[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat Aug 24 09:16:34 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bf435839 by Salvatore Bonaccorso at 2024-08-24T10:16:01+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2024-8120 (The ImageRecycle pdf & image compression plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7568 (The Favicon Generator plugin for WordPress is vulnerable to Cross-Site ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7351 (The Simple Job Board plugin for WordPress is vulnerable to PHP Object  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6631 (The ImageRecycle pdf & image compression plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6499 (The WordPress Button Plugin MaxButtons plugin for WordPress is vulnera ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-40111 (A persistent (stored) cross-site scripting (XSS) vulnerability has bee ...)
-	TODO: check
+	NOT-FOR-US: Automad
 CVE-2024-38207 (Microsoft Edge (HTML-based) Memory Corruption Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-37392 (A stored Cross-Site Scripting (XSS) vulnerability has been identified  ...)
-	TODO: check
+	NOT-FOR-US: SMSEagle
 CVE-2024-2254 (The RT Easy Builder \u2013 Advanced addons for Elementor plugin for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6987 (The String locator plugin for WordPress is vulnerable to Reflected Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8113 (Stored XSS in organizer and event settings of pretix up to 2024.7.0 al ...)
 	NOT-FOR-US: pretix
 CVE-2024-8112 (A vulnerability was found in thinkgem JeeSite 5.3. It has been rated a ...)
@@ -117462,7 +117462,7 @@ CVE-2023-26103 (Versions of the package deno before 1.31.0 are vulnerable to Reg
 CVE-2023-26102 (All versions of the package rangy are vulnerable to Prototype Pollutio ...)
 	NOT-FOR-US: Node rangy
 CVE-2023-0926 (The Custom Permalinks plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0925 (Version 10.11 of webMethods OneData runs an embedded instance of Azul  ...)
 	NOT-FOR-US: webMethods OneData
 CVE-2023-0924 (The ZYREX POPUP WordPress plugin through 1.0 does not validate the typ ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf4358397370d6e4d826aeb5aae774680531cefe

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf4358397370d6e4d826aeb5aae774680531cefe
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240824/30962c1b/attachment.htm>
