[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Mar 14 20:49:04 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bcdd4bfc by Salvatore Bonaccorso at 2022-03-14T21:48:38+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4049,13 +4049,13 @@ CVE-2022-0705
CVE-2022-0704
RESERVED
CVE-2022-0703 (The GD Mylist WordPress plugin through 1.1.1 does not sanitise and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0702 (The Petfinder Listings WordPress plugin through 1.0.18 does not escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0701 (The SEO 301 Meta WordPress plugin through 1.9.1 does not escape its Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0700 (The Simple Tracking WordPress plugin before 1.7 does not sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0699
RESERVED
CVE-2022-25597
@@ -4574,7 +4574,7 @@ CVE-2022-0685 (Use of Out-of-range Pointer Offset in GitHub repository vim/vim p
NOTE: https://huntr.dev/bounties/27230da3-9b1a-4d5d-8cdf-4b1e62fcd782
NOTE: https://github.com/vim/vim/commit/5921aeb5741fc6e84c870d68c7c35b93ad0c9f87 (v8.2.4418)
CVE-2022-0684 (The WP Home Page Menu WordPress plugin before 3.1 does not sanitise an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-46700 (In libsixel 1.8.6, sixel_encoder_output_without_macro (called from six ...)
- libsixel <unfixed>
[bullseye] - libsixel <no-dsa> (Minor issue)
@@ -4765,7 +4765,7 @@ CVE-2022-25305 (The WP Statistics WordPress plugin is vulnerable to Cross-Site S
CVE-2022-21158 (A stored cross-site scripting vulnerability in marktext versions prior ...)
NOT-FOR-US: marktext
CVE-2022-0674 (The Kunze Law WordPress plugin before 2.1 does not escape its 'E-Mail ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0673 (A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoni ...)
NOT-FOR-US: LemMinX
CVE-2022-0672 (A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redi ...)
@@ -4795,9 +4795,9 @@ CVE-2022-0661
CVE-2022-0660 (Generation of Error Message Containing Sensitive Information in Packag ...)
NOT-FOR-US: microweber
CVE-2022-0659 (The Sync QCloud COS WordPress plugin before 2.0.1 does not escape some ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0658 (The CommonsBooking WordPress plugin before 2.6.8 does not sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0657
RESERVED
CVE-2022-0656
@@ -4956,7 +4956,7 @@ CVE-2022-23810 (Template injection (Improper Neutralization of Special Elements
CVE-2022-21142 (Authentication bypass vulnerability in a-blog cms Ver.2.8.x series ver ...)
NOT-FOR-US: a-blog cms
CVE-2022-0648 (The Team Circle Image Slider With Lightbox WordPress plugin before 1.0 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0647
RESERVED
CVE-2022-0646 (A flaw use after free in the Linux kernel Management Component Transpo ...)
@@ -5343,7 +5343,7 @@ CVE-2022-0603
CVE-2022-0602
RESERVED
CVE-2022-0601 (The Countdown, Coming Soon, Maintenance WordPress plugin before 2.2.9 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0600
RESERVED
CVE-2022-0599
@@ -5359,7 +5359,7 @@ CVE-2022-0595
CVE-2022-0594
RESERVED
CVE-2022-0593 (The Login with phone number WordPress plugin before 1.3.7 includes a f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0592
RESERVED
CVE-2022-0591
@@ -7240,7 +7240,7 @@ CVE-2022-0505 (Cross-Site Request Forgery (CSRF) in Packagist microweber/microwe
CVE-2022-0504 (Generation of Error Message Containing Sensitive Information in Packag ...)
NOT-FOR-US: microweber
CVE-2022-0503 (The WordPress Multisite Content Copier/Updater WordPress plugin before ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0502 (Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat ...)
NOT-FOR-US: livehelperchat
CVE-2021-46675
@@ -7575,7 +7575,7 @@ CVE-2022-0480
CVE-2022-0479
RESERVED
CVE-2022-0478 (The Event Manager and Tickets Selling for WooCommerce WordPress plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0477
RESERVED
CVE-2022-0476 (Denial of Service in GitHub repository radareorg/radare2 prior to 5.6. ...)
