[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Dec 13 20:49:20 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ec91f92c by Salvatore Bonaccorso at 2024-12-13T21:48:55+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,13 +5,13 @@ CVE-2024-9608 (The MyParcel plugin for WordPress is vulnerable to Reflected Cros
CVE-2024-9290 (The Super Backup & Clone - Migrate for WordPress plugin for WordPress ...)
NOT-FOR-US: WordPress plugin
CVE-2024-55890 (D-Tale is a visualizer for pandas data structures. Prior to version 3. ...)
- TODO: check
+ NOT-FOR-US: D-Tale
CVE-2024-55889 (phpMyFAQ is an open source FAQ web application. Prior to version 3.2.1 ...)
NOT-FOR-US: phpMyFAQ
CVE-2024-55887 (Ucum-java is a FHIR Java library providing UCUM Services. In versions ...)
NOT-FOR-US: Ucum-java
CVE-2024-55661 (Laravel Pulse is a real-time application performance monitoring tool a ...)
- TODO: check
+ NOT-FOR-US: Laravel Pulse
CVE-2024-54351 (Cross-Site Request Forgery (CSRF) vulnerability in Tom Landis Fancy Ro ...)
NOT-FOR-US: WordPress plugin
CVE-2024-54349 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -237,255 +237,255 @@ CVE-2024-48007 (Dell RecoverPoint for Virtual Machines 6.0.x contains use of har
CVE-2024-47984 (Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Servic ...)
NOT-FOR-US: Dell
CVE-2024-47892 (Software installed and run as a non-privileged user may conduct GPU sy ...)
- TODO: check
+ NOT-FOR-US: Imagination GPU Driver
CVE-2024-46971 (Software installed and run as a non-privileged user may conduct GPU sy ...)
- TODO: check
+ NOT-FOR-US: Imagination GPU Driver
CVE-2024-38488 (Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28980 (Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Brok ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-24902 (Dell RecoverPoint for Virtual Machines 6.0.x contains an Improper acce ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-22461 (Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command in ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-21577 (ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionE ...)
- TODO: check
+ NOT-FOR-US: ComfyUI-Ace-Nodes
CVE-2024-21576 (ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems fr ...)
- TODO: check
+ NOT-FOR-US: ComfyUI-Bmad-Nodes
CVE-2024-12465 (The Property Hive Stamp Duty Calculator plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12421 (The The Coupon Affiliates \u2013 Affiliate Plugin for WooCommerce plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12420 (The The WPMobile.App \u2014 Android and iOS Mobile Application plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12417 (The The Simple Link Directory plugin for WordPress is vulnerable to ar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12414 (The Themify Store Locator plugin for WordPress is vulnerable to Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12309 (The Rate My Post \u2013 Star Rating Plugin by FeedbackWP plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12042 (The MStore API \u2013 Create Native Android & iOS Apps On The Cloud pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11986 (Improper input handling in the 'Host Header' allows an unauthenticated ...)
- TODO: check
+ NOT-FOR-US: CrushFTP
CVE-2024-11911 (The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11910 (The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11832 (The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11827 (The Out of the Block: OpenStreetMap plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11754 (The Booking System Trafft plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11275 (The WP Timetics- AI-powered Appointment Booking Calendar and Online Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11012 (The The Notibar \u2013 Notification Bar for WordPress plugin for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10783 (The MainWP Child \u2013 Securely Connects to the MainWP Dashboard to M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44149 (Missing Authorization vulnerability in BeRocket Brands for WooCommerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44147 (Missing Authorization vulnerability in Apasionados Comment Blacklist U ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44142 (Missing Authorization vulnerability in Inactive Logout Inactive Logout ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41952 (Missing Authorization vulnerability in Contact Form - WPManageNinja LL ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41951 (Missing Authorization vulnerability in rtCamp rtMedia for WordPress, B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41875 (Missing Authorization vulnerability in wpdirectorykit.com WP Directory ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41873 (Missing Authorization vulnerability in miniOrange SAML SP Single Sign ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41870 (Missing Authorization vulnerability in Themeum WP Crowdfunding allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41869 (Missing Authorization vulnerability in Alex Volkov WP Accessibility He ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41866 (Missing Authorization vulnerability in Team Plugins360 Automatic YouTu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41865 (Missing Authorization vulnerability in bqworks Slider Pro allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41862 (Weak Authentication vulnerability in Guido VS Contact Form allows Auth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41857 (Missing Authorization vulnerability in ClickToTweet.com Click To Tweet ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41849 (Missing Authorization vulnerability in WP Happy Coders Posts Like Disl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41848 (Missing Authorization vulnerability in Majeed Raza Carousel Slider all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41803 (Missing Authorization vulnerability in BitPay BitPay Checkout for WooC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41802 (Missing Authorization vulnerability in Team Heateor Super Socializer a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41695 (Missing Authorization vulnerability in Analytify Analytify allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41690 (Missing Authorization vulnerability in Wiser Notify WiserNotify Social ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41689 (Missing Authorization vulnerability in Koen Reus Post to Google My Bus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41688 (Missing Authorization vulnerability in Mad Fish Digital Bulk NoIndex & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41686 (Cross-Site Request Forgery (CSRF) vulnerability in ilGhera Woocommerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41683 (Missing Authorization vulnerability in Pechenki TelSender allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41671 (Missing Authorization vulnerability in Tyche Softwares Abandoned Cart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41664 (Missing Authorization vulnerability in AlphaBPO Easy Newsletter Signup ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41649 (Missing Authorization vulnerability in Ovic Team Ovic Product Bundle a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41133 (Authentication Bypass by Spoofing vulnerability in Michal Nov\xe1k Sec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41132 (Missing Authorization vulnerability in ShapedPlugin LLC Category Slide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41130 (Missing Authorization vulnerability in Premmerce Premmerce User Roles ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40678 (Missing Authorization vulnerability in Lasso Simple URLs allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40670 (Missing Authorization vulnerability in ReviewX Team ReviewX allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40334 (Missing Authorization vulnerability in realmag777 HUSKY allows Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40331 (Missing Authorization vulnerability in bqworks Accordion Slider allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40213 (Missing Authorization vulnerability in Mateusz Czardybon Justified Gal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40203 (Missing Authorization vulnerability in MailMunch MailChimp Forms by Ma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40011 (Missing Authorization vulnerability in StylemixThemes Cost Calculator ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40005 (Missing Authorization vulnerability in Easy Digital Downloads Easy Dig ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40003 (Missing Authorization vulnerability in weDevs WP Project Manager allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40001 (Missing Authorization vulnerability in SolidWP iThemes Sync allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39997 (Missing Authorization vulnerability in supsystic.com Popup by Supsysti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39996 (Missing Authorization vulnerability in WP OnlineSupport, Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39995 (Missing Authorization vulnerability in WP OnlineSupport, Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39920 (Missing Authorization vulnerability in Themeisle Redirection for Conta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39305 (Missing Authorization vulnerability in YetAnotherStarsRating.com Yet A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38514 (Missing Authorization vulnerability in social share pro Social Share I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38483 (Missing Authorization vulnerability in Dylan Blokhuis Instant CSS allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38480 (Missing Authorization vulnerability in Certain Dev Booster Elementor A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38479 (Missing Authorization vulnerability in Codents Simple Googlebot Visit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38477 (Missing Authorization vulnerability in Stanislav Kuznetsov QR code MeC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38475 (Missing Authorization vulnerability in RedNao Donations Made Easy \u20 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38385 (Missing Authorization vulnerability in Artbees JupiterX Core allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38383 (Missing Authorization vulnerability in OnTheGoSystems Language allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37989 (Missing Authorization vulnerability in Easyship Easyship WooCommerce S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37987 (Missing Authorization vulnerability in miniOrange YourMembership Singl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37984 (Missing Authorization vulnerability in ExpressTech Quiz And Survey Mas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37971 (Missing Authorization vulnerability in MultiVendorX WooCommerce Produc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37969 (Missing Authorization vulnerability in The African Boss Checkout with ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37967 (Missing Authorization vulnerability in Designinvento DirectoryPress al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37887 (Missing Authorization vulnerability in WPSchoolPress Team WPSchoolPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36681 (Missing Authorization vulnerability in Cool Plugins Cryptocurrency Wid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36680 (Missing Authorization vulnerability in Iulia Cazan Image Regenerate & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36531 (Missing Authorization vulnerability in LiquidPoll LiquidPoll \u2013 Ad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36528 (Missing Authorization vulnerability in FeedbackWP kk Star Ratings allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36526 (Missing Authorization vulnerability in Inqsys Technology Duplicate Pos ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36519 (Missing Authorization vulnerability in wpthemego SW Product Bundles al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36518 (Missing Authorization vulnerability in Hugh Lashbrooke Post Hit Counte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36510 (Missing Authorization vulnerability in Reservation Diary ReDi Restaura ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36509 (Missing Authorization vulnerability in Suresh Chand CHP Ads Block Dete ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36506 (Missing Authorization vulnerability in YITH YITH WooCommerce Waiting L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35875 (Missing Authorization vulnerability in Jegstudio Gutenverse allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35777 (Missing Authorization vulnerability in The Events Calendar The Events ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35052 (Missing Authorization vulnerability in wpWax - WP Business Directory P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35051 (Missing Authorization vulnerability in Cimatti Consulting Contact Form ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35046 (Missing Authorization vulnerability in Dynamic.ooo Dynamic Visibility ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35037 (Missing Authorization vulnerability in Surfer Surfer allows Exploiting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34387 (Missing Authorization vulnerability in Constant Contact Constant Conta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34381 (Missing Authorization vulnerability in Gesundheit Bewegt GmbH Zippy al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34376 (Missing Authorization vulnerability in Rextheme Change WooCommerce Add ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34019 (Missing Authorization vulnerability in Uncanny Owl Uncanny Toolkit for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34014 (Missing Authorization vulnerability in G5Theme Grid Plus allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34009 (Missing Authorization vulnerability in Inisev Social Media & Share Ico ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33998 (Missing Authorization vulnerability in cybernetikz Easy Social Icons a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33996 (Missing Authorization vulnerability in \u0421leanTalk - Anti-Spam Prot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33995 (Missing Authorization vulnerability in Photo Gallery Team Photo Galler ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33994 (Missing Authorization vulnerability in Jason Crouse, VeronaLabs Slimst ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33928 (Missing Authorization vulnerability in WebToffee WordPress Backup & Mi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33324 (Missing Authorization vulnerability in wppal Easy Captcha allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33215 (Missing Authorization vulnerability in Tagbox Taggbox allows Exploitin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32963 (Missing Authorization vulnerability in a3rev Software WooCommerce Pred ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32798 (Missing Authorization vulnerability in 10up Simple Page Ordering allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32601 (Missing Authorization vulnerability in Booking Ultra Pro Booking Ultra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32599 (Missing Authorization vulnerability in Bill Minozzi reCAPTCHA for all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32593 (Missing Authorization vulnerability in GS Plugins GS Pins for Pinteres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32586 (Missing Authorization vulnerability in Thomas Michalak Soundcloud Is G ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32585 (Missing Authorization vulnerability in Total-Soft Portfolio Gallery \u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32581 (Missing Authorization vulnerability in MobileMonkey WP-Chatbot for Mes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32574 (Missing Authorization vulnerability in Fahad Mahmood Injection Guard a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32520 (Missing Authorization vulnerability in Webcodin WCP Contact Form allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32519 (Missing Authorization vulnerability in Webcodin WCP Contact Form allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32507 (Missing Authorization vulnerability in wp3sixty Woo Custom Emails allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32506 (Missing Authorization vulnerability in Link Whisper Link Whisper Free ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9508 (Horner Automation Cscape contains a memory corruption vulnerability, w ...)
NOT-FOR-US: Horner Automation Cscape
CVE-2024-55918 (An issue was discovered in the Graphics::ColorNames package before 3.2 ...)
@@ -134141,7 +134141,7 @@ CVE-2023-30492 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
CVE-2023-30491 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodeBard ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30490 (Missing Authorization vulnerability in Matthew Ruddy Easing Slider al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30489 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirte ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30488 (Missing Authorization vulnerability in WP OnlineSupport, Essential Plu ...)
@@ -138346,7 +138346,7 @@ CVE-2023-28992 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in El
CVE-2023-28991 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI W ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28990 (Missing Authorization vulnerability in HashThemes Viral Mag allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28989 (Cross-Site Request Forgery (CSRF) vulnerability in weDevs Happy Addons ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28988 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI W ...)
@@ -143743,7 +143743,7 @@ CVE-2023-27458 (Cross-Site Request Forgery (CSRF) vulnerability in wpstream WpSt
CVE-2023-27457 (Cross-Site Request Forgery (CSRF) vulnerability in Passionate Brains A ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27456 (Missing Authorization vulnerability in HashThemes Total allows Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27455 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maui Mar ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27454 (Missing Authorization vulnerability in Apollo13Themes Rife Elementor E ...)
