[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 10 05:08:30 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5543a8a5 by Salvatore Bonaccorso at 2024-12-10T06:08:09+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -91,64 +91,64 @@ CVE-2024-53947 (Improper Neutralization of Special Elements used in an SQL Comma
CVE-2024-53847 (The Trix rich text editor, prior to versions 2.1.9 and 1.3.3, is vulne ...)
TODO: check
CVE-2024-53822 (Unrestricted Upload of File with Dangerous Type vulnerability in Genet ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53819 (Missing Authorization vulnerability in Sprout Invoices Client Invoicin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53818 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53816 (Missing Authorization vulnerability in Themeum Tutor LMS Elementor Add ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53814 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53798 (Missing Authorization vulnerability in BAKKBONE Australia FloristPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53791 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53790 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53785 (Missing Authorization vulnerability in Alexander Volkov Chatter.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53450 (RAGFlow 0.13.0 suffers from improper access control in document-hooks. ...)
- TODO: check
+ NOT-FOR-US: RAGFlow
CVE-2024-53441 (An issue in the index.js decryptCookie function of cookie-encrypter v1 ...)
TODO: check
CVE-2024-52599 (Tuleap is an open source suite to improve management of software devel ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2024-52586 (eLabFTW is an open source electronic lab notebook for research labs. A ...)
- TODO: check
+ NOT-FOR-US: eLabFTW
CVE-2024-52480 (Missing Authorization vulnerability in Astoundify Jobify - Job Board W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52391 (Missing Authorization vulnerability in Genetech Pie Register Premium.T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52385 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49603 (Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an inco ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-49602 (Dell PowerScale OneFS Versions 8.2.2.x through 9.8.0.x contain an impr ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-49600 (Dell Power Manager (DPM), versions prior to 3.17, contain an improper ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-48956 (Serviceware Processes 6.0 through 7.3 allows attackers without valid a ...)
- TODO: check
+ NOT-FOR-US: Serviceware Processes
CVE-2024-46901 (Insufficient validation of filenames against control characters in Apa ...)
- subversion 1.14.5-1
NOTE: https://subversion.apache.org/security/CVE-2024-46901-advisory.txt
CVE-2024-46547 (A vulnerability was found in Romain Bourdon Wampserver all versions (d ...)
- TODO: check
+ NOT-FOR-US: Romain Bourdon Wampserver
CVE-2024-45761 (Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, con ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-45760 (Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, con ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-43222 (Missing Authorization vulnerability in Envato Security Team Sweet Date ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-42426 (Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an unco ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-40583 (Pentaminds CuroVMS v2.0.1 was discovered to contain exposed credential ...)
- TODO: check
+ NOT-FOR-US: Pentaminds CuroVMS
CVE-2024-40582 (Pentaminds CuroVMS v2.0.1 was discovered to contain exposed sensitive ...)
- TODO: check
+ NOT-FOR-US: Pentaminds CuroVMS
CVE-2024-38485 (Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-12307 (A function-level access control vulnerability in Unifiedtransform vers ...)
TODO: check
CVE-2024-12306 (Multiple access control vulnerabilities in Unifiedtransform version 2. ...)
@@ -156,191 +156,191 @@ CVE-2024-12306 (Multiple access control vulnerabilities in Unifiedtransform vers
CVE-2024-12305 (An object-level access control vulnerability in Unifiedtransform versi ...)
TODO: check
CVE-2024-12057 (User credentials (login & password) are inserted into log files when a ...)
- TODO: check
+ NOT-FOR-US: PcVue
CVE-2024-11991 (Motoko's incremental garbage collector is impacted by an uninitialized ...)
