[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Feb 13 21:07:18 GMT 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
22b7e91c by Salvatore Bonaccorso at 2023-02-13T22:06:51+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5022,7 +5022,7 @@ CVE-2023-23550
 CVE-2023-0406 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa ...)
 	NOT-FOR-US: Modoboa
 CVE-2023-0405 (The GPT AI Power: Content Writer & ChatGPT & Image Generator & ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0404 (The Events Made Easy plugin for WordPress is vulnerable to authorizati ...)
 	NOT-FOR-US: Events Made Easy plugin for WordPress
 CVE-2023-0403 (The Social Warfare plugin for WordPress is vulnerable to Cross-Site Re ...)
@@ -5293,7 +5293,7 @@ CVE-2023-0381
 CVE-2023-0380
 	RESERVED
 CVE-2023-0379 (The Spotlight Social Feeds WordPress plugin before 1.4.3 does not vali ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0378
 	RESERVED
 CVE-2023-0377
@@ -5305,7 +5305,7 @@ CVE-2023-0375
 CVE-2023-0374
 	RESERVED
 CVE-2023-0373 (The Lightweight Accordion WordPress plugin before 1.5.15 does not vali ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0372
 	RESERVED
 CVE-2023-0371
@@ -5393,7 +5393,7 @@ CVE-2023-0364
 CVE-2023-0363
 	RESERVED
 CVE-2023-0362 (Themify Portfolio Post WordPress plugin before 1.2.2 does not validate ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0361
 	RESERVED
 	- gnutls28 3.7.8-5
@@ -5402,7 +5402,7 @@ CVE-2023-0361
 	NOTE: Fixed by: https://gitlab.com/gnutls/gnutls/-/commit/80a6ce8ddb02477cd724cd5b2944791aaddb702a (3.8.0)
 	NOTE: Code cleanup: https://gitlab.com/gnutls/gnutls/-/commit/4b7ff428291c7ed77c6d2635577c83a43bbae558 (3.8.0)
 CVE-2023-0360 (The Location Weather WordPress plugin before 1.3.4 does not validate a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0359
 	RESERVED
 CVE-2023-0358 (Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV. ...)
@@ -5575,7 +5575,7 @@ CVE-2023-0335
 CVE-2023-0334
 	RESERVED
 CVE-2023-0333 (The TemplatesNext ToolKit WordPress plugin before 3.2.9 does not valid ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0332 (A vulnerability was found in SourceCodester Online Food Ordering Syste ...)
 	NOT-FOR-US: SourceCodester Online Food Ordering System
 CVE-2020-36654 (A vulnerability classified as problematic has been found in GENI Porta ...)
@@ -6119,7 +6119,7 @@ CVE-2023-0277
 CVE-2023-0276
 	RESERVED
 CVE-2023-0275 (The Easy Accept Payments for PayPal WordPress plugin before 4.9.10 doe ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0274
 	RESERVED
 CVE-2023-0273
@@ -6129,7 +6129,7 @@ CVE-2023-0272
 CVE-2023-0271
 	RESERVED
 CVE-2023-0270 (The YaMaps for WordPress Plugin WordPress plugin before 0.6.26 does no ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0269
 	REJECTED
 CVE-2023-0268
@@ -6334,15 +6334,15 @@ CVE-2023-0265
 CVE-2023-0264
 	RESERVED
 CVE-2023-0263 (The WP Yelp Review Slider WordPress plugin before 7.1 does not properl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0262 (The WP Airbnb Review Slider WordPress plugin before 3.3 does not prope ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0261 (The WP TripAdvisor Review Slider WordPress plugin before 10.8 does not ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0260 (The WP Review Slider WordPress plugin before 12.2 does not properly sa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0259 (The WP Google Review Slider WordPress plugin before 11.8 does not prop ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0258 (A vulnerability was found in SourceCodester Online Food Ordering Syste ...)
 	NOT-FOR-US: SourceCodester
 CVE-2023-0257 (A vulnerability was found in SourceCodester Online Food Ordering Syste ...)
@@ -6447,7 +6447,7 @@ CVE-2023-23456 (A heap-based buffer overflow issue was discovered in UPX in Pack
 	NOTE: https://github.com/upx/upx/commit/510505a85cbe45e51fbd470f1aa8b02157c429d4
 	NOTE: https://github.com/upx/upx/issues/632
 CVE-2023-0255 (The Enable Media Replace WordPress plugin before 4.0.2 does not preven ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0254 (The Simple Membership WP user Import plugin for WordPress is vulnerabl ...)
 	NOT-FOR-US: Simple Membership WP user Import plugin for WordPress
 CVE-2023-0253 (The Real Media Library: Media Library Folder & File Manager plugin ...)