@@ -147711,7 +147711,7 @@ CVE-2023-25990 (Improper Neutralization of Special Elements used in an SQL Comma
CVE-2023-25989 (Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25988 (Missing Authorization vulnerability in Video Gallery by Total-Soft Vid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25987 (Cross-Site Request Forgery (CSRF) vulnerability in Aleksandar Uro\u016 ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25986 (Cross-Site Request Forgery (CSRF) vulnerability in WattIsIt PayGreen \ ...)
@@ -158191,7 +158191,7 @@ CVE-2023-22699 (Missing Authorization vulnerability in MainWP MainWP Wordfence E
CVE-2023-22698 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Jason ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22697 (Missing Authorization vulnerability in Survey Maker team Survey Maker ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22696 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22695 (Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki Miyashita C ...)
@@ -161468,7 +161468,7 @@ CVE-2022-47596 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2022-47595 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47594 (Missing Authorization vulnerability in WPDeveloper Essential Blocks fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47593 (Auth. (subscriber+) SQL Injection (SQLi) vulnerability in RapidLoad Ra ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47592 (Reflected Cross-Site Scripting (XSS) vulnerability in Dmytriy.Cooperma ...)
@@ -163249,7 +163249,7 @@ CVE-2022-47431 (Reflected Cross-Site Scripting (XSS) vulnerability in Tussendoor
CVE-2022-47430 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47429 (Missing Authorization vulnerability in 8Degree Themes Coming Soon Land ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47428 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47427 (Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My ...)
@@ -164137,7 +164137,7 @@ CVE-2022-47184 (Exposure of Sensitive Information to an Unauthorized Actor vulne
CVE-2022-47183 (Cross-Site Request Forgery (CSRF) vulnerability in StylistWP Extra Blo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47182 (Missing Authorization vulnerability in Wpexpertsio APIExperts Square f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47181 (Cross-Site Request Forgery (CSRF) vulnerability in wpexpertsio Email T ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47180 (Cross-Site Request Forgery (CSRF) vulnerability in Kopa Theme Kopa Fra ...)
@@ -164149,7 +164149,7 @@ CVE-2022-47178 (Cross-Site Request Forgery (CSRF) vulnerability in Simple Share
CVE-2022-47177 (Cross-Site Request Forgery (CSRF) vulnerability in WP Easy Pay WP Easy ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47176 (Missing Authorization vulnerability in Depicter Slider and Popup by Av ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47175 (Cross-Site Request Forgery (CSRF) vulnerability in P Royal Royal Eleme ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47174 (Cross-Site Request Forgery (CSRF) vulnerability in WordPress Performan ...)
@@ -164165,7 +164165,7 @@ CVE-2022-47170 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2022-47169 (Cross-Site Request Forgery (CSRF) vulnerability in StaxWP Visibility L ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47168 (Missing Authorization vulnerability in Printful Printful Integration f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47167 (Cross-Site Request Forgery (CSRF) vulnerability in Aram Kocharyan Cray ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47166 (Cross-Site Request Forgery (CSRF) vulnerability in voidCoders Void Con ...)
@@ -165075,7 +165075,7 @@ CVE-2022-46848 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
CVE-2022-46847
RESERVED
CVE-2022-46846 (Missing Authorization vulnerability in WP OnlineSupport, Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46845
RESERVED
CVE-2022-46844 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
@@ -165087,11 +165087,11 @@ CVE-2022-46842 (Cross-Site Request Forgery (CSRF) vulnerability inJS Help Desk p
CVE-2022-46841 (Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Oxygen Build ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46840 (Missing Authorization vulnerability in JS Help Desk JS Help Desk \u201 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46839 (Unrestricted Upload of File with Dangerous Type vulnerability in JS He ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46838 (Missing Authorization vulnerability in JS Help Desk JS Help Desk \u201 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4391 (The Vision Interactive For WordPress plugin through 1.5.3 does not san ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4390 (A network misconfiguration is present in versions prior to 1.0.9.90 of ...)
@@ -165208,7 +165208,7 @@ CVE-2022-46813 (Cross-Site Request Forgery (CSRF) vulnerability in Younes JFR. A
CVE-2022-46812 (Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank Yo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46811 (Missing Authorization vulnerability in VillaTheme(villatheme.com) ALD ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46810 (Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank Yo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46809 (Improper Neutralization of Formula Elements in a CSV File vulnerabilit ...)