TODO: check
CVE-2024-11608 (A maliciously crafted SKP file, when linked or imported into Autodesk ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-11454 (A maliciously crafted DLL file, when placed in the same directory as a ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-11268 (A maliciously crafted PDF file, when parsed through Autodesk Revit, ca ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-7298 (A maliciously crafted FBX file, when parsed through Autodesk FBX SDK, ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-51362 (Missing Authorization vulnerability in Premio All-in-one Floating Cont ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51360 (Missing Authorization vulnerability in WPDeveloper Essential Blocks fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51359 (Missing Authorization vulnerability in WPDeveloper Essential Blocks fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51357 (Missing Authorization vulnerability in Conversios Conversios.io allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51355 (Missing Authorization vulnerability in MultiVendorX WC Marketplace all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51353 (Missing Authorization vulnerability in supsystic.com Popup by Supsysti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50904 (Missing Authorization vulnerability in Poll Maker Team Poll Maker allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50903 (Missing Authorization vulnerability in Wpmet Metform Elementor Contact ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50899 (Missing Authorization vulnerability in MultiVendorX Product Catalog En ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50887 (Missing Authorization vulnerability in UserFeedback Team User Feedback ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50884 (Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50882 (Missing Authorization vulnerability in ProfilePress Membership Team Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50877 (Missing Authorization vulnerability in woobewoo Product Filter by WBW ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50876 (Missing Authorization vulnerability in Molongui Molongui allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50375 (Missing Authorization vulnerability in Translate AI Multilingual Solut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50373 (Missing Authorization vulnerability in WPSAAD Alt Manager allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49861 (Missing Authorization vulnerability in socialmediafeather Social Media ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49859 (Missing Authorization vulnerability in Pixelite Login With Ajax allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49858 (Missing Authorization vulnerability in Austin Passy Custom Login allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49857 (Missing Authorization vulnerability in Awesome Support Team Awesome Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49856 (Missing Authorization vulnerability in RedNao Smart Forms allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49851 (Missing Authorization vulnerability in ILMDESIGNS Square Thumbnails al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49850 (Missing Authorization vulnerability in Ashish Ajani WP Simple HTML Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49849 (Missing Authorization vulnerability in Aakash Chakravarthy Shortcoder ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49848 (Missing Authorization vulnerability in wooproductimporter Sharkdropshi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49845 (Missing Authorization vulnerability in Loud Dog Redirects allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49835 (Missing Authorization vulnerability in Metaphor Creations Post Duplica ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49832 (Missing Authorization vulnerability in Paul Ryley Site Reviews allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49831 (Missing Authorization vulnerability in Metagauss User Registration For ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49818 (Missing Authorization vulnerability in Webflow Webflow Pages allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49817 (Missing Authorization vulnerability in heoLixfy Flexible Woocommerce C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49758 (Missing Authorization vulnerability in Veribo, Roland Murg WP Booking ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49757 (Missing Authorization vulnerability in Awesome Support Team Awesome Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49756 (Missing Authorization vulnerability in Themewinter Eventin allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49755 (Missing Authorization vulnerability in B.M. Rafiul Alam Elementor Time ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49754 (Missing Authorization vulnerability in Yogesh Pawar, Clarion Technolog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49196 (Missing Authorization vulnerability in Pagelayer Team PageLayer allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49194 (Insertion of Sensitive Information Into Debugging Code vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49193 (Missing Authorization vulnerability in NerdPress Social Pug allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49192 (Missing Authorization vulnerability in Clever Widgets Enhanced Text Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49167 (Missing Authorization vulnerability in Code4Life Database for CF7 allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49158 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49156 (Missing Authorization vulnerability in GoDaddy GoDaddy Email Marketing ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49154 (Missing Authorization vulnerability in Wow-Company Button Generator \u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48779 (Missing Authorization vulnerability