@@ -7276,7 +7276,7 @@ CVE-2023-0222
 CVE-2023-0221 (Product security bypass vulnerability in ACC prior to version 8.3.4 al ...)
 	NOT-FOR-US: Trellix
 CVE-2023-0220 (The Pinpoint Booking System WordPress plugin before 2.9.9.2.9 does not ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0219
 	RESERVED
 CVE-2023-0218
@@ -7755,7 +7755,7 @@ CVE-2023-0179 [netfilter: nft_payload: incorrect arithmetics when fetching VLAN
 CVE-2023-0178 (The Annual Archive WordPress plugin before 1.6.0 does not validate and ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0177 (The Social Like Box and Page by WpDevArt WordPress plugin before 0.8.4 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0176 (The Giveaways and Contests by RafflePress WordPress plugin before 1.11 ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0175
@@ -7771,13 +7771,13 @@ CVE-2023-0171 (The jQuery T(-) Countdown Widget WordPress plugin before 2.3.24 d
 CVE-2023-0170 (The Html5 Audio Player WordPress plugin before 2.1.12 does not validat ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0169 (The Zoho Forms WordPress plugin before 3.0.1 does not validate and esc ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0168
 	RESERVED
 CVE-2023-0167
 	RESERVED
 CVE-2023-0166 (The Product Slider for WooCommerce by PickPlugins WordPress plugin bef ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0165
 	RESERVED
 CVE-2023-0164 (OrangeScrum version 2.0.11 allows an authenticated external attacker t ...)
@@ -7842,7 +7842,7 @@ CVE-2023-0161
 CVE-2023-0160
 	RESERVED
 CVE-2023-0159 (The Extensive VC Addons for WPBakery page builder WordPress plugin bef ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0158 (NLnet Labs Krill supports direct access to the RRDP repository content ...)
 	NOT-FOR-US: NLnet Labs Krill
 CVE-2023-0157
@@ -7858,7 +7858,7 @@ CVE-2023-0153 (The Vimeo Video Autoplay Automute WordPress plugin through 1.0 do
 CVE-2023-0152
 	RESERVED
 CVE-2023-0151 (The uTubeVideo Gallery WordPress plugin before 2.0.8 does not validate ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0150 (The Cloak Front End Email WordPress plugin through 1.9.1 does not vali ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0149 (The WordPrezi WordPress plugin through 0.8.2 does not validate and esc ...)
@@ -8736,9 +8736,9 @@ CVE-2023-0101 (A privilege escalation vulnerability was identified in Nessus ver
 CVE-2023-0100
 	RESERVED
 CVE-2023-0099 (The Simple URLs WordPress plugin before 115 does not sanitise and esca ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0098 (The Simple URLs WordPress plugin before 115 does not escape some param ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0097 (The Post Grid, Post Carousel, & List Category Posts WordPress plug ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0096 (The Happyforms WordPress plugin before 1.22.0 does not validate and es ...)
@@ -8894,7 +8894,7 @@ CVE-2023-0082 (The ExactMetrics WordPress plugin before 7.12.1 does not validate
 CVE-2023-0081 (The MonsterInsights WordPress plugin before 8.12.1 does not validate a ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0080 (The Customer Reviews for WooCommerce WordPress plugin before 5.16.0 do ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0079
 	RESERVED
 CVE-2023-0078
@@ -8980,7 +8980,7 @@ CVE-2023-22619
 CVE-2023-0076
 	RESERVED
 CVE-2023-0075 (The Amazon JS WordPress plugin through 0.10 does not validate and esca ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0074 (The WP Social Widget WordPress plugin before 2.2.4 does not validate a ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0073
@@ -9008,9 +9008,9 @@ CVE-2023-0063
 CVE-2023-0062 (The EAN for WooCommerce WordPress plugin before 4.4.3 does not validat ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0061 (The Judge.me Product Reviews for WooCommerce WordPress plugin before 1 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0060 (The Responsive Gallery Grid WordPress plugin before 2.3.9 does not val ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0059
 	RESERVED
 CVE-2023-0058
@@ -9228,7 +9228,7 @@ CVE-2012-10003 (A vulnerability, which was classified as problematic, has been f
 CVE-2012-10002 (A vulnerability was found in ahmyi RivetTracker. It has been declared  ...)
 	NOT-FOR-US: ahmyi RivetTracker
 CVE-2023-0034 (The JetWidgets For Elementor WordPress plugin through 1.0.13 does not  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0033 (The PDF Viewer WordPress plugin before 1.0.0 does not validate and esc ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4870
@@ -9685,7 +9685,7 @@ CVE-2022-4832 (The Store Locator WordPress plugin before 1.4.9 does not validate
 CVE-2022-4831 (The Custom User Profile Fields for User Registration WordPress plugin  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4830 (The Paid Memberships Pro WordPress plugin before 2.9.9 does not valida ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4829
 	RESERVED
 CVE-2022-4828 (The Bold Timeline Lite WordPress plugin before 1.1.5 does not validate ...)