@@ -165216,7 +165216,7 @@ CVE-2022-46809 (Improper Neutralization of Formula Elements in a CSV File vulner
CVE-2022-46808 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46807 (Missing Authorization vulnerability in Lauri Karisola / WP Trio Stock ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46806 (Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46805 (Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP ...)
@@ -165238,9 +165238,9 @@ CVE-2022-46798 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Sho
CVE-2022-46797 (Cross-Site Request Forgery (CSRF) vulnerability in Conversios All-in-o ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46796 (Missing Authorization vulnerability in VillaTheme CURCY allows Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46795 (Missing Authorization vulnerability in Tyche Softwares Print Invoice & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46794 (Cross-Site Request Forgery (CSRF) vulnerability in weightbasedshipping ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46793 (Cross-Site Request Forgery (CSRF) vulnerability in AdTribes.Io Product ...)
@@ -168315,9 +168315,9 @@ CVE-2022-45843 (Auth. (contributor+) Stored Cross-Site Scripting vulnerability i
CVE-2022-45842 (Unauth. Race Condition vulnerability inWP ULike Plugin <= 4.6.4 onWord ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45841 (Missing Authorization vulnerability in RoboSoft Robo Gallery allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45840 (Missing Authorization vulnerability in Lucian Apostol Auto Affiliate L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45839 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45838 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Repute Info ...)
@@ -168345,7 +168345,7 @@ CVE-2022-45828 (Cross-Site Request Forgery (CSRF) vulnerability in NooTheme Noo
CVE-2022-45827 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gall ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45826 (Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45825 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in iThemes ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45824 (Cross-Site Request Forgery (CSRF) vulnerability inAdvanced Booking Cal ...)
@@ -168359,7 +168359,7 @@ CVE-2022-45821 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
CVE-2022-45820 (SQL Injection (SQLi) vulnerability inLearnPress \u2013 WordPress LMS P ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45819 (Missing Authorization vulnerability in Popup Maker Popup Maker allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45818 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45817 (Cross-Site Scripting (XSS) vulnerability in Erin Garscadden GC Testimo ...)
@@ -168385,7 +168385,7 @@ CVE-2022-45808 (SQL Injection vulnerability inLearnPress \u2013 WordPress LMS Pl
CVE-2022-45807 (Cross-Site Request Forgery (CSRF) inWPVibes WP Mail Log plugin <= 1.0. ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45806 (Missing Authorization vulnerability in Strategy11 Form Builder Team Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45805 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45804 (Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gall ...)
@@ -173252,7 +173252,7 @@ CVE-2022-44580 (SQL Injection (SQLi) vulnerability in RichPlugins Plugin for Goo
CVE-2022-44579
RESERVED
CVE-2022-44578 (Missing Authorization vulnerability in Pierre JEHAN Owl Carousel allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-44577
REJECTED
CVE-2022-44576 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Agen ...)
@@ -177787,7 +177787,7 @@ CVE-2022-43479 (Open redirect vulnerability in SHIRASAGI v1.14.4 to v1.15.0 allo
CVE-2022-43476
RESERVED
CVE-2022-43472 (Missing Authorization vulnerability in StylemixThemes eRoom \u2013 Zoo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-43471
RESERVED
CVE-2022-43469 (Cross-Site Request Forgery (CSRF) vulnerability in Orchestrated Corona ...)
@@ -282254,7 +282254,7 @@ CVE-2021-32009 (Cross-site Scripting (XSS) vulnerability in firmware section of
CVE-2021-32008 (This issue affects: Secomea GateManager Version 9.6.621421014 and all ...)
NOT-FOR-US: Secomea GateManager
CVE-2021-32007 (This issue affects: Secomea GateManager Version 9.5 and all prior vers ...)
- TODO: check
+ NOT-FOR-US: Secomea GateManager
CVE-2021-32006 (This issue affects: Secomea GateManager Version 9.6.621421014 and all ...)
NOT-FOR-US: Secomea GateManager
CVE-2021-32005 (Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteMa ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec91f92ca6100cdd70560bb4cc287bd013e3b985
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec91f92ca6100cdd70560bb4cc287bd013e3b985
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241213/070cf359/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list