@@ -7760,7 +7760,7 @@ CVE-2022-0451 (Dart SDK contains the HTTPClient in dart:io library whcih include
CVE-2022-0450
RESERVED
CVE-2022-0449 (The Flexi WordPress plugin before 4.20 does not sanitise and escape va ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0448 (The CP Blocks WordPress plugin before 1.0.15 does not sanitise and esc ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0447
@@ -8359,7 +8359,7 @@ CVE-2022-0400 [Out of bounds read in the smc protocol stack]
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2044575
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2040604 (not public)
CVE-2022-0399 (The Advanced Product Labels for WooCommerce WordPress plugin before 1. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0398
RESERVED
CVE-2022-0397
@@ -9844,7 +9844,7 @@ CVE-2022-0329
CVE-2022-0328 (The Simple Membership WordPress plugin before 4.0.9 does not have CSRF ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0327 (The Master Addons for Elementor WordPress plugin before 1.8.5 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-46403
RESERVED
CVE-2021-4208 (The ExportFeed WordPress plugin through 2.0.1.0 does not sanitise and ...)
@@ -9957,7 +9957,7 @@ CVE-2022-0322 [DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c]
[stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://git.kernel.org/linus/a2d859e3fc97e79d907761550dbc03ff1b36479c (5.15-rc6)
CVE-2022-0321 (The WP Voting Contest WordPress plugin through 2.1 does not sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0320 (The Essential Addons for Elementor WordPress plugin before 5.0.5 does ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0319 (Out-of-bounds Read in vim/vim prior to 8.2. ...)
@@ -11474,7 +11474,7 @@ CVE-2022-0256 (pimcore is vulnerable to Improper Neutralization of Input During
CVE-2022-0255 (The Database Backup for WordPress plugin before 2.5.1 does not properl ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0254 (The WordPress Zero Spam WordPress plugin before 5.2.11 does not proper ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0253 (livehelperchat is vulnerable to Improper Neutralization of Input Durin ...)
NOT-FOR-US: livehelperchat
CVE-2022-0252 (The GiveWP WordPress plugin before 2.17.3 does not escape the json par ...)
@@ -11486,7 +11486,7 @@ CVE-2022-0250
CVE-2022-0249
RESERVED
CVE-2022-0248 (The Contact Form Submissions WordPress plugin before 1.7.3 does not sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0247 (An issue exists in Fuchsia where VMO data can be modified through acce ...)
NOT-FOR-US: Fuchsia
CVE-2022-0246
@@ -11732,7 +11732,7 @@ CVE-2022-0232 (The User Registration, Login & Landing Pages WordPress plugin
CVE-2022-0231 (livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) ...)
NOT-FOR-US: livehelperchat
CVE-2022-0230 (The Better WordPress Google XML Sitemaps WordPress plugin through 1.4. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0229
RESERVED
CVE-2022-0228 (The Popup Builder WordPress plugin before 4.0.7 does not validate and ...)
@@ -12833,7 +12833,7 @@ CVE-2022-0171
CVE-2022-0170 (peertube is vulnerable to Improper Access Control ...)
- peertube <itp> (bug #950821)
CVE-2022-0169 (The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not vali ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0168
RESERVED
CVE-2022-0167
@@ -12841,7 +12841,7 @@ CVE-2022-0167
CVE-2022-0166 (A privilege escalation vulnerability in the McAfee Agent prior to 5.7. ...)
NOT-FOR-US: McAfee
CVE-2022-0165 (The Page Builder KingComposer WordPress plugin through 2.9.6 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0164 (The Coming soon and Maintenance mode WordPress plugin before 3.6.8 doe ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0163 (The Smart Forms WordPress plugin before 2.6.71 does not have authorisa ...)
@@ -12849,7 +12849,7 @@ CVE-2022-0163 (The Smart Forms WordPress plugin before 2.6.71 does not have auth
CVE-2022-0162 (The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 ...)