@@ -10285,7 +10285,7 @@ CVE-2022-4785
 CVE-2022-4784
 	RESERVED
 CVE-2022-4783 (The Youtube Channel Gallery WordPress plugin through 2.4 does not vali ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4782
 	RESERVED
 CVE-2022-4781 (The Accordion Shortcodes WordPress plugin through 2.4.2 does not valid ...)
@@ -10541,7 +10541,7 @@ CVE-2022-4761
 CVE-2022-4760 (The OneClick Chat to Order WordPress plugin before 1.0.4.2 does not va ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4759 (The GigPress WordPress plugin before 2.3.28 does not validate and esca ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4758 (The 10WebMapBuilder WordPress plugin before 1.0.72 does not validate a ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4757
@@ -10608,7 +10608,7 @@ CVE-2022-47966 (Multiple Zoho ManageEngine on-premise products, such as ServiceD
 CVE-2022-4746 (The FluentAuth WordPress plugin before 1.0.2 prioritizes getting a vis ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4745 (The WP Customer Area WordPress plugin before 8.1.4 does not have CSRF  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-4281 (A vulnerability was found in Brave UX for-the-badge and classified as  ...)
 	NOT-FOR-US: Brave UX for-the-badge
 CVE-2022-47908 (Stack-based buffer overflow vulnerability in V-Server v4.0.12.0 and ea ...)
@@ -10843,7 +10843,7 @@ CVE-2022-4684 (Improper Access Control in GitHub repository usememos/memos prior
 CVE-2022-4683 (Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub ...)
 	NOT-FOR-US: usememos
 CVE-2022-4682 (The Lightbox Gallery WordPress plugin before 0.9.5 does not validate a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4681 (The Hide My WP WordPress plugin before 6.2.9 does not properly sanitiz ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-47943 (An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 ...)
@@ -10909,7 +10909,7 @@ CVE-2022-4680 (The Revive Old Posts WordPress plugin before 9.0.11 unserializes
 CVE-2022-4679
 	RESERVED
 CVE-2022-4678 (The TemplatesNext ToolKit WordPress plugin before 3.2.8 does not valid ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4677 (The Leaflet Maps Marker WordPress plugin before 3.12.7 does not valida ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4676
@@ -10986,7 +10986,7 @@ CVE-2022-4658 (The RSSImport WordPress plugin through 4.6.1 does not validate an
 CVE-2022-4657 (The Restaurant Menu WordPress plugin before 2.3.6 does not validate an ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4656 (The WP Visitor Statistics (Real Time Traffic) WordPress plugin before  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4655 (The Welcart e-Commerce WordPress plugin before 2.8.9 does not validate ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4654 (The Pricing Tables WordPress Plugin WordPress plugin before 3.2.3 does ...)
@@ -11102,7 +11102,7 @@ CVE-2022-4629 (The Product Slider for WooCommerce WordPress plugin before 2.6.4
 CVE-2022-46286
 	RESERVED
 CVE-2022-4628 (The Easy PayPal Buy Now Button WordPress plugin before 1.7.4 does not  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4627 (The ShiftNav WordPress plugin before 1.7.2 does not validate and escap ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4626 (The PPWP WordPress plugin before 1.8.6 does not validate and escape so ...)
@@ -13150,7 +13150,7 @@ CVE-2023-21775 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerabil
 CVE-2023-21774 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-4580 (The Twenty20 Image Before-After WordPress plugin through 1.5.9 does no ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4579
 	REJECTED
 CVE-2022-4578 (The Video Conferencing with Zoom WordPress plugin before 4.0.10 does n ...)
@@ -13226,7 +13226,7 @@ CVE-2022-4564 (A vulnerability classified as problematic has been found in Unive
 CVE-2022-4563 (A vulnerability was found in Freedom of the Press SecureDrop. It has b ...)
 	NOT-FOR-US: Freedom of the Press SecureDrop
 CVE-2022-4562 (The Meks Flexible Shortcodes WordPress plugin before 1.3.5 does not va ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4561 (A vulnerability classified as problematic has been found in SemanticDr ...)
 	NOT-FOR-US: SemanticDrilldown MediaWiki extension
 CVE-2022-4560 (A vulnerability was found in Joget up to 7.0.31. It has been rated as  ...)
