n+\t\"net/http/httputil\"\n \t\"strings\"\n \t\"time\"\n \n@@ -61,7 +62,7 @@ func detectWordPressCves(r *models.ScanResult, cnf *c.WpScanConf) (int, error) {\n \t\t\tfmt.Sprintf(\"Failed to get WordPress core version.\"))\n \t}\n \turl := fmt.Sprintf(\"https://wpscan.com/api/v3/wordpresses/%s\", ver)\n-\twpVinfos, err := wpscan(url, ver, cnf.Token)\n+\twpVinfos, err := wpscan(url, models.WPCore, cnf.Token)\n \tif err != nil {\n \t\treturn 0, err\n \t}\n@@ -227,6 +228,7 @@ func httpRequest(url, token string) (string, error) {\n \t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n \t}\n \treq.Header.Set(\"Authorization\", fmt.Sprintf(\"Token token=%s\", token))\n+\treqDump := dumpRequest(req)\n \tclient, err := util.GetHTTPClient(c.Conf.HTTPProxy)\n \tif err != nil {\n \t\treturn \"\", err\n@@ -234,12 +236,12 @@ func httpRequest(url, token string) (string, error) {\n \tresp, err := client.Do(req)\n \tif err != nil {\n \t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n-\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n+\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. request: %s err: %s\", reqDump, err))\n \t}\n \tbody, err := ioutil.ReadAll(resp.Body)\n \tif err != nil {\n \t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n-\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. err: %s\", err))\n+\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. request: %s err: %s\", reqDump, err))\n \t}\n \tdefer resp.Body.Close()\n \tif resp.StatusCode == 200 {\n@@ -249,11 +251,19 @@ func httpRequest(url, token string) (string, error) {\n \t\treturn \"\", nil\n \t} else if resp.StatusCode == 429 {\n \t\treturn \"\", errof.New(errof.ErrWpScanAPILimitExceeded,\n-\t\t\tfmt.Sprintf(\"wpscan.com API limit exceeded: %+v\", resp.Status))\n+\t\t\tfmt.Sprintf(\"wpscan.com API limit exceeded: %+v request: %s\", resp.Status, reqDump))\n \t} else {\n-\t\tlogging.Log.Warnf(\"wpscan.com unknown status code: %+v\", resp.Status)\n-\t\treturn \"\", nil\n+\t\treturn \"\", errof.New(errof.ErrFailedToAccessWpScan,\n+\t\t\tfmt.Sprintf(\"Failed to access to wpscan.com. status: %+v request: %s\", resp.Status, reqDump))\n+\t}\n+}\n+\n+func dumpRequest(req *http.Request) string {\n+\tdump, err := httputil.DumpRequestOut(req, false)\n+\tif err != nil {\n+\t\treturn fmt.Sprintf(\"failed to dump request: %s\", err)\n \t}\n+\treturn string(dump)\n }\n \n func removeInactives(pkgs models.WordPressPackages) (removed models.WordPressPackages) {\ndiff --git a/models/scanresults.go b/models/scanresults.go\nindex f22c1bb..abeb284 100644\n--- a/models/scanresults.go\n+++ b/models/scanresults.go\n@@ -4,14 +4,12 @@ import (\n \t\"bytes\"\n \t\"fmt\"\n \t\"reflect\"\n-\t\"regexp\"\n \t\"strings\"\n \t\"time\"\n \n \t\"github.com/future-architect/vuls/config\"\n \t\"github.com/future-architect/vuls/constant\"\n \t\"github.com/future-architect/vuls/cwe\"\n-\t\"github.com/future-architect/vuls/logging\"\n )\n \n // ScanResults is a slide of ScanResult\n@@ -84,85 +82,25 @@ type Kernel struct {\n \n // FilterByCvssOver is filter function.