in 360 Javascript Viewer 360 Javas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48776 (Missing Authorization vulnerability in Thomas Scholl canvasio3D Light ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48774 (Missing Authorization vulnerability in Martin Gibson IdeaPush allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48750 (Missing Authorization vulnerability in VOID CODERS Void Elementor Post ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48740 (Missing Authorization vulnerability in Easy Social Feed Easy Social Fe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48332 (Missing Authorization vulnerability in Tech Banker Mail Bank - #1 Mail ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48324 (Missing Authorization vulnerability in Awesome Support Team Awesome Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48287 (Missing Authorization vulnerability in Matat Technologies TextMe SMS a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48286 (Missing Authorization vulnerability in Tips and Tricks HQ, wptipsntric ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48277 (Missing Authorization vulnerability in SuperPWA Super Progressive Web ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48274 (Missing Authorization vulnerability in Mondial Relay WooCommerce - WCM ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47871 (Missing Authorization vulnerability in IT Path Solutions Contact Form ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47869 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47849 (Missing Authorization vulnerability in blossomthemes BlossomThemes Ema ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47847 (Missing Authorization vulnerability in PayTR \xd6deme ve Elektronik Pa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47841 (Missing Authorization vulnerability in Analytify Analytify allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47838 (Missing Authorization vulnerability in Jules Colle Conditional Fields ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47836 (Missing Authorization vulnerability in Prasad Kirpekar WP Meta and Dat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47832 (Missing Authorization vulnerability in searchiq SearchIQ allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47830 (Missing Authorization vulnerability in Addons for Contact Form 7 Live ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47826 (Missing Authorization vulnerability in NicheAddons Restaurant & Cafe A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47823 (Missing Authorization vulnerability in nCrafts FormCraft allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47822 (Missing Authorization vulnerability in Sonaar Music MP3 Audio Player f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47820 (Missing Authorization vulnerability in CRUDLab WP Like Button allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47805 (Missing Authorization vulnerability in Themewinter WPCafe allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47793 (Missing Authorization vulnerability in acmethemes Acme Fix Images allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47780 (Missing Authorization vulnerability in EasyAzon EasyAzon allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47776 (Missing Authorization vulnerability in miniOrange miniorange otp verif ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47764 (Missing Authorization vulnerability in Metaphor Creations Ditty allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47763 (Missing Authorization vulnerability in Martin Gibson WP Custom Admin I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47762 (Missing Authorization vulnerability in WPDeveloper BetterDocs allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47761 (Missing Authorization vulnerability in WPDeveloper Simple 301 Redirect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47760 (Missing Authorization vulnerability in WPDeveloper Essential Blocks fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47756 (Missing Authorization vulnerability in David Vongries Welcome Email Ed ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47698 (Missing Authorization vulnerability in Artisan Workshop Japanized For ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47694 (Missing Authorization vulnerability in appsbd Mini Cart Drawer For Woo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-43962 (Cross Site Scripting vulnerability in Xunrui CMS Public Edition v.4.6. ...)
- TODO: check
+ NOT-FOR-US: Xunrui CMS Public Edition
CVE-2023-41953 (Missing Authorization vulnerability in ProfilePress Membership Team Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32299 (Missing Authorization vulnerability in anzia Ni WooCommerce Sales Repo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32293 (Missing Authorization vulnerability in Realwebcare WRC Pricing Tables ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32126 (Missing Authorization vulnerability in WPoperation SALERT allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32117 (Missing Authorization vulnerability in SoftLab Integrate Google Drive ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32094 (Missing Authorization vulnerability in Felix Welberg Extended Post Sta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12224 [RUSTSEC-2024-0421]
- rust-idna <unfixed>
NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0421.html
@@ -1854,7 +1854,7 @@ CVE-2024-29645 (Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows
CVE-2024-12015 (The 'Project Manager' WordPress Plugin is affected by an authenticated ...)
NOT-FOR-US: WordPress plugin
CVE-2024-10905 (IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 ...)
- TODO: check
+ NOT-FOR-US: Sailpoint
CVE-2024-10490 (An \u201cAuthentication Bypass Using an Alternate Path or Channel\u201 ...)
NOT-FOR-US: B&R Automation
CVE-2024-53124 (In the Linux kernel, the following vulnerability has been resolved: n ...)
