[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 24 20:13:57 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f49987a5 by security tracker role at 2025-12-24T20:13:49+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -37,183 +37,183 @@ CVE-2025-68736 (In the Linux kernel, the following vulnerability has been resolv
CVE-2025-68735 (In the Linux kernel, the following vulnerability has been resolved: d ...)
TODO: check
CVE-2025-68608