[Git][security-tracker-team/security-tracker][master] Review automatic NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5c72a740 by Salvatore Bonaccorso at 2025-04-19T10:13:52+02:00
Review automatic NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,39 +17,39 @@ CVE-2025-43894
 CVE-2025-43893
 	REJECTED
 CVE-2025-3809 (The Debug Log Manager plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-3797 (A vulnerability classified as critical was found in SeaCMS up to 13.3. ...)
 	TODO: check
 CVE-2025-3796 (A vulnerability classified as critical has been found in PHPGurukul Me ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-3404 (The Download Manager plugin for WordPress is vulnerable to arbitrary f ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-3284 (The User Registration & Membership \u2013 Custom Registration Form, Lo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-3278 (The UrbanGo Membership plugin for WordPress is vulnerable to privilege ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-3275 (The Themesflat Addons For Elementor plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-3103 (The CLEVER - HTML5 Radio Player With History - Shoutcast and Icecast - ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-32953 (z80pack is a mature emulator of multiple platforms with 8080 and Z80 C ...)
 	TODO: check
 CVE-2025-2111 (The Insert Headers And Footers plugin for WordPress is vulnerable to C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2010 (The JobWP \u2013 Job Board, Job Listing, Career Page and Recruitment P ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-29058 (An issue in Qimou CMS v.3.34.0 allows a remote attacker to execute arb ...)
 	TODO: check
 CVE-2025-1457 (The Element Pack Addons for Elementor \u2013 Free Templates and Widget ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1093 (The AIHub theme for WordPress is vulnerable to arbitrary file uploads  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-53591 (An issue in the login page of Seclore v3.27.5.0 allows attackers to by ...)
 	TODO: check
 CVE-2024-13926 (The WP-Syntax WordPress plugin through 1.2 does not properly handle in ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-4455 (The Wordpress Plugin Smart Product Review plugin for WordPress is vuln ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-43903 (NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the  ...)
 	- poppler 25.03.0-4 (bug #1103545)
 	[bookworm] - poppler <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c72a740a7c95aa5fcd43226ab88e4e15d61d996

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c72a740a7c95aa5fcd43226ab88e4e15d61d996
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250419/3e52af9e/attachment.htm>