@@ -129542,7 +129542,7 @@ CVE-2023-31216 (Cross-Site Request Forgery (CSRF) vulnerability in Ultimate Memb
CVE-2023-31215 (Unrestricted Upload of File with Dangerous Type vulnerability in Amade ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31214 (Missing Authorization vulnerability in Arul Prasad J WP Quick Post Dup ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31213 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31212 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
@@ -129958,7 +129958,7 @@ CVE-2023-31075 (Cross-Site Request Forgery (CSRF) vulnerability in Arshid Easy H
CVE-2023-31074 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in hupe13 E ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31073 (Missing Authorization vulnerability in Jose Vega Display custom fields ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31072 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Praveen ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31071 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yannick ...)
@@ -130530,13 +130530,13 @@ CVE-2023-30875 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-30874 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Stev ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30873 (Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30872 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30871 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PT Woo P ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30870 (Missing Authorization vulnerability in wooproductimporter Sharkdropshi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30869 (Improper Authentication vulnerability in Easy Digital Downloads plugin ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30868 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jon Chri ...)
@@ -130907,7 +130907,7 @@ CVE-2023-30785 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I
CVE-2023-30784 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30783 (Missing Authorization vulnerability in YummyWP Smart WooCommerce Searc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30782 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moy ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30781 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Theme Bl ...)
@@ -131118,7 +131118,7 @@ CVE-2023-30750 (Improper Neutralization of Special Elements used in an SQL Comma
CVE-2023-30749 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ihom ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30748 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30747 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPGem Wo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30746 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Booq ...)
@@ -132041,11 +132041,11 @@ CVE-2023-30490
CVE-2023-30489 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirte ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30488 (Missing Authorization vulnerability in WP OnlineSupport, Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30487 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ThimPres ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30486 (Missing Authorization vulnerability in HashThemes Square allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30485 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Solwin I ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30484 (Cross-Site Request Forgery (CSRF) vulnerability in uPress Enable Acces ...)
@@ -132059,13 +132059,13 @@ CVE-2023-30481 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Al
CVE-2023-30480 (Missing Authorization vulnerability in Sparkle WP Educenter.This issue ...)
NOT-FOR-US: WordPress theme
CVE-2023-30479 (Missing Authorization vulnerability in Stamped.io Stamped.io Product R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30478 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Newslette ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30477 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30476 (Missing Authorization vulnerability in Sparkle Themes Blogger Buzz all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30475 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30474 (Cross-Site Request Forgery (CSRF) vulnerability in Kilian Evang Ultima ...)
@@ -134632,15 +134632,15 @@ CVE-2023-29435 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
CVE-2023-29434 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fanc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29433 (Missing Authorization vulnerability in \u817e\u8baf\u4e91 tencentcloud ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29432 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29431 (Missing Authorization vulnerability in OntheGoSystems qTranslate X Cle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29430 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CTHtheme ...)
NOT-FOR-US: WordPress theme
CVE-2023-29429 (Missing Authorization vulnerability in WPEverest User Registration all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29428 (Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins Superb So ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29427 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in TMS Book ...)
@@ -134654,7 +134654,7 @@ CVE-2023-29424 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-29423 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI W ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29422 (Missing Authorization vulnerability in AlexaCRM Dynamics 365 Integrati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1916 (A flaw was found in tiffcrop, a program distributed by the libtiff pac ...)
- tiff <unfixed> (unimportant)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/536
@@ -135383,11 +135383,11 @@ CVE-2023-29247 (Task instance details page in the UI is vulnerable to a stored X
CVE-2023-29246 (An attacker who has gained access to an admin account can perform RCE ...)
NOT-FOR-US: Apache OpenMeetings
CVE-2023-29239 (Missing Authorization vulnerability in LuckyWP LuckyWP Scripts Control ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29238 (Cross-Site Request Forgery (CSRF) vulnerability in Whydonate Whydonate ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29237 (Missing Authorization vulnerability in Muhammad Rehman Remove Duplicat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththeme ...)
NOT-FOR-US: WordPress theme
CVE-2023-29235 (Cross-Site Request Forgery (CSRF) vulnerability in Fugu Maintenance Sw ...)