NOT-FOR-US: TP-Link
CVE-2022-0161 (The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0160
RESERVED
CVE-2021-46269
@@ -13582,9 +13582,9 @@ CVE-2022-22736
- firefox <not-affected> (Only affects Windows)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-01/#CVE-2022-22736
CVE-2022-22735 (The Simple Quotation WordPress plugin through 1.3.2 does not have auth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-22734 (The Simple Quotation WordPress plugin through 1.3.2 does not have CSRF ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-22733 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
NOT-FOR-US: Apache ShardingSphere ElasticJob-UI
CVE-2022-0154 (An issue has been discovered in GitLab affecting all versions starting ...)
@@ -13602,7 +13602,7 @@ CVE-2022-0149 (The WooCommerce Stored Exporter WordPress plugin before 2.7.1 was
CVE-2022-0148 (The All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0147 (The Cookie Information | Free GDPR Consent Solution WordPress plugin b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0146
RESERVED
CVE-2022-0145
@@ -14690,9 +14690,9 @@ CVE-2022-22356
CVE-2022-22355
RESERVED
CVE-2022-22354 (IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.2 and IBM Spectrum C ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22353 (IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 c ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22352
RESERVED
CVE-2022-22351 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged trust ...)
@@ -14702,15 +14702,15 @@ CVE-2022-22350 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged
CVE-2022-22349 (IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0. ...)
NOT-FOR-US: IBM
CVE-2022-22348 (IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22347
RESERVED
CVE-2022-22346 (IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22345
RESERVED
CVE-2022-22344 (IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerab ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22343
RESERVED
CVE-2022-22342
@@ -37879,7 +37879,7 @@ CVE-2021-39057 (IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x is vulnerabl
CVE-2021-39056 (The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic Remote SQL server (E ...)
NOT-FOR-US: IBM
CVE-2021-39055 (IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerab ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-39054 (IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a rem ...)
NOT-FOR-US: IBM
CVE-2021-39053 (IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a rem ...)
@@ -37887,7 +37887,7 @@ CVE-2021-39053 (IBM Spectrum Copy Data Management 2.2.13 and earlier could allow
CVE-2021-39052 (IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a rem ...)
NOT-FOR-US: IBM
CVE-2021-39051 (IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerab ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-39050 (IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a s ...)
NOT-FOR-US: IBM
CVE-2021-39049 (IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a s ...)
@@ -38047,7 +38047,7 @@ CVE-2021-38973 (IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receiv
CVE-2021-38972 (IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives inp ...)
NOT-FOR-US: IBM
CVE-2021-38971 (IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-38970
RESERVED
CVE-2021-38969
@@ -73311,7 +73311,7 @@ CVE-2021-25028 (The Event Tickets WordPress plugin before 5.2.2 does not validat
CVE-2021-25027 (The PowerPack Addons for Elementor WordPress plugin before 2.6.2 does ...)
NOT-FOR-US: WordPress plugin
CVE-2021-25026 (The Patreon WordPress plugin before 1.8.2 does not sanitise and escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-25025 (The EventCalendar WordPress plugin before 1.1.51 does not have proper ...)
NOT-FOR-US: WordPress plugin
CVE-2021-25024 (The EventCalendar WordPress plugin before 1.1.51 does not escape some ...)
@@ -73349,15 +73349,15 @@ CVE-2021-25009 (The CorreosExpress WordPress plugin through 2.6.0 generates log
CVE-2021-25008 (The Code Snippets WordPress plugin before 2.14.3 does not escape the s ...)
NOT-FOR-US: WordPress plugin
CVE-2021-25007 (The MOLIE WordPress plugin through 0.5 does not validate and escape a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-25006 (The MOLIE WordPress plugin through 0.5 does not escape the course_id p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-25005 (The SEUR Oficial WordPress plugin before 1.7.0 does not sanitize and e ...)
NOT-FOR-US: WordPress plugin
CVE-2021-25004 (The SEUR Oficial WordPress plugin before 1.7.2 creates a PHP file with ...)
NOT-FOR-US: WordPress plugin
CVE-2021-25003 (The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-25002
RESERVED
CVE-2021-25001 (The Booster for WooCommerce WordPress plugin before 5.4.9 does not san ...)
