[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
88e209cb by security tracker role at 2025-12-20T08:13:41+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,15 +7,15 @@ CVE-2025-68481 (FastAPI Users allows users to quickly add a registration and aut
 CVE-2025-67712 (There is an HTML injection issue in Esri ArcGIS Web AppBuilder develop ...)
 	TODO: check
 CVE-2025-14968 (A security flaw has been discovered in code-projects Simple Stock Syst ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-14735 (The "Amazon affiliate lite Plugin" plugin for WordPress is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14734 (The Amazon affiliate lite Plugin plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14721 (The Responsive and Swipe slider plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14633 (The F70 Lead Document Download plugin for WordPress is vulnerable to u ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14591 (After a recent bug fix to correctly handle CR+LF (Windows and DOS) End ...)
 	TODO: check
 CVE-2025-14300 (The HTTPS service on Tapo C200 V3 exposes a connectAP interface withou ...)
@@ -23,23 +23,23 @@ CVE-2025-14300 (The HTTPS service on Tapo C200 V3 exposes a connectAP interface
 CVE-2025-14299 (The HTTPS server on Tapo C200 V3 does not properly validate the Conten ...)
 	TODO: check
 CVE-2025-14168 (The WP DB Booster plugin for WordPress is vulnerable to Cross-Site Req ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14164 (The Quran Gateway plugin for WordPress is vulnerable to Cross-Site Req ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13624 (The Overstock Affiliate Links plugin for WordPress is vulnerable to Re ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13619 (The Flex Store Users plugin for WordPress is vulnerable to Privilege E ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13365 (The WP Hallo Welt plugin for WordPress is vulnerable to Cross-Site Req ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13329 (The File Uploader for WooCommerce plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12898 (The Pretty Google Calendar plugin for WordPress is vulnerable to unaut ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12820 (The Pure WC Variation Swatches WordPress plugin through 1.1.7 does not ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12581 (The Attachments Handler plugin for WordPress is vulnerable to Reflecte ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-53959 (FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that al ...)
 	TODO: check
 CVE-2023-53958 (LDAP Tool Box Self Service Password 1.5.2 contains a password reset vu ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88e209cbc5ffb2c363bf691b93a274d0b031d70d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88e209cbc5ffb2c363bf691b93a274d0b031d70d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251220/c322171b/attachment-0001.htm>