@@ -135639,7 +135639,7 @@ CVE-2023-29175 (An improper certificate validation vulnerability [CWE-295] in Fo
CVE-2023-29174 (Missing Authorization vulnerability in NervyThemes SKU Label Changer F ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29173 (Missing Authorization vulnerability in AWESOME TOGI Product Category T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29172 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Property ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29171 (Unauth. Reflected Cross-site Scripting (XSS) vulnerability in Magic Po ...)
@@ -137393,9 +137393,9 @@ CVE-2023-28691
CVE-2023-28690 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28689 (Missing Authorization vulnerability in JoomSky JS Job Manager allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28688 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeHunk TH Variat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28687 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2023-1551
@@ -137936,7 +137936,7 @@ CVE-2023-28538 (Memory corruption in WIN Product while invoking WinAcpi update d
CVE-2023-28537 (Memory corruption while allocating memory in COmxApeDec module in Audi ...)
NOT-FOR-US: Qualcomm
CVE-2023-28536 (Missing Authorization vulnerability in Acato Branded Social Images all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28535 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paytm Pa ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28534 (Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in ...)
@@ -137944,7 +137944,7 @@ CVE-2023-28534 (Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerabil
CVE-2023-28533 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in M Wi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28532 (Missing Authorization vulnerability in wpdirectorykit.com Real Estate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28531 (ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without ...)
- openssh 1:9.3p1-1 (bug #1033166)
[bookworm] - openssh 1:9.2p1-2+deb12u2
@@ -138398,9 +138398,9 @@ CVE-2023-28419 (Cross-Site Request Forgery (CSRF) vulnerability in Stranger Stud
CVE-2023-28418 (Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability ...)
NOT-FOR-US: WordPress theme
CVE-2023-28417 (Missing Authorization vulnerability in AlexaCRM Dynamics 365 Integrati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28416 (Missing Authorization vulnerability in Sparkle Themes Chankhe allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28415 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Xoot ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28414 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Apex ...)
@@ -139248,13 +139248,13 @@ CVE-2023-28170 (Unrestricted Upload of File with Dangerous Type vulnerability in
CVE-2023-28169 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Core ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28168 (Missing Authorization vulnerability in Jerod Santo WordPress Console a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28167 (Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital CF7 ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28166 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aakif Ka ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28165 (Missing Authorization vulnerability in Tech Banker Backup Bank: WordPr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28164 (Dragging a URL from a cross-origin iframe that was removed during the ...)
{DSA-5375-1 DSA-5374-1 DLA-3365-1 DLA-3364-1}
- firefox 111.0-1
@@ -141069,9 +141069,9 @@ CVE-2023-27628 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
CVE-2023-27627 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in eggemplo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27626 (Missing Authorization vulnerability in Aleksandar Uro\u0161evi\u0107 S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27625 (Missing Authorization vulnerability in Paul Ryley Site Reviews allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27624 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27623 (Cross-Site Request Forgery (CSRF) vulnerability in Jens T\xf6rnell WP ...)
@@ -141644,7 +141644,7 @@ CVE-2023-27456
CVE-2023-27455 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maui Mar ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27454 (Missing Authorization vulnerability in Apollo13Themes Rife Elementor E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27453 (Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Tools plugi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27452 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wow- ...)
@@ -141654,7 +141654,7 @@ CVE-2023-27451 (Server-Side Request Forgery (SSRF) vulnerability in Darren Coone
CVE-2023-27450 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa of ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27449 (Missing Authorization vulnerability in TotalSuite Total Poll Lite allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27448 (Cross-Site Request Forgery (CSRF) vulnerability in MakeStories Team Ma ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27447 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
@@ -141696,7 +141696,7 @@ CVE-2023-27430 (Cross-Site Request Forgery (CSRF) vulnerability in Ramon Fincken
CVE-2023-27429 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Auto ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27428 (Missing Authorization vulnerability in Damir Calusic WP users media al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27427 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NTZA ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27426 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Noti ...)