@@ -13254,7 +13254,7 @@ CVE-2022-4553 (The FL3R FeelBox WordPress plugin through 8.1 does not have CSRF
 CVE-2022-4552 (The FL3R FeelBox WordPress plugin through 8.1 does not have CSRF check ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4551 (The Rich Table of Contents WordPress plugin through 1.3.7 does not val ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4550
 	RESERVED
 CVE-2022-4549 (The Tickera WordPress plugin before 3.5.1.0 does not have CSRF check i ...)
@@ -13264,7 +13264,7 @@ CVE-2022-4548 (The Optimize images ALT Text & names for SEO using AI WordPre
 CVE-2022-4547 (The Conditional Payment Methods for WooCommerce WordPress plugin throu ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4546 (The Mapwiz WordPress plugin through 1.0.1 does not properly sanitise a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4545 (The Sitemap WordPress plugin before 4.4 does not validate and escape s ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4544 (The MashShare WordPress plugin before 3.8.7 does not validate and esca ...)
@@ -13481,7 +13481,7 @@ CVE-2022-4514 (A vulnerability, which was classified as problematic, was found i
 CVE-2022-4513 (A vulnerability, which was classified as problematic, has been found i ...)
 	NOT-FOR-US: European Environment Agency eionet.contreg
 CVE-2022-4512 (The Better Font Awesome WordPress plugin before 2.0.4 does not validat ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4511 (A vulnerability has been found in RainyGao DocSys and classified as cr ...)
 	NOT-FOR-US: RainyGao DocSys
 CVE-2022-4510 (A path traversal vulnerability was identified in ReFirm Labs binwalk f ...)
@@ -13645,7 +13645,7 @@ CVE-2022-4490
 CVE-2022-4489 (The HUSKY WordPress plugin before 1.3.2 unserializes user input provid ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4488 (The Widgets on Pages WordPress plugin through 1.6.0 does not validate  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4487 (The Easy Accordion WordPress plugin before 2.2.0 does not validate and ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4486 (The Meteor Slides WordPress plugin through 1.5.6 does not validate and ...)
@@ -13813,11 +13813,11 @@ CVE-2022-4475 (The Collapse-O-Matic WordPress plugin before 1.8.3 does not valid
 CVE-2022-4474 (The Easy Social Feed WordPress plugin before 6.4.0 does not validate a ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4473 (The Widget Shortcode WordPress plugin through 0.3.5 does not validate  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4472 (The Simple Sitemap WordPress plugin before 3.5.8 does not validate and ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4471 (The YARPP WordPress plugin through 5.30.1 does not validate and escape ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4470 (The Widgets for Google Reviews WordPress plugin before 9.8 does not va ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4469 (The Simple Membership WordPress plugin before 4.2.2 does not validate  ...)
@@ -13843,7 +13843,7 @@ CVE-2022-4460 (The Sidebar Widgets by CodeLights WordPress plugin through 1.4 do
 CVE-2022-4459 (The WP Show Posts WordPress plugin before 1.1.4 does not validate and  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4458 (The amr shortcode any widget WordPress plugin through 4.0 does not val ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-43543 (KDDI +Message App, NTT DOCOMO +Message App, and SoftBank +Message App  ...)
 	NOT-FOR-US: KDDI +Message App, NTT DOCOMO +Message App and SoftBank +Message App
 CVE-2023-21723
@@ -13977,13 +13977,13 @@ CVE-2022-4450 (The function PEM_read_bio_ex() reads a PEM file from a BIO and pa
 CVE-2022-4449 (The Page scroll to id WordPress plugin before 1.7.6 does not validate  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4448 (The GiveWP WordPress plugin before 2.24.0 does not validate and escape ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4447 (The Fontsy WordPress plugin through 1.8.6 does not properly sanitize a ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4446 (PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior  ...)
 	NOT-FOR-US: Corebos
 CVE-2022-4445 (The FL3R FeelBox WordPress plugin through 8.1 does not properly saniti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4444 (A vulnerability was found in ipti br.tag. It has been declared as prob ...)
 	NOT-FOR-US: ipti br.tag
 CVE-2022-4443 (The BruteBank WordPress plugin before 1.9 does not have CSRF check in  ...)
@@ -20929,7 +20929,7 @@ CVE-2022-3893 (Cross-site Scripting (XSS) vulnerability in BlueSpiceCustomMenu e
 CVE-2022-3892 (The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2 ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-3891 (The WP FullCalendar WordPress plugin before 1.5 does not ensure that t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-45045 (Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.1 ...)
 	NOT-FOR-US: Xiongmai
 CVE-2022-3890 (Heap buffer overflow in Crashpad in Google Chrome on Android prior to  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22b7e91cfd0087912406bf68994107b17bec3897

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22b7e91cfd0087912406bf68994107b17bec3897
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230213/c2eb6498/attachment.htm>


More information about the debian-security-tracker-commits mailing list