[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri May 3 21:33:57 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
03f3945a by Salvatore Bonaccorso at 2024-05-03T22:33:26+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,143 +21,143 @@ CVE-2024-4216 (pgAdmin <= 8.5 is affected by XSS vulnerability in /settings/stor
 CVE-2024-4215 (pgAdmin <= 8.5 is affected by a multi-factor authentication bypass vul ...)
 	- pgadmin4 <itp> (bug #834129)
 CVE-2024-4203 (The Premium Addons Pro for Elementor plugin for WordPress is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4156 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4133 (The ARMember \u2013 Membership Plugin, Content Restriction, Member Lev ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4128 (This vulnerability was a potential CSRF attack.When running the Fireba ...)
 	TODO: check
 CVE-2024-4097 (The Cost Calculator Builder plugin for WordPress is vulnerable to Stor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4092 (The Slider Revolution plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4086 (The CM Tooltip Glossary \u2013 Powerful Glossary Plugin plugin for Wor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4085 (The Tabellen von faustball.com plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4083 (The Easy Restaurant Table Booking plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4036 (The Sydney Toolbox plugin for WordPress is vulnerable to Stored Cross- ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4034 (The Virtue theme for WordPress is vulnerable to Stored Cross-Site Scri ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2024-4033 (The All-in-One Video Gallery plugin for WordPress is vulnerable to arb ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4003 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4000 (The WordPress Header Builder Plugin \u2013 Pearl plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3991 (The ShopLentor \u2013 WooCommerce Builder for Elementor & Gutenberg +1 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3985 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3957 (The Booster for WooCommerce plugin is vulnerable to Unauthenticated Ar ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3955 (URL GET parameter "logtime" utilized within the "downloadlog" function ...)
 	TODO: check
 CVE-2024-3942 (The MasterStudy LMS WordPress Plugin \u2013 for Online Courses and Edu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3936 (The The Post Grid \u2013 Shortcode, Gutenberg Blocks and Elementor Add ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3897 (The Popup Box \u2013 Best WordPress Popup Plugin plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3895 (The WP Datepicker plugin for WordPress is vulnerable to unauthorized m ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3891 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3885 (The Premium Addons for Elementor plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3883 (The 3D FlipBook plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3870 (The Contact Form 7 Database Addon \u2013 CFDB7 plugin for WordPress is ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3849 (The Click to Chat \u2013 HoliThemes plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3819 (The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3747 (The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scr ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2024-3743 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3734 (The FOX \u2013 Currency Switcher Professional for WooCommerce plugin i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3729 (The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3728 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3725 (The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg E ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3724 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3717 (The Drag and Drop Multiple File Upload \u2013 Contact Form 7 plugin fo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3715 (The Database for Contact Form 7, WPforms, Elementor forms plugin for W ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3703 (The Carousel Slider WordPress plugin before 2.2.10 does not validate a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3692 (The Gutenverse  WordPress plugin before 1.9.1 does not validate the ht ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3681 (The Interactive World Maps plugin for WordPress is vulnerable to Refle ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3677 (The Ultimate 410 Gone Status Code plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3675 (The Royal Elementor Addons and Templates plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3674 (The Inline Google Spreadsheet Viewer plugin for WordPress is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3670 (The Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) plugin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3650 (The ElementsKit Elementor addons plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3649 (The Contact Form by WPForms \u2013 Drag & Drop Form Builder for WordPr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3647 (The Premium Addons for Elementor plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3637 (The Responsive Contact Form Builder & Lead Generation Plugin WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3607 (The PropertyHive plugin for WordPress is vulnerable to unauthorized lo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3606 (The ProfileGrid \u2013 User Profiles, Memberships, Groups and Communit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3601 (The Poll Maker \u2013 Best WordPress Poll Plugin plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3599 (The WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3588 (The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3585 (The Send PDF for Contact Form 7 plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3581 (The MaxGalleria plugin for WordPress is vulnerable to unauthorized ima ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3554 (The All in One SEO \u2013 Best WordPress SEO Plugin \u2013 Easily Impr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3553 (The Tutor LMS \u2013 eLearning and online course solution plugin for W ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3550 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3546 (The WordPress Backup & Migration plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3544 (Unauthenticated attackers can perform actions, using SSH private keys, ...)
 	TODO: check
 CVE-2024-3543 (Use of reversible password encryption algorithm allows attackers to de ...)
 	TODO: check
 CVE-2024-3520 (The Country State City Dropdown CF7 plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3517 (The Shortcodes and extra features for Phlox theme plugin for WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3500 (The ElementsKit Pro plugin for WordPress is vulnerable to Local File I ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3499 (The ElementsKit Elementor addons plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3489 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3480 (An Implicit intent vulnerability was reported in the Motorola framewor ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2024-3479 (An improper export vulnerability was reported in the Motorola Enterpri ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2024-3473 (The Header Footer Code Manager Pro plugin for WordPress is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3341 (The Shortcodes and extra features for Phlox theme plugin for WordPress ...)
 	TODO: check
 CVE-2024-3340 (The Colibri Page Builder plugin for WordPress is vulnerable to Stored  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03f3945a57c3510613d666bbdc9cede5771c2c49

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03f3945a57c3510613d666bbdc9cede5771c2c49
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240503/7565ff45/attachment.htm>

More information about the debian-security-tracker-commits mailing list