@@ -143972,11 +143972,11 @@ CVE-2023-26524 (Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Q
CVE-2023-26523 (Missing Authorization vulnerability in CodePeople Calculated Fields Fo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26522 (Missing Authorization vulnerability in OneWebsite WP Repost allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26521 (Missing Authorization vulnerability in CodePeople Search in Place allo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26520 (Missing Authorization vulnerability in Max Chirkov Advanced Text Widge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26519 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26518 (Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes ...)
@@ -145597,7 +145597,7 @@ CVE-2023-25995
CVE-2023-25994 (Cross-Site Request Forgery (CSRF) vulnerability in Alex Benfica Publis ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25993 (Missing Authorization vulnerability in WebberZone Top 10 allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25992 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Crea ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25991 (Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic p ...)
@@ -145651,7 +145651,7 @@ CVE-2023-25968 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs, M
CVE-2023-25967 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25966 (Missing Authorization vulnerability in Ninja Team Filebird allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25965 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25964 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Noah ...)
@@ -145665,7 +145665,7 @@ CVE-2023-25961 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ca
CVE-2023-25960 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25959 (Missing Authorization vulnerability in Apollo13Themes Apollo13 Framewo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25958 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Just ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25957 (A vulnerability has been identified in Mendix SAML (Mendix 7 compatibl ...)
@@ -146132,7 +146132,7 @@ CVE-2023-25793 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-25792 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Xiao ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25791 (Missing Authorization vulnerability in Cadus Pro Fontiran allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25790 (Improper Authentication, Improper Neutralization of Input During Web P ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25789 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tapf ...)
@@ -146505,7 +146505,7 @@ CVE-2023-25716 (Auth (admin+) Stored Cross-Site Scripting (XSS) vulnerability in
CVE-2023-25715 (Missing Authorization vulnerability in GamiPress GamiPress \u2013 The ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25714 (Missing Authorization vulnerability in Fullworks Quick Paypal Payments ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25713 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Q ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25712 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP-B ...)
@@ -146527,7 +146527,7 @@ CVE-2023-25705 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-25704 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mehj ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25703 (Missing Authorization vulnerability in WP OnlineSupport, Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25702 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Full ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25701 (Improper Privilege Management vulnerability in WhatArmy WatchTowerHQ a ...)
@@ -147557,7 +147557,7 @@ CVE-2023-25488 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-25487 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade PixTypes ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25486 (Missing Authorization vulnerability in Migrate Clone allows Exploiting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25485 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bern ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25484 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Oliv ...)
@@ -147591,7 +147591,7 @@ CVE-2023-25471 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in We
CVE-2023-25470 (Cross-Site Request Forgery (CSRF) vulnerability in Anton Skorobogatov ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25469 (Missing Authorization vulnerability in Magazine3 Easy Table of Content ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25468 (Cross-Site Request Forgery (CSRF) vulnerability in Reservation.Studio ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25467 (Cross-Site Request Forgery (CSRF) vulnerability in Daniel Mores, A. Hu ...)
@@ -147619,9 +147619,9 @@ CVE-2023-25457 (Missing Authorization vulnerability in Richteam Slider Carousel
CVE-2023-25456 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Klav ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25455 (Missing Authorization vulnerability in miniOrange WordPress Social Log ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25454 (Missing Authorization vulnerability in Nate Reist Protected Posts Logo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25453 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ian Sado ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25452 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mich ...)
@@ -148590,7 +148590,7 @@ CVE-2013-10015 (A vulnerability has been found in fanzila WebFinance 0.5 and cla
CVE-2023-25068
RESERVED
CVE-2023-25067 (Missing Authorization vulnerability in Noah Hearle, Design Extreme We\ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25066 (Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flow ...)
NOT-FOR-US: FolioVision
CVE-2023-25065 (Cross-Site Request Forgery (CSRF) vulnerability in ShapedPlugin WP Tab ...)
