[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jul 12 09:58:04 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1001e73a by Salvatore Bonaccorso at 2023-07-12T10:57:36+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,45 +1,45 @@
CVE-2023-3525 (The Getnet Argentina para Woocommerce plugin for WordPress is vulnerab ...)
- TODO: check
+ NOT-FOR-US: Getnet Argentina para Woocommerce plugin for WordPress
CVE-2023-3369 (The About Me 3000 widget plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: About Me 3000 widget plugin for WordPress
CVE-2023-3202 (The MStore API plugin for WordPress is vulnerable to Cross-Site Reques ...)
- TODO: check
+ NOT-FOR-US: MStore API plugin for WordPress
CVE-2023-3199 (The MStore API plugin for WordPress is vulnerable to Cross-Site Reques ...)
- TODO: check
+ NOT-FOR-US: MStore API plugin for WordPress
CVE-2023-3168 (The WP Reroute Email plugin for WordPress is vulnerable to Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WP Reroute Email plugin for WordPress
CVE-2023-3167 (The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: Mail Queue plugin for WordPress
CVE-2023-3166 (The Lana Email Logger plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: Lana Email Logger plugin for WordPress
CVE-2023-3158 (The Mail Control plugin for WordPress is vulnerable to Stored Cross-Si ...)
- TODO: check
+ NOT-FOR-US: Mail Control plugin for WordPress
CVE-2023-3135 (The Mailtree Log Mail plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: Mailtree Log Mail plugin for WordPress
CVE-2023-3127 (An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iS ...)
TODO: check
CVE-2023-3122 (The GD Mail Queue plugin for WordPress is vulnerable to Stored Cross-S ...)
- TODO: check
+ NOT-FOR-US: GD Mail Queue plugin for WordPress
CVE-2023-3105 (The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direc ...)
- TODO: check
+ NOT-FOR-US: LearnDash LMS plugin for WordPress
CVE-2023-3093 (The YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: YaySMTP plugin for WordPress
CVE-2023-3092 (The SMTP Mail plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: SMTP Mail plugin for WordPress
CVE-2023-3088 (The WP Mail Log plugin for WordPress is vulnerable to Stored Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WP Mail Log plugin for WordPress
CVE-2023-3087 (The FluentSMTP plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: FluentSMTP plugin for WordPress
CVE-2023-3082 (The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: Post SMTP plugin for WordPress
CVE-2023-3081 (The WP Mail Logging plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WP Mail Logging plugin for WordPress
CVE-2023-3080 (The WP Mail Catcher plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WP Mail Catcher plugin for WordPress
CVE-2023-3023 (The WP EasyCart plugin for WordPress is vulnerable to time-based SQL I ...)
- TODO: check
+ NOT-FOR-US: WP EasyCart plugin for WordPress
CVE-2023-3011 (The ARMember plugin for WordPress is vulnerable to Cross-Site Request ...)
- TODO: check
+ NOT-FOR-US: ARMember plugin for WordPress
CVE-2023-37767 (GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a seg ...)
TODO: check
CVE-2023-37766 (GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a seg ...)
@@ -61,7 +61,7 @@ CVE-2023-37174 (GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain
CVE-2023-32200 (There is insufficient restrictions of called script functions in Apach ...)
TODO: check
CVE-2023-2869 (The WP-Members Membership plugin for WordPress is vulnerable to unauth ...)
- TODO: check
+ NOT-FOR-US: WP-Members Membership plugin for WordPress
CVE-2023-2763 (Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vul ...)
TODO: check
CVE-2023-2762 (A Use-After-Free vulnerability in SLDPRT file reading procedure exists ...)
@@ -71,59 +71,59 @@ CVE-2023-2562 (The Gallery Metabox for WordPress is vulnerable to unauthorized a
CVE-2023-2561 (The Gallery Metabox for WordPress is vulnerable to unauthorized modifi ...)
TODO: check
CVE-2023-2517 (The Metform Elementor Contact Form Builder plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: Metform Elementor Contact Form Builder plugin for WordPress
CVE-2021-4427 (The Vuukle Comments, Reactions, Share Bar, Revenue plugin for WordPres ...)
- TODO: check
+ NOT-FOR-US: Vuukle Comments, Reactions, Share Bar, Revenue plugin for WordPress
CVE-2021-4426 (The Absolute Reviews plugin for WordPress is vulnerable to Cross-Site ...)
