[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Oct 26 10:57:41 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9697d787 by Salvatore Bonaccorso at 2024-10-26T11:57:18+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
CVE-2024-9933 (The WatchTowerHQ plugin for WordPress is vulnerable to authentication ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9932 (The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary fi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9931 (The Wux Blog Editor plugin for WordPress is vulnerable to authenticati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9930 (The Extensions by HocWP Team plugin for WordPress is vulnerable to aut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9890 (The User Toolkit plugin for WordPress is vulnerable to authentication ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9626 (The Editorial Assistant by Sovrn plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9613 (The FormFacade \u2013 WordPress plugin for Google Forms plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9475 (The Poll Maker \u2013 Versus Polls, Anonymous Polls, Image Polls plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9462 (The Poll Maker \u2013 Versus Polls, Anonymous Polls, Image Polls plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9456 (The WP Awesome Login plugin for WordPress is vulnerable to Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9454 (The PriPre plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8870 (The Forms for Mailchimp by Optin Cat \u2013 Grow Your MailChimp List p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-48396 (AIML Chatbot 1.0 (fixed in 2.0) is vulnerable to Cross Site Scripting ...)
- TODO: check
+ NOT-FOR-US: AIML Chatbot
CVE-2024-48239 (An issue was discovered in WTCMS 1.0. In the plupload method in \Asset ...)
- TODO: check
+ NOT-FOR-US: WTCMS
CVE-2024-48238 (WTCMS 1.0 is vulnerable to SQL Injection in the edit_post method of /A ...)
- TODO: check
+ NOT-FOR-US: WTCMS
CVE-2024-48237 (WTCMS 1.0 is vulnerable to Incorrect Access Control in \Common\Control ...)
- TODO: check
+ NOT-FOR-US: WTCMS
CVE-2024-48236 (An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary ...)
- TODO: check
+ NOT-FOR-US: ofcms
CVE-2024-48235 (An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary ...)
- TODO: check
+ NOT-FOR-US: ofcms
CVE-2024-48234 (An issue was discovered in mipjz 5.0.5. In the push method of app\tag\ ...)
TODO: check
CVE-2024-48233 (mipjz 5.0.5 is vulnerable to Cross Site Scripting (XSS) in \app\settin ...)
@@ -41,25 +41,25 @@ CVE-2024-48233 (mipjz 5.0.5 is vulnerable to Cross Site Scripting (XSS) in \app\
CVE-2024-48232 (An issue was found in mipjz 5.0.5. In the mipPost method of \app\setti ...)
TODO: check
CVE-2024-48230 (funadmin 5.0.2 is vulnerable to SQL Injection via the parentField para ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48229 (funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48228 (An issue was found in funadmin 5.0.2. The selectfiles method in \backe ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48227 (Funadmin 5.0.2 has a logical flaw in the Curd one click command deleti ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48226 (Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield.)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48225 (Funadmin v5.0.2 has an arbitrary file deletion vulnerability in /curd/ ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48224 (Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/inde ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48223 (Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/field ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48222 (Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit.)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48218 (Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list.)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-47821 (pyLoad is a free and open-source Download Manager. The folder `/.pyloa ...)
TODO: check
CVE-2024-10092 (The Download Monitor plugin for WordPress is vulnerable to unauthorize ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9697d787ba8058c38addb41ef2cfb994d726212e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9697d787ba8058c38addb41ef2cfb994d726212e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241026/c8b6a2b0/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list