@@ -148604,7 +148604,7 @@ CVE-2023-25062 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-25061 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25060 (Missing Authorization vulnerability in WP OnlineSupport, Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25059 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in aval ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25058 (Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Sc ...)
@@ -148628,7 +148628,7 @@ CVE-2023-25050 (Improper Limitation of a Pathname to a Restricted Directory ('Pa
CVE-2023-25049 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in impl ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25048 (Missing Authorization vulnerability in Fantastic Plugins Fantastic Con ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25047 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25046 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Podl ...)
@@ -148650,11 +148650,11 @@ CVE-2023-25039 (Missing Authorization vulnerability in CodePeople Google Maps CP
CVE-2023-25038 (Cross-Site Request Forgery (CSRF) vulnerability in 984.Ru For the visu ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25037 (Missing Authorization vulnerability in CodePeople Booking Calendar Con ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25036 (Cross-Site Request Forgery (CSRF) vulnerability in akhlesh-nagar, a.An ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25035 (Missing Authorization vulnerability in Fullworks Quick Contact Form a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25034 (Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP Clean U ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25033 (Cross-Site Request Forgery (CSRF) vulnerability in Sumo Social Share B ...)
@@ -148672,7 +148672,7 @@ CVE-2023-25028 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-25027 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kibo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25026 (Missing Authorization vulnerability in PayPal PayPal Brasil para WooCo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25025 (Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-Copy ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25024 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Iceg ...)
@@ -150749,7 +150749,7 @@ CVE-2023-24409 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I
CVE-2023-24408 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24407 (Missing Authorization vulnerability in WpDevArt Booking calendar, Appo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24406 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mune ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24405 (Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Cont ...)
@@ -150813,7 +150813,7 @@ CVE-2023-24377 (Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommer
CVE-2023-24376 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilityin Nico ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24375 (Missing Authorization vulnerability in miniOrange WordPress Social Log ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24374 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24373 (External Control of Assumed-Immutable Web Parameter vulnerability in W ...)
@@ -151757,7 +151757,7 @@ CVE-2023-23988 (Missing Authorization vulnerability in Joseph C Dolson My Ticket
CVE-2023-23987 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPEv ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23986 (Missing Authorization vulnerability in Noah Hearle, Design Extreme Rev ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23985 (Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23984 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble ...)
@@ -151779,7 +151779,7 @@ CVE-2023-23977 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
CVE-2023-23976 (Incorrect Default Permissions vulnerability in Metagauss RegistrationM ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23975 (Missing Authorization vulnerability in Fullworks Quick Event Manager a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23974 (Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Eve ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23973 (Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Cont ...)
@@ -152048,11 +152048,11 @@ CVE-2023-23897 (Cross-Site Request Forgery (CSRF) vulnerability in Ozette Plugin
CVE-2023-23896 (Missing Authorization vulnerability in MyThemeShop URL Shortener by My ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23895 (Missing Authorization vulnerability in CodePeople WP Time Slots Bookin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23894 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23893 (Missing Authorization vulnerability in Igor Benic Simple Giveaways all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23892 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23891 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
@@ -152064,9 +152064,9 @@ CVE-2023-23889 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
CVE-2023-23888 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23887 (Missing Authorization vulnerability in Shaon Easy Google Analytics for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23886 (Missing Authorization vulnerability in mg12 WP-RecentComments allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23885 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23884 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kanb ...)
@@ -152102,7 +152102,7 @@ CVE-2023-23870 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-23869 (Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23868 (Missing Authorization vulnerability in WPFactory Cost of Goods for Woo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23867 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23866 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
@@ -152228,7 +152228,7 @@ CVE-2015-10071 (A vulnerability was found in gitter-badger ezpublish-modern-lega
CVE-2023-23835 (A vulnerability has been identified in Mendix Applications using Mendi ...)
NOT-FOR-US: Siemens
CVE-2023-23834 (Missing Authorization vulnerability in Brainstorm Force Spectra allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23833 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Steve ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23832 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in TC Ul ...)