\n func (r ScanResult) FilterByCvssOver(over float64) ScanResult {\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\tif over &amp;lt;= v.MaxCvssScore().Value.Score {\n-\t\t\treturn true\n-\t\t}\n-\t\treturn false\n-\t})\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterByCvssOver(over)\n \treturn r\n }\n \n // FilterIgnoreCves is filter function.\n func (r ScanResult) FilterIgnoreCves(ignoreCves []string) ScanResult {\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\tfor _, c := range ignoreCves {\n-\t\t\tif v.CveID == c {\n-\t\t\t\treturn false\n-\t\t\t}\n-\t\t}\n-\t\treturn true\n-\t})\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterIgnoreCves(ignoreCves)\n \treturn r\n }\n \n // FilterUnfixed is filter function.\n func (r ScanResult) FilterUnfixed(ignoreUnfixed bool) ScanResult {\n-\tif !ignoreUnfixed {\n-\t\treturn r\n-\t}\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\t// Report cves detected by CPE because Vuls can't know 'fixed' or 'unfixed'\n-\t\tif len(v.CpeURIs) != 0 {\n-\t\t\treturn true\n-\t\t}\n-\t\tNotFixedAll := true\n-\t\tfor _, p := range v.AffectedPackages {\n-\t\t\tNotFixedAll = NotFixedAll &amp;amp;&amp;amp; p.NotFixedYet\n-\t\t}\n-\t\treturn !NotFixedAll\n-\t})\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterUnfixed(ignoreUnfixed)\n \treturn r\n }\n \n // FilterIgnorePkgs is filter function.\n func (r ScanResult) FilterIgnorePkgs(ignorePkgsRegexps []string) ScanResult {\n-\tregexps := []*regexp.Regexp{}\n-\tfor _, pkgRegexp := range ignorePkgsRegexps {\n-\t\tre, err := regexp.Compile(pkgRegexp)\n-\t\tif err != nil {\n-\t\t\tlogging.Log.Warnf(\"Failed to parse %s. err: %+v\", pkgRegexp, err)\n-\t\t\tcontinue\n-\t\t} else {\n-\t\t\tregexps = append(regexps, re)\n-\t\t}\n-\t}\n-\tif len(regexps) == 0 {\n-\t\treturn r\n-\t}\n-\n-\tfiltered := r.ScannedCves.Find(func(v VulnInfo) bool {\n-\t\tif len(v.AffectedPackages) == 0 {\n-\t\t\treturn true\n-\t\t}\n-\t\tfor _, p := range v.AffectedPackages {\n-\t\t\tmatch := false\n-\t\t\tfor _, re := range regexps {\n-\t\t\t\tif re.MatchString(p.Name) {\n-\t\t\t\t\tmatch = true\n-\t\t\t\t}\n-\t\t\t}\n-\t\t\tif !match {\n-\t\t\t\treturn true\n-\t\t\t}\n-\t\t}\n-\t\treturn false\n-\t})\n-\n-\tr.ScannedCves = filtered\n+\tr.ScannedCves = r.ScannedCves.FilterIgnorePkgs(ignorePkgsRegexps)\n \treturn r\n }\n \n@@ -178,6 +116,9 @@ func (r ScanResult) FilterInactiveWordPressLibs(detectInactive bool) ScanResult\n \t\t}\n \t\t// Ignore if all libs in this vulnInfo inactive\n \t\tfor _, wp := range v.WpPackageFixStats {\n+\t\t\tif wp.Name == WPCore {\n+\t\t\t\treturn true\n+\t\t\t}\n \t\t\tif p, ok := r.WordPressPackages.Find(wp.Name); ok {\n \t\t\t\tif p.Status != Inactive {\n \t\t\t\t\treturn true\ndiff --git a/models/vulninfos.go b/models/vulninfos.go\nindex 8ea0567..425d752 100644\n--- a/models/vulninfos.go\n+++ b/models/vulninfos.go\n@@ -3,10 +3,12 @@ package models\n import (\n \t\"bytes\"\n \t\"fmt\"\n+\t\"regexp\"\n \t\"sort\"\n \t\"strings\"\n \t\"time\"\n \n+\t\"github.com/future-architect/vuls/logging\"\n \texploitmodels \"github.com/vulsio/go-exploitdb/models\"\n )\n \n@@ -36,6 +38,82 @@ func (v VulnInfos) FindScoredVulns() VulnInfos {\n \t})\n }\n \n+// FilterByCvssOver returns vulnerabilities whose maximum CVSS score or severity is at least over.