[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 5 21:15:54 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f36051e0 by Salvatore Bonaccorso at 2023-06-05T22:15:24+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33,23 +33,23 @@ CVE-2023-32766 (Gitpod before 2022.11.3 allows XSS because redirection can occur
 CVE-2023-31893 (Telefnica Brasil Vivo Play (IPTV) Firmware: 2023.04.04.01.06.15 is vul ...)
 	TODO: check
 CVE-2023-2634 (The Get your number WordPress plugin through 1.1.3 does not sanitise a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-2572 (The Survey Maker WordPress plugin before 3.4.7 does not escape some pa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-2571 (The Quiz Maker WordPress plugin before 6.4.2.7 does not escape some pa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-2503 (The 10Web Social Post Feed WordPress plugin before 1.2.9 does not sani ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-2489 (The Stop Spammers Security | Block Spam Users, Comments, Forms WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-2488 (The Stop Spammers Security | Block Spam Users, Comments, Forms WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-2472 (The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-2337 (The ConvertKit WordPress plugin before 2.2.1 does not escape a paramet ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4946 (The Frontend Post WordPress Plugin WordPress plugin through 2.8.4 does ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2015-10115 (A vulnerability, which was classified as problematic, was found in Woo ...)
 	TODO: check
 CVE-2015-10114 (A vulnerability, which was classified as problematic, has been found i ...)
@@ -3901,7 +3901,7 @@ CVE-2023-2226 (Due to insufficient validation in the PE and OLE parsers in Rapid
 CVE-2023-2225
 	RESERVED
 CVE-2023-2224 (The SEO by 10Web WordPress plugin before 1.2.7 does not sanitise and e ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-2223 (The Login rebuilder WordPress plugin before 2.8.1 does not sanitise an ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-2222
@@ -18544,7 +18544,7 @@ CVE-2023-26031
 CVE-2023-0901 (Exposure of Sensitive Information to an Unauthorized Actor in GitHub r ...)
 	NOT-FOR-US: pixelfed
 CVE-2023-0900 (The Pricing Table Builder WordPress plugin through 1.1.6 does not prop ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0899 (The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0898
@@ -22828,7 +22828,7 @@ CVE-2023-0547 (OCSP revocation status of recipient certificates was not checked
 CVE-2023-0546 (The Contact Form Plugin WordPress plugin before 4.3.25 does not proper ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0545 (The Hostel WordPress plugin before 1.1.5.2 does not sanitise and escap ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0544 (The WP Login Box WordPress plugin through 2.0.2 does not sanitise and  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0543 (The Arigato Autoresponder and Newsletter WordPress plugin before 2.1.7 ...)
@@ -28049,7 +28049,7 @@ CVE-2023-0154 (The GamiPress WordPress plugin before 1.0.9 does not validate and
 CVE-2023-0153 (The Vimeo Video Autoplay Automute WordPress plugin through 1.0 does no ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0152 (The WP Multi Store Locator WordPress plugin through 2.4 does not valid ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0151 (The uTubeVideo Gallery WordPress plugin before 2.0.8 does not validate ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0150 (The Cloak Front End Email WordPress plugin before 1.9.2 does not valid ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f36051e0a5f1e3cd44906c45cd91dd3a20f4e5b5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f36051e0a5f1e3cd44906c45cd91dd3a20f4e5b5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230605/46ad4b8b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list