[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Dec 21 08:14:39 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f0b50414 by security tracker role at 2025-12-21T08:14:31+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,53 +1,53 @@
 CVE-2025-9343 (The ELEX WordPress HelpDesk & Customer Ticketing System plugin for Wor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-68644 (Yealink RPS before 2025-06-27 allows unauthorized access to informatio ...)
 	TODO: check
 CVE-2025-14994 (A flaw has been found in Tenda FH1201 and FH1206 1.2.0.14(408)/1.2.0.8 ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-14993 (A vulnerability was detected in Tenda AC18 15.03.05.05. This affects t ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-14992 (A security vulnerability has been detected in Tenda AC18 15.03.05.05.  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-14991 (A weakness has been identified in Campcodes Complete Online Beauty Par ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-14990 (A security flaw has been discovered in Campcodes Complete Online Beaut ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-14989 (A vulnerability was identified in Campcodes Complete Online Beauty Par ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-14855 (The SureForms plugin for WordPress is vulnerable to Stored Cross-Site  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14800 (The Redirection for Contact Form 7 plugin for WordPress is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14597
 	REJECTED
 CVE-2025-14080 (The Frontend Post Submission Manager Lite plugin for WordPress is vuln ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14071 (The Live Composer \u2013 Free WordPress Website Builder plugin for Wor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14054 (The WC Builder \u2013 WooCommerce Page Builder for WPBakery plugin for ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14043 (The Tainacan plugin for WordPress is vulnerable to unauthorized metada ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13838 (The WishSuite plugin for WordPress is vulnerable to Stored Cross-Site  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13693 (The Image Photo Gallery Final Tiles Grid plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13361 (The Web to SugarCRM Lead plugin for WordPress is vulnerable to Cross-S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13220 (The Ultimate Member \u2013 User Profile, Registration, Login, Member D ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12980 (The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites \u20 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12700
 	REJECTED
 CVE-2025-12654 (The Migration, Backup, Staging \u2013 WPvivid Backup & Migration plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12398 (The Product Table for WooCommerce plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11496 (The Five Star Restaurant Reservations \u2013 WordPress Booking Plugin  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47232 (Vulnerability in mojofywp WP Affiliate Disclosure wp-affiliate-disclos ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-7782 (The WP JobHunt plugin for WordPress, used by the JobCareer theme, is v ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-7733 (The WP JobHunt plugin for WordPress, used by the JobCareer theme, is v ...)
@@ -273888,9 +273888,9 @@ CVE-2023-25448 (Cross-Site Request Forgery (CSRF) vulnerability in Eric Teubert
 CVE-2023-25447 (Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorW ...)
 	NOT-FOR-US: WordPress theme
 CVE-2023-25446 (Missing Authorization vulnerability in HappyFiles HappyFiles Pro happy ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2023-25445 (Missing Authorization vulnerability in HappyFiles HappyFiles Pro allow ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2023-25444 (Unrestricted Upload of File with Dangerous Type vulnerability in JS He ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-25443 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button  ...)
@@ -274838,7 +274838,7 @@ CVE-2013-10016 (A vulnerability was found in fanzila WebFinance 0.5 and classifi
 CVE-2013-10015 (A vulnerability has been found in fanzila WebFinance 0.5 and classifie ...)
 	NOT-FOR-US: fanzila WebFinance
 CVE-2023-25068 (Missing Authorization vulnerability in Mapro Collins Magazine Edge all ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2023-25067 (Missing Authorization vulnerability in Noah Hearle, Design Extreme We\ ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-25066 (Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flow ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0b50414cb0c32e415be9496b9533df19dd02552

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0b50414cb0c32e415be9496b9533df19dd02552
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251221/0ca10229/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list