[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jun 6 09:12:39 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d9b79155 by security tracker role at 2024-06-06T08:12:03+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,77 @@
+CVE-2024-5665 (The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPr ...)
+ TODO: check
+CVE-2024-5656 (The Google CSE plugin for WordPress is vulnerable to Stored Cross-Site ...)
+ TODO: check
+CVE-2024-5653 (A vulnerability, which was classified as critical, has been found in C ...)
+ TODO: check
+CVE-2024-5615 (The Open Graph plugin for WordPress is vulnerable to Sensitive Informa ...)
+ TODO: check
+CVE-2024-5449 (The WP Dark Mode \u2013 WordPress Dark Mode Plugin for Improved Access ...)
+ TODO: check
+CVE-2024-5342 (The Simple Image Popup Shortcode plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-5324 (The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPr ...)
+ TODO: check
+CVE-2024-5224 (The Easy Social Like Box \u2013 Popup \u2013 Sidebar Widget plugin for ...)
+ TODO: check
+CVE-2024-5179 (The Cowidgets \u2013 Elementor Addons plugin for WordPress is vulnerab ...)
+ TODO: check
+CVE-2024-5162 (The WordPress prettyPhoto plugin for WordPress is vulnerable to Stored ...)
+ TODO: check
+CVE-2024-5161 (The Magical Addons For Elementor ( Header Footer Builder, Free Element ...)
+ TODO: check
+CVE-2024-5153 (The Startklar Elementor Addons plugin for WordPress is vulnerable to D ...)
+ TODO: check
+CVE-2024-5152 (The ElementsReady Addons for Elementor plugin for WordPress is vulnera ...)
+ TODO: check
+CVE-2024-5141 (The Rotating Tweets (Twitter widget and shortcode) plugin for WordPres ...)
+ TODO: check
+CVE-2024-5001 (The Image Hover Effects for Elementor with Lightbox and Flipbox plugin ...)
+ TODO: check
+CVE-2024-4942 (The Custom Dash plugin for WordPress is vulnerable to Stored Cross-Sit ...)
+ TODO: check
+CVE-2024-4788 (The Boostify Header Footer Builder for Elementor plugin for WordPress ...)
+ TODO: check
+CVE-2024-4707 (The Materialis Companion plugin for WordPress is vulnerable to Stored ...)
+ TODO: check
+CVE-2024-4705 (The Testimonials Widget plugin for WordPress is vulnerable to Stored C ...)
+ TODO: check
+CVE-2024-4608 (The SellKit \u2013 Funnel builder and checkout optimizer for WooCommer ...)
+ TODO: check
+CVE-2024-4459 (The Themesflat Addons For Elementor plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-4458 (The Themesflat Addons For Elementor plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-4364 (The Qi Addons For Elementor plugin for WordPress is vulnerable to Stor ...)
+ TODO: check
+CVE-2024-4212 (The Themesflat Addons For Elementor plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-4194 (The The Album and Image Gallery plus Lightbox plugin for WordPress is ...)
+ TODO: check
+CVE-2024-4177 (A host whitelist parser issue in the proxy service implemented in the ...)
+ TODO: check
+CVE-2024-3049 (A flaw was found in Booth, a cluster ticket manager. If a specially-cr ...)
+ TODO: check
+CVE-2024-2922 (The Themesflat Addons For Elementor plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-2350 (The Clever Addons for Elementor plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-2017 (The Countdown, Coming Soon, Maintenance \u2013 Countdown & Clock plugi ...)
+ TODO: check
+CVE-2024-1175 (The WP-Recall \u2013 Registration, Profile, Commerce & More plugin for ...)
+ TODO: check
+CVE-2024-0972 (The BuddyPress Members Only plugin for WordPress is vulnerable to Sens ...)
+ TODO: check
+CVE-2024-0912 (Under certain circumstances the Microsoft\xae Internet Information Ser ...)
+ TODO: check
+CVE-2024-0910 (The Restrict for Elementor plugin for WordPress is vulnerable to Sensi ...)
+ TODO: check
+CVE-2023-6968 (The The Moneytizer plugin for WordPress is vulnerable to Cross-Site Re ...)
+ TODO: check
+CVE-2023-6966 (The The Moneytizer plugin for WordPress is vulnerable to unauthorized ...)
+ TODO: check
+CVE-2023-6956 (The EasyAzon \u2013 Amazon Associates Affiliate Plugin plugin for Word ...)
+ TODO: check
CVE-2024-5629 (An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier ...)
- pymongo <unfixed>
NOTE: https://jira.mongodb.org/browse/PYTHON-4305
@@ -20695,6 +20769,7 @@ CVE-2024-26275 (A vulnerability has been identified in Parasolid V35.1 (All vers
CVE-2024-26257 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-26256 (libarchive Remote Code Execution Vulnerability)
+ {DSA-5706-1}
- libarchive 3.7.2-2.1 (bug #1072107)
[bullseye] - libarchive <not-affected> (Vulnerable code introduced in 3.6.0)
[buster] - libarchive <not-affected> (Vulnerable code introduced in 3.6.0)
@@ -26945,7 +27020,7 @@ CVE-2024-2304 (The Animated Headline plugin for WordPress is vulnerable to Store
NOT-FOR-US: WordPress plugin
CVE-2024-2255 (The Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns & ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-2197 (Chirp Access improperly stores credentials within its source code, pot ...)
+CVE-2024-2197 (The Chirp Access app contains a hard-coded password, BEACON_PASSWORD. ...)
NOT-FOR-US: Chirp Access
CVE-2024-2129 (The WPBITS Addons For Elementor Page Builder plugin for WordPress is v ...)
NOT-FOR-US: WordPress plugin
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9b79155559d7263702be939258a33734e06668f
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9b79155559d7263702be939258a33734e06668f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240606/7846f48c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list