[Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
carnil at debian.org
Tue Aug 13 22:02:31 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6fc4a403 by Salvatore Bonaccorso at 2019-08-13T21:01:55Z
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -202,13 +202,13 @@ CVE-2018-20966 (The woocommerce-jetpack plugin before 3.8.0 for WordPress has XS
CVE-2018-20965 (The ultimate-member plugin before 2.0.4 for WordPress has XSS. ...)
NOT-FOR-US: ultimate-member plugin for WordPress
CVE-2018-20964 (The contact-form-to-email plugin before 1.2.66 for WordPress has CSRF. ...)
- TODO: check
+ NOT-FOR-US: contact-form-to-email plugin for WordPress
CVE-2018-20963 (The contact-form-to-email plugin before 1.2.66 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: contact-form-to-email plugin for WordPress
CVE-2017-18508 (The wp-live-chat-support plugin before 7.1.03 for WordPress has XSS. ...)
NOT-FOR-US: wp-live-chat-support plugin for WordPress
CVE-2017-18507 (The wp-live-chat-support plugin before 7.1.05 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: wp-live-chat-support plugin for WordPress
CVE-2017-18506 (The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for Wo ...)
NOT-FOR-US: woocommerce-pdf-invoices-packing-slips plugin for WordPress
CVE-2017-18505 (The twitter-plugin plugin before 2.55 for WordPress has XSS. ...)
@@ -226,29 +226,29 @@ CVE-2017-18500 (The social-buttons-pack plugin before 1.1.1 for WordPress has mu
CVE-2017-18499 (The simple-membership plugin before 3.5.7 for WordPress has XSS. ...)
NOT-FOR-US: simple-membership plugin for WordPress
CVE-2017-18498 (The simple-job-board plugin before 2.4.4 for WordPress has reflected X ...)
- TODO: check
+ NOT-FOR-US: simple-job-board plugin for WordPress
CVE-2017-18497 (The liveforms plugin before 3.4.0 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: liveforms plugin for WordPress
CVE-2017-18496 (The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues ...)
- TODO: check
+ NOT-FOR-US: htaccess plugin for WordPress
CVE-2017-18495 (The gravity-forms-sms-notifications plugin before 2.4.0 for WordPress ...)
- TODO: check
+ NOT-FOR-US: gravity-forms-sms-notifications plugin for WordPress
CVE-2017-18494 (The custom-search-plugin plugin before 1.36 for WordPress has multiple ...)
- TODO: check
+ NOT-FOR-US: custom-search-plugin plugin for WordPress
CVE-2017-18493 (The custom-admin-page plugin before 0.1.2 for WordPress has multiple X ...)
- TODO: check
+ NOT-FOR-US: custom-admin-page plugin for WordPress
CVE-2017-18492 (The contact-form-to-db plugin before 1.5.7 for WordPress has multiple ...)
- TODO: check
+ NOT-FOR-US: contact-form-to-db plugin for WordPress
CVE-2017-18491 (The contact-form-plugin plugin before 4.0.6 for WordPress has multiple ...)
- TODO: check
+ NOT-FOR-US: contact-form-plugin plugin for WordPress
CVE-2017-18490 (The contact-form-multi plugin before 1.2.1 for WordPress has multiple ...)
- TODO: check
+ NOT-FOR-US: contact-form-multi plugin for WordPress
CVE-2017-18489 (The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS ...)
- TODO: check
+ NOT-FOR-US: contact-form-7-sms-addon plugin for WordPress
CVE-2017-18488 (The Backup Guard plugin before 1.1.47 for WordPress has multiple XSS i ...)
- TODO: check
+ NOT-FOR-US: Backup Guard plugin for WordPress
CVE-2017-18487 (The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPre ...)
- TODO: check
+ NOT-FOR-US: adsense-plugin (aka Google AdSense) plugin for WordPress
CVE-2016-10879 (The wp-live-chat-support plugin before 6.2.02 for WordPress has XSS. ...)
NOT-FOR-US: wp-live-chat-support plugin for WordPress
CVE-2016-10878 (The wp-google-map-plugin plugin before 3.1.2 for WordPress has XSS. ...)
