[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b9549601 by Moritz Muehlenhoff at 2024-08-08T10:31:59+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,53 +1,53 @@
 CVE-2024-7561 (The The Next theme for WordPress is vulnerable to PHP Object Injection ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2024-7560 (The News Flash theme for WordPress is vulnerable to PHP Object Injecti ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2024-7548 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7492 (The MainWP Child Reports plugin for WordPress is vulnerable to Cross-S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7486 (The MultiPurpose theme for WordPress is vulnerable to PHP Object Injec ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2024-7350 (The Appointment Booking Calendar Plugin and Online Scheduling Plugin \ ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7150 (The Slider by 10Web \u2013 Responsive Image Slider plugin for WordPres ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6987 (The Orchid Store theme for WordPress is vulnerable to unauthorized mod ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2024-6893 (The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to ...)
-	TODO: check
+	NOT-FOR-US: Journyx
 CVE-2024-6892 (Attackers can craft a malicious link that once clicked will execute ar ...)
-	TODO: check
+	NOT-FOR-US: Journyx
 CVE-2024-6891 (Attackers with a valid username and password can exploit a python code ...)
-	TODO: check
+	NOT-FOR-US: Journyx
 CVE-2024-6890 (Password reset tokens are generated using an insecure source of random ...)
-	TODO: check
+	NOT-FOR-US: Journyx
 CVE-2024-6884 (The Gutenberg Blocks with AI by Kadence WP  WordPress plugin before 3. ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6869 (The Falang multilanguage for WordPress plugin for WordPress is vulnera ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6824 (The Premium Addons for Elementor plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6707 (Attacker controlled files can be uploaded to arbitrary locations on th ...)
-	TODO: check
+	NOT-FOR-US: Open WebUI
 CVE-2024-6706 (Attackers can craft a malicious prompt that coerces the language model ...)
-	TODO: check
+	NOT-FOR-US: Open WebUI
 CVE-2024-6552 (The Booking for Appointments and Events Calendar \u2013 Amelia plugin  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6481 (The Search & Filter Pro WordPress plugin before 2.5.18 does not saniti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6254 (The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5668 (The Lightbox & Modal Popup WordPress Plugin \u2013 FooBox plugin for W ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5226 (The Fuse Social Floating Sidebar plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38202 (Summary Microsoft was notified that an elevation of privilege vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-22069 (There is a permission and access control vulnerability of ZTE's ZXV10  ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2024-21302 (Summary: Microsoft was notified that an elevation of privilege vulnera ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-43168
 	- unbound 1.20.0-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2303462



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9549601438a0252ca686b131db87d8a001a376a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9549601438a0252ca686b131db87d8a001a376a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240808/5fb11352/attachment-0001.htm>