[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
07b82ccb by security tracker role at 2025-12-21T08:13:08+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,53 @@
+CVE-2025-9343 (The ELEX WordPress HelpDesk & Customer Ticketing System plugin for Wor ...)
+	TODO: check
+CVE-2025-68644 (Yealink RPS before 2025-06-27 allows unauthorized access to informatio ...)
+	TODO: check
+CVE-2025-14994 (A flaw has been found in Tenda FH1201 and FH1206 1.2.0.14(408)/1.2.0.8 ...)
+	TODO: check
+CVE-2025-14993 (A vulnerability was detected in Tenda AC18 15.03.05.05. This affects t ...)
+	TODO: check
+CVE-2025-14992 (A security vulnerability has been detected in Tenda AC18 15.03.05.05.  ...)
+	TODO: check
+CVE-2025-14991 (A weakness has been identified in Campcodes Complete Online Beauty Par ...)
+	TODO: check
+CVE-2025-14990 (A security flaw has been discovered in Campcodes Complete Online Beaut ...)
+	TODO: check
+CVE-2025-14989 (A vulnerability was identified in Campcodes Complete Online Beauty Par ...)
+	TODO: check
+CVE-2025-14855 (The SureForms plugin for WordPress is vulnerable to Stored Cross-Site  ...)
+	TODO: check
+CVE-2025-14800 (The Redirection for Contact Form 7 plugin for WordPress is vulnerable  ...)
+	TODO: check
+CVE-2025-14597
+	REJECTED
+CVE-2025-14080 (The Frontend Post Submission Manager Lite plugin for WordPress is vuln ...)
+	TODO: check
+CVE-2025-14071 (The Live Composer \u2013 Free WordPress Website Builder plugin for Wor ...)
+	TODO: check
+CVE-2025-14054 (The WC Builder \u2013 WooCommerce Page Builder for WPBakery plugin for ...)
+	TODO: check
+CVE-2025-14043 (The Tainacan plugin for WordPress is vulnerable to unauthorized metada ...)
+	TODO: check
+CVE-2025-13838 (The WishSuite plugin for WordPress is vulnerable to Stored Cross-Site  ...)
+	TODO: check
+CVE-2025-13693 (The Image Photo Gallery Final Tiles Grid plugin for WordPress is vulne ...)
+	TODO: check
+CVE-2025-13361 (The Web to SugarCRM Lead plugin for WordPress is vulnerable to Cross-S ...)
+	TODO: check
+CVE-2025-13220 (The Ultimate Member \u2013 User Profile, Registration, Login, Member D ...)
+	TODO: check
+CVE-2025-12980 (The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites \u20 ...)
+	TODO: check
+CVE-2025-12700
+	REJECTED
+CVE-2025-12654 (The Migration, Backup, Staging \u2013 WPvivid Backup & Migration plugi ...)
+	TODO: check
+CVE-2025-12398 (The Product Table for WooCommerce plugin for WordPress is vulnerable t ...)
+	TODO: check
+CVE-2025-11496 (The Five Star Restaurant Reservations \u2013 WordPress Booking Plugin  ...)
+	TODO: check
+CVE-2023-47232 (Vulnerability in mojofywp WP Affiliate Disclosure wp-affiliate-disclos ...)
+	TODO: check
 CVE-2025-7782 (The WP JobHunt plugin for WordPress, used by the JobCareer theme, is v ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-7733 (The WP JobHunt plugin for WordPress, used by the JobCareer theme, is v ...)
@@ -273837,10 +273887,10 @@ CVE-2023-25448 (Cross-Site Request Forgery (CSRF) vulnerability in Eric Teubert
 	NOT-FOR-US: WordPress plugin
 CVE-2023-25447 (Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorW ...)
 	NOT-FOR-US: WordPress theme
-CVE-2023-25446
-	RESERVED
-CVE-2023-25445
-	RESERVED
+CVE-2023-25446 (Missing Authorization vulnerability in HappyFiles HappyFiles Pro happy ...)
+	TODO: check
+CVE-2023-25445 (Missing Authorization vulnerability in HappyFiles HappyFiles Pro allow ...)
+	TODO: check
 CVE-2023-25444 (Unrestricted Upload of File with Dangerous Type vulnerability in JS He ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-25443 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button  ...)
@@ -274787,8 +274837,8 @@ CVE-2013-10016 (A vulnerability was found in fanzila WebFinance 0.5 and classifi
 	NOT-FOR-US: fanzila WebFinance
 CVE-2013-10015 (A vulnerability has been found in fanzila WebFinance 0.5 and classifie ...)
 	NOT-FOR-US: fanzila WebFinance
-CVE-2023-25068
-	RESERVED
+CVE-2023-25068 (Missing Authorization vulnerability in Mapro Collins Magazine Edge all ...)
+	TODO: check
 CVE-2023-25067 (Missing Authorization vulnerability in Noah Hearle, Design Extreme We\ ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-25066 (Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flow ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/07b82ccbc76bd52783f61efd90fbbf288e7e7629

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/07b82ccbc76bd52783f61efd90fbbf288e7e7629
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251221/5fccb63c/attachment.htm>