@@ -266,17 +266,17 @@ CVE-2016-10873 (The wp-database-backup plugin before 4.3.3 for WordPress has XSS
CVE-2016-10872 (The ultimate-member plugin before 1.3.40 for WordPress has XSS on the ...)
NOT-FOR-US: ultimate-member plugin for WordPress
CVE-2016-10871 (The mailchimp-for-wp plugin before 4.0.11 for WordPress has XSS on the ...)
- TODO: check
+ NOT-FOR-US: mailchimp-for-wp plugin for WordPress
CVE-2016-10870 (The google-language-translator plugin before 5.0.06 for WordPress has ...)
- TODO: check
+ NOT-FOR-US: google-language-translator plugin for WordPress
CVE-2016-10869 (The contact-form-plugin plugin before 4.0.2 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: contact-form-plugin plugin for WordPress
CVE-2016-10868 (The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPr ...)
- TODO: check
+ NOT-FOR-US: all-in-one-wp-security-and-firewall plugin for WordPress
CVE-2016-10867 (The all-in-one-wp-security-and-firewall plugin before 4.0.6 for WordPr ...)
- TODO: check
+ NOT-FOR-US: all-in-one-wp-security-and-firewall plugin for WordPress
CVE-2016-10866 (The all-in-one-wp-security-and-firewall plugin before 4.2.0 for WordPr ...)
- TODO: check
+ NOT-FOR-US: all-in-one-wp-security-and-firewall plugin for WordPress
CVE-2015-9306 (The wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS ...)
NOT-FOR-US: wp-ultimate-csv-importer plugin for WordPress
CVE-2015-9305 (The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS rel ...)
@@ -286,29 +286,29 @@ CVE-2015-9304 (The ultimate-member plugin before 1.3.18 for WordPress has XSS vi
CVE-2015-9303 (The simple-share-buttons-adder plugin before 6.0.0 for WordPress has X ...)
NOT-FOR-US: simple-share-buttons-adder plugin for WordPress
CVE-2015-9302 (The simple-fields plugin before 1.4.11 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: simple-fields plugin for WordPress
CVE-2015-9301 (The liveforms plugin before 3.2.0 for WordPress has SQL injection. ...)
- TODO: check
+ NOT-FOR-US: liveforms plugin for WordPress
CVE-2015-9300 (The events-manager plugin before 5.5.7 for WordPress has multiple XSS ...)
- TODO: check
+ NOT-FOR-US: events-manager plugin for WordPress
CVE-2015-9299 (The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS. ...)
- TODO: check
+ NOT-FOR-US: events-manager plugin for WordPress
CVE-2015-9298 (The events-manager plugin before 5.6 for WordPress has code injection. ...)
- TODO: check
+ NOT-FOR-US: events-manager plugin for WordPress
CVE-2015-9297 (The events-manager plugin before 5.6 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: events-manager plugin for WordPress
CVE-2015-9296 (The download-monitor plugin before 1.7.1 for WordPress has XSS related ...)
- TODO: check
+ NOT-FOR-US: download-monitor plugin for WordPress
CVE-2015-9295 (The contact-form-plugin plugin before 3.96 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: contact-form-plugin plugin for WordPress
CVE-2015-9294 (The all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPr ...)
- TODO: check
+ NOT-FOR-US: all-in-one-wp-security-and-firewall plugin for WordPress
CVE-2015-9293 (The all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPr ...)
- TODO: check
+ NOT-FOR-US: all-in-one-wp-security-and-firewall plugin for WordPress
CVE-2013-7475 (The contact-form-plugin plugin before 3.52 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: contact-form-plugin plugin for WordPress
CVE-2012-6713 (The job-manager plugin before 0.7.19 for WordPress has multiple XSS is ...)
- TODO: check
+ NOT-FOR-US: job-manager plugin for WordPress
CVE-2019-14931
RESERVED
CVE-2019-14930
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6fc4a40310a1a342e63ccaa10a400aaa94a26cc1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6fc4a40310a1a342e63ccaa10a400aaa94a26cc1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190813/9b82c03d/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list