@@ -152246,11 +152246,11 @@ CVE-2023-23827 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in
CVE-2023-23826 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23825 (Missing Authorization vulnerability in Brainstorm Force Spectra allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23824 (Auth. SQL Injection (SQLi) vulnerability inWP-TopBar<= 5.36 versions.)
NOT-FOR-US: WordPress plugin
CVE-2023-23823 (Missing Authorization vulnerability in Clever Widgets Enhanced Text Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23822 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ludw ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23821 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marc ...)
@@ -152268,7 +152268,7 @@ CVE-2023-23816 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Tward
CVE-2023-23815 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23814 (Missing Authorization vulnerability in CodePeople CP Multi View Event ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23813 (Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23812 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joos ...)
@@ -152600,9 +152600,9 @@ CVE-2023-23728 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in
CVE-2023-23727 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Form ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23726 (Cross-Site Request Forgery (CSRF) vulnerability in Tickera.com Tickera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23725 (Missing Authorization vulnerability in Chris Baldelomar Shortcodes all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23724 (Cross-Site Request Forgery (CSRF) vulnerability in Winwar Media WP Ema ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23723 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Winw ...)
@@ -152620,9 +152620,9 @@ CVE-2023-23718 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Essta
CVE-2023-23717 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Georg ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23716 (Missing Authorization vulnerability in Zendesk Zendesk Support for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23715 (Missing Authorization vulnerability in JobBoardWP JobBoardWP \u2013 Jo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23714 (Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23713 (Cross-Site Request Forgery (CSRF) vulnerability in Manoj Thulasidas Th ...)
@@ -156065,7 +156065,7 @@ CVE-2023-22710 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ch
CVE-2023-22709 (Cross-Site Request Forgery (CSRF) vulnerability in Atif N SRS Simple H ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22708 (Missing Authorization vulnerability in Karim Salman Kraken.io Image Op ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22707 (Auth. (author+) Cross-Site Scripting (XSS) vulnerability in Wpsoul Gre ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22706 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Property ...)
@@ -156079,7 +156079,7 @@ CVE-2023-22703 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in We
CVE-2023-22702 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in WPMob ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22701 (Missing Authorization vulnerability in Shopfiles Ltd Ebook Store allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22700 (Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite Pixel ...)
NOT-FOR-US: PixelYourSite
CVE-2023-22699 (Missing Authorization vulnerability in MainWP MainWP Wordfence Extensi ...)
@@ -188052,9 +188052,9 @@ CVE-2022-38949
CVE-2022-38948
RESERVED
CVE-2022-38947 (SQL Injection vulnerability in Flipkart-Clone-PHP version 1.0 in entry ...)
- TODO: check
+ NOT-FOR-US: Flipkart-Clone-PHP
CVE-2022-38946 (Arbitrary File Upload vulnerability in Doctor-Appointment version 1.0 ...)
- TODO: check
+ NOT-FOR-US: Doctor-Appointment
CVE-2022-38945
RESERVED
CVE-2022-38944
@@ -213510,7 +213510,7 @@ CVE-2022-29976 (An Authenticated Reflected Cross-site scripting at BCC Parameter
CVE-2022-29975 (An Authenticated Reflected Cross-site scripting at CC Parameter was di ...)
NOT-FOR-US: MDaemon
CVE-2022-29974 (AMI (aka American Megatrends) NTFS driver 1.0.0 (fixed in late 2021 or ...)
- TODO: check
+ NOT-FOR-US: AMI (aka American Megatrends) NTFS driver
CVE-2022-29973 (relan exFAT 1.3.0 allows local users to obtain sensitive information ( ...)
[experimental] - fuse-exfat 1.4.0-1
- fuse-exfat 1.4.0-2 (bug #1014538)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5543a8a5dc9ce4f0e498f1f7a5aaa01c91c3e27a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5543a8a5dc9ce4f0e498f1f7a5aaa01c91c3e27a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241210/19cadad2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list