@@ -73371,9 +73371,9 @@ CVE-2021-24998 (The Simple JWT Login WordPress plugin before 3.3.0 can be used t
CVE-2021-24997 (The WP Guppy WordPress plugin before 1.3 does not have any authorisati ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24996 (The IDPay for Contact Form 7 WordPress plugin through 2.1.2 does not s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24995 (The HTML5 Responsive FAQ WordPress plugin through 2.8.5 does not prope ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24994 (The Migration, Backup, Staging WordPress plugin before 0.9.69 does not ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24993 (The Ultimate Product Catalog WordPress plugin before 5.0.26 does not h ...)
@@ -73399,7 +73399,7 @@ CVE-2021-24984 (The WPFront User Role Editor WordPress plugin before 3.2.1.11184
CVE-2021-24983 (The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24982 (The Child Theme Generator WordPress plugin through 2.2.7 does not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24981 (The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cros ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24980 (The Gwolle Guestbook WordPress plugin before 4.2.0 does not sanitise a ...)
@@ -73431,7 +73431,7 @@ CVE-2021-24968 (The Ultimate FAQ WordPress plugin before 2.1.2 does not have cap
CVE-2021-24967 (The Contact Form & Lead Form Elementor Builder WordPress plugin be ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24966 (The Error Log Viewer WordPress plugin through 1.1.1 does not validate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24965 (The Five Star Restaurant Reservations WordPress plugin before 2.4.8 do ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24964 (The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly ve ...)
@@ -73445,9 +73445,9 @@ CVE-2021-24961 (The WordPress File Upload WordPress plugin before 4.16.3, wordpr
CVE-2021-24960 (The WordPress File Upload WordPress plugin before 4.16.3, wordpress-fi ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24959 (The WP Email Users WordPress plugin through 1.7.6 does not escape the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24958 (The Meks Easy Photo Feed Widget WordPress plugin before 1.2.4 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24957
RESERVED
CVE-2021-24956 (The Blog2Social: Social Media Auto Post & Scheduler WordPress plug ...)
@@ -73463,7 +73463,7 @@ CVE-2021-24952 (The Conversios.io WordPress plugin before 4.6.2 does not sanitis
CVE-2021-24951 (The LearnPress WordPress plugin before 4.1.4 does not sanitise, valida ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24950 (The Insight Core WordPress plugin through 1.0 does not have any author ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24949 (The "WP Search Filters" widget of The Plus Addons for Elementor - Pro ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24948 (The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does ...)
@@ -73483,7 +73483,7 @@ CVE-2021-24942
CVE-2021-24941 (The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress p ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24940 (The Persian Woocommerce WordPress plugin through 5.8.0 does not escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24939 (The LoginWP (Formerly Peter's Login Redirect) WordPress plugin before ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24938 (The WOOCS WordPress plugin before 1.3.7.1 does not sanitise and escape ...)
@@ -73569,11 +73569,11 @@ CVE-2021-24899 (The Media-Tags WordPress plugin through 3.2.0.2 does not sanitis
CVE-2021-24898 (The EditableTable WordPress plugin through 0.1.4 does not sanitise and ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24897 (The Add Subtitle WordPress plugin through 1.1.0 does not sanitise or e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24896 (The Caldera Forms WordPress plugin before 1.9.5 does not sanitise and ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24895 (The Cybersoldier WordPress plugin before 1.7.0 does not sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24894 (The Reviews Plus WordPress plugin before 1.2.14 does not validate the ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24893 (The Stars Rating WordPress plugin before 3.5.1 does not validate the s ...)
@@ -73979,7 +73979,7 @@ CVE-2021-24694 (The Simple Download Monitor WordPress plugin before 3.9.11 could
CVE-2021-24693 (The Simple Download Monitor WordPress plugin before 3.9.5 does not esc ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24692 (The Simple Download Monitor WordPress plugin before 3.9.5 allows users ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24691 (The Quiz And Survey Master WordPress plugin before 7.3.2 does not esca ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24690 (The Chained Quiz WordPress plugin before 1.2.7.2 does not properly san ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcdd4bfce40f97e073dfd40337b2289f28dc5317
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcdd4bfce40f97e073dfd40337b2289f28dc5317
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220314/85aa667c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list