[Git][security-tracker-team/security-tracker][master] Process several NFUs

Fri Aug 30 21:21:41 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
359d0c73 by Salvatore Bonaccorso at 2019-08-30T20:21:14Z
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,59 +5,59 @@ CVE-2019-15844
 CVE-2019-15843
 	RESERVED
 CVE-2019-15842 (The easy-pdf-restaurant-menu-upload plugin before 1.1.2 for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: easy-pdf-restaurant-menu-upload plugin for WordPress
 CVE-2019-15841 (The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CS ...)
-	TODO: check
+	NOT-FOR-US: facebook-for-woocommerce plugin for WordPress
 CVE-2019-15840 (The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CS ...)
-	TODO: check
+	NOT-FOR-US: facebook-for-woocommerce plugin for WordPress
 CVE-2019-15839 (The sina-extension-for-elementor plugin before 2.2.1 for WordPress has ...)
-	TODO: check
+	NOT-FOR-US: sina-extension-for-elementor plugin for WordPress
 CVE-2019-15838 (The custom-404-pro plugin before 3.2.8 for WordPress has reflected XSS ...)
-	TODO: check
+	NOT-FOR-US: custom-404-pro plugin for WordPress
 CVE-2019-15837 (The webp-express plugin before 0.14.8 for WordPress has stored XSS. ...)
-	TODO: check
+	NOT-FOR-US: webp-express plugin for WordPress
 CVE-2019-15836 (The wp-ultimate-recipe plugin before 3.12.7 for WordPress has stored X ...)
-	TODO: check
+	NOT-FOR-US: wp-ultimate-recipe plugin for WordPress
 CVE-2019-15835 (The wp-better-permalinks plugin before 3.0.5 for WordPress has CSRF. ...)
-	TODO: check
+	NOT-FOR-US: wp-better-permalinks plugin for WordPress
 CVE-2019-15834 (The webp-converter-for-media plugin before 1.0.3 for WordPress has CSR ...)
-	TODO: check
+	NOT-FOR-US: webp-converter-for-media plugin for WordPress
 CVE-2019-15833 (The simple-mail-address-encoder plugin before 1.7 for WordPress has re ...)
-	TODO: check
+	NOT-FOR-US: simple-mail-address-encoder plugin for WordPress
 CVE-2019-15832 (The visitors-traffic-real-time-statistics plugin before 1.13 for WordP ...)
-	TODO: check
+	NOT-FOR-US: visitors-traffic-real-time-statistics plugin for WordPress
 CVE-2019-15831 (The visitors-traffic-real-time-statistics plugin before 1.12 for WordP ...)
-	TODO: check
+	NOT-FOR-US: visitors-traffic-real-time-statistics plugin for WordPress
 CVE-2019-15830 (The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS. ...)
-	TODO: check
+	NOT-FOR-US: icegram plugin for WordPress
 CVE-2019-15829 (The photoblocks-grid-gallery plugin before 1.1.33 for WordPress has wp ...)
-	TODO: check
+	NOT-FOR-US: photoblocks-grid-gallery plugin for WordPress
 CVE-2019-15828 (The one-click-ssl plugin before 1.4.7 for WordPress has CSRF. ...)
-	TODO: check
+	NOT-FOR-US: one-click-ssl plugin for WordPress
 CVE-2019-15827 (The onesignal-free-web-push-notifications plugin before 1.17.8 for Wor ...)
-	TODO: check
+	NOT-FOR-US: onesignal-free-web-push-notifications plugin for WordPress
 CVE-2019-15826 (The wps-hide-login plugin before 1.5.3 for WordPress has a protection  ...)
-	TODO: check
+	NOT-FOR-US: wps-hide-login plugin for WordPress
 CVE-2019-15825 (The wps-hide-login plugin before 1.5.3 for WordPress has an action=rp& ...)
-	TODO: check
+	NOT-FOR-US: wps-hide-login plugin for WordPress
 CVE-2019-15824 (The wps-hide-login plugin before 1.5.3 for WordPress has an adminhash  ...)
-	TODO: check
+	NOT-FOR-US: wps-hide-login plugin for WordPress
 CVE-2019-15823 (The wps-hide-login plugin before 1.5.3 for WordPress has an action=con ...)
-	TODO: check
+	NOT-FOR-US: wps-hide-login plugin for WordPress
 CVE-2019-15822 (The wps-child-theme-generator plugin before 1.2 for WordPress has clas ...)
-	TODO: check
+	NOT-FOR-US: wps-child-theme-generator plugin for WordPress
 CVE-2019-15821 (The bold-page-builder plugin before 2.3.2 for WordPress has no protect ...)
-	TODO: check
+	NOT-FOR-US: bold-page-builder plugin for WordPress
 CVE-2019-15820 (The login-or-logout-menu-item plugin before 1.2.0 for WordPress has no ...)
-	TODO: check
+	NOT-FOR-US: login-or-logout-menu-item plugin for WordPress
 CVE-2019-15819 (The nd-restaurant-reservations plugin before 1.5 for WordPress has no  ...)
-	TODO: check
+	NOT-FOR-US: nd-restaurant-reservations plugin for WordPress
 CVE-2019-15818 (The simple-301-redirects-addon-bulk-uploader plugin through 1.2.4 for  ...)
-	TODO: check
+	NOT-FOR-US: simple-301-redirects-addon-bulk-uploader plugin for WordPress
 CVE-2019-15817 (The easy-property-listings plugin before 3.4 for WordPress has XSS. ...)
-	TODO: check
+	NOT-FOR-US: easy-property-listings plugin for WordPress
 CVE-2019-15816 (The wp-private-content-plus plugin before 2.0 for WordPress has no pro ...)
-	TODO: check
+	NOT-FOR-US: wp-private-content-plus plugin for WordPress
 CVE-2019-15815
 	RESERVED
 CVE-2019-15814
@@ -65,7 +65,7 @@ CVE-2019-15814
 CVE-2019-15813
 	RESERVED
 CVE-2015-9380 (The photo-gallery plugin before 1.2.42 for WordPress has CSRF. ...)
-	TODO: check
+	NOT-FOR-US: photo-gallery plugin for WordPress
 CVE-2019-15812
 	RESERVED
 CVE-2019-15811 (In DomainMOD through 4.13, the parameter daterange in the file reporti ...)
@@ -12638,7 +12638,7 @@ CVE-2019-11660
 CVE-2019-11659
 	RESERVED
 CVE-2019-11658 (Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 ...)
-	TODO: check
+	NOT-FOR-US: Micro Focus
 CVE-2019-11657
 	RESERVED
 CVE-2019-11656



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/359d0c730d2531218ce7437eff19615a4e95f1f3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/359d0c730d2531218ce7437eff19615a4e95f1f3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190830/50551d2a/attachment.html>
