[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Sep 25 09:23:32 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5023b5e9 by Salvatore Bonaccorso at 2024-09-25T10:23:14+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,85 +1,85 @@
 CVE-2024-9073 (The GutenGeek Free Gutenberg Blocks for WordPress plugin for WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9069 (The Graphicsly \u2013 The ultimate graphics plugin for WordPress websi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9068 (The OneElements \u2013 Best Elementor Addons plugin for WordPress is v ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9028 (The WP GPX Maps plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9027 (The WPZOOM Shortcodes plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9024 (The Material Design Icons plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8910 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8741 (The Beam me up Scotty \u2013 Back to Top Button plugin for WordPress i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8713 (The Kodex Posts likes plugin for WordPress is vulnerable to Reflected  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8678 (The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8668 (The ShopLentor \u2013 WooCommerce Builder for Elementor & Gutenberg +1 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8658 (The myCred \u2013 Loyalty Points and Rewards plugin for WordPress and  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8621 (The Daily Prayer Time plugin for WordPress is vulnerable to SQL Inject ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8549 (The Simple Calendar \u2013 Google Calendar Plugin plugin for WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8516 (The Themesflat Addons For Elementor plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8515 (The Themesflat Addons For Elementor plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8514 (The Prisna GWT \u2013 Google Website Translator plugin for WordPress i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8497 (Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 poss ...)
-	TODO: check
+	NOT-FOR-US: Franklin Fueling Systems TS-550 EVO
 CVE-2024-8485 (The REST API TO MiniProgram plugin for WordPress is vulnerable to priv ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8484 (The REST API TO MiniProgram plugin for WordPress is vulnerable to SQL  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8483 (The MAS Static Content plugin for WordPress is vulnerable to Informati ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8481 (The The Special Text Boxes plugin for WordPress is vulnerable to arbit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8476 (The Easy PayPal Events plugin for WordPress is vulnerable to Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8434 (The Easy Mega Menu Plugin for WordPress \u2013 ThemeHunk plugin for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8350 (The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8349 (The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8291 (Concrete CMS versions 9.0.0 to 9.3.3 and below 8.5.19 are vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: Concrete CMS
 CVE-2024-8290 (The WCFM \u2013 Frontend Manager for WooCommerce along with Bookings S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8275 (The The Events Calendar plugin for WordPress is vulnerable to SQL Inje ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8175 (An unauthenticated remote attacker cancauses the CODESYS web server to ...)
-	TODO: check
+	NOT-FOR-US: CODESYS web server
 CVE-2024-7892 (The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF ch ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7878 (The WP ULike  WordPress plugin before 4.7.4 does not sanitise and esca ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7617 (The Contact Form to Any API plugin for WordPress is vulnerable to Stor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7491 (The HUSKY \u2013 Products Filter Professional for WooCommerce plugin f ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7426 (The Community by PeepSo \u2013 Social Network, Membership, Registratio ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7398 (Concrete CMS versions 9 through 9.3.3 and versions below 8.5.19 are vu ...)
-	TODO: check
+	NOT-FOR-US: Concrete CMS
 CVE-2024-7386 (The Premium Packages \u2013 Sell Digital Products Securely plugin for  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7385 (The WordPress Simple HTML Sitemap plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6845 (The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have p ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6590 (The Spreadsheet Integration \u2013 Automate Google Sheets With WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-47303 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-46612 (IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key ...)
 	TODO: check
 CVE-2024-45373 (Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can chang ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5023b5e988de7ab9ff54f0817d19471dc9dc43ad

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5023b5e988de7ab9ff54f0817d19471dc9dc43ad
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240925/fa2d9416/attachment.htm>

More information about the debian-security-tracker-commits mailing list