- TODO: check
+ NOT-FOR-US: Absolute Reviews plugin for WordPress
CVE-2021-4425 (The Defender Security plugin for WordPress is vulnerable to Cross-Site ...)
- TODO: check
+ NOT-FOR-US: Defender Security plugin for WordPress
CVE-2021-4424 (The Slider Hero plugin for WordPress is vulnerable to Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: Slider Hero plugin for WordPress
CVE-2021-4423 (The RAYS Grid plugin for WordPress is vulnerable to Cross-Site Request ...)
- TODO: check
+ NOT-FOR-US: RAYS Grid plugin for WordPress
CVE-2021-4422 (The POST SMTP Mailer plugin for WordPress is vulnerable to Cross-Site ...)
- TODO: check
+ NOT-FOR-US: POST SMTP Mailer plugin for WordPress
CVE-2021-4421 (The Advanced Popups plugin for WordPress is vulnerable to Cross-Site R ...)
- TODO: check
+ NOT-FOR-US: Advanced Popups plugin for WordPress
CVE-2021-4420 (The Sell Media plugin for WordPress is vulnerable to Cross-Site Reques ...)
- TODO: check
+ NOT-FOR-US: Sell Media plugin for WordPress
CVE-2021-4419 (The WP-Backgrounds Lite plugin for WordPress is vulnerable to Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WP-Backgrounds Lite plugin for WordPress
CVE-2021-4417 (The Forminator \u2013 Contact Form, Payment Form & Custom Form Builder ...)
- TODO: check
+ NOT-FOR-US: Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress
CVE-2021-4416 (The wp-mpdf plugin for WordPress is vulnerable to Cross-Site Request F ...)
- TODO: check
+ NOT-FOR-US: wp-mpdf plugin for WordPress
CVE-2021-4415 (The Sunshine Photo Cart plugin for WordPress is vulnerable to Cross-Si ...)
- TODO: check
+ NOT-FOR-US: Sunshine Photo Cart plugin for WordPress
CVE-2021-4414 (The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: Abandoned Cart Lite for WooCommerce plugin for WordPress
CVE-2021-4413 (The Process Steps Template Designer plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: Process Steps Template Designer plugin for WordPress
CVE-2021-4412 (The WP Prayer plugin for WordPress is vulnerable to Cross-Site Request ...)
- TODO: check
+ NOT-FOR-US: WP Prayer plugin for WordPress
CVE-2021-4411 (The WP EasyPay \u2013 Square for WordPress plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WP EasyPay – Square for WordPress plugin for WordPress
CVE-2021-4410 (The Qtranslate Slug plugin for WordPress is vulnerable to Cross-Site R ...)
- TODO: check
+ NOT-FOR-US: Qtranslate Slug plugin for WordPress
CVE-2021-4409 (The WooCommerce Etsy Integration plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WooCommerce Etsy Integration plugin for WordPress
CVE-2021-4408 (The DW Question & Answer plugin for WordPress is vulnerable to Cross-S ...)
- TODO: check
+ NOT-FOR-US: DW Question & Answer plugin for WordPress
CVE-2021-4407 (The Custom Banners plugin for WordPress is vulnerable to Cross-Site Re ...)
- TODO: check
+ NOT-FOR-US: Custom Banners plugin for WordPress
CVE-2020-36761 (The Top 10 plugin for WordPress is vulnerable to Cross-Site Request Fo ...)
- TODO: check
+ NOT-FOR-US: Top 10 plugin for WordPress
CVE-2020-36760 (The Ocean Extra plugin for WordPress is vulnerable to Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: Ocean Extra plugin for WordPress
CVE-2020-36757 (The WP Hotel Booking plugin for WordPress is vulnerable to Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WP Hotel Booking plugin for WordPress
CVE-2020-36756 (The 10WebAnalytics plugin for WordPress is vulnerable to Cross-Site Re ...)
- TODO: check
+ NOT-FOR-US: 10WebAnalytics plugin for WordPress
CVE-2020-36752 (The Coming Soon & Maintenance Mode Page plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: Coming Soon & Maintenance Mode Page plugin for WordPress
CVE-2020-36750 (The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-S ...)
- TODO: check
+ NOT-FOR-US: EWWW Image Optimizer plugin for WordPress
CVE-2023-37579
NOT-FOR-US: Apache Pulsar
CVE-2023-3627 (Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/su ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1001e73ab172b58f840c6f53899c7e5a280e5779
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1001e73ab172b58f840c6f53899c7e5a280e5779
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230712/bf3e0d91/attachment.htm>
More information about the debian-security-tracker-commits
mailing list