\n+func (v VulnInfos) FilterByCvssOver(over float64) VulnInfos {\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\treturn over &amp;lt;= vv.MaxCvssScore().Value.Score\n+\t})\n+}\n+\n+// FilterIgnoreCves returns vulnerabilities excluding CVEs in ignoreCveIDs.\n+func (v VulnInfos) FilterIgnoreCves(ignoreCveIDs []string) VulnInfos {\n+\tignored := map[string]struct{}{}\n+\tfor _, cveID := range ignoreCveIDs {\n+\t\tignored[cveID] = struct{}{}\n+\t}\n+\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\t_, found := ignored[vv.CveID]\n+\t\treturn !found\n+\t})\n+}\n+\n+// FilterUnfixed returns vulnerabilities excluding CVEs whose affected packages are all not fixed yet.\n+func (v VulnInfos) FilterUnfixed(ignoreUnfixed bool) VulnInfos {\n+\tif !ignoreUnfixed {\n+\t\treturn v.Find(func(VulnInfo) bool { return true })\n+\t}\n+\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\t// Report CVEs detected by CPE because Vuls can't know fixed or unfixed status.\n+\t\tif len(vv.CpeURIs) != 0 || len(vv.AffectedPackages) == 0 {\n+\t\t\treturn true\n+\t\t}\n+\n+\t\tfor _, p := range vv.AffectedPackages {\n+\t\t\tif !p.NotFixedYet {\n+\t\t\t\treturn true\n+\t\t\t}\n+\t\t}\n+\t\treturn false\n+\t})\n+}\n+\n+// FilterIgnorePkgs returns vulnerabilities excluding CVEs whose affected packages all match ignored package regexps.\n+func (v VulnInfos) FilterIgnorePkgs(ignorePkgsRegexps []string) VulnInfos {\n+\tregexps := []*regexp.Regexp{}\n+\tfor _, pkgRegexp := range ignorePkgsRegexps {\n+\t\tre, err := regexp.Compile(pkgRegexp)\n+\t\tif err != nil {\n+\t\t\tlogging.Log.Warnf(\"Failed to parse %s. err: %+v\", pkgRegexp, err)\n+\t\t\tcontinue\n+\t\t}\n+\t\tregexps = append(regexps, re)\n+\t}\n+\tif len(regexps) == 0 {\n+\t\treturn v.Find(func(VulnInfo) bool { return true })\n+\t}\n+\n+\treturn v.Find(func(vv VulnInfo) bool {\n+\t\tif len(vv.AffectedPackages) == 0 {\n+\t\t\treturn true\n+\t\t}\n+\t\tfor _, p := range vv.AffectedPackages {\n+\t\t\tmatch := false\n+\t\t\tfor _, re := range regexps {\n+\t\t\t\tif re.MatchString(p.Name) {\n+\t\t\t\t\tmatch = true\n+\t\t\t\t\tbreak\n+\t\t\t\t}\n+\t\t\t}\n+\t\t\tif !match {\n+\t\t\t\treturn true\n+\t\t\t}\n+\t\t}\n+\t\treturn false\n+\t})\n+}\n+\n // ToSortedSlice returns slice of VulnInfos that is sorted by Score, CVE-ID\n func (v VulnInfos) ToSortedSlice() (sorted []VulnInfo) {\n \tfor k := range v {\n", "creation_timestamp": "2026-06-29T23:41:50.713586Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5e33513e-baf4-4464-b799-7b3c157222c1/export"/>
    <published>2026-06-29T23:41:50.713586+00:00</published>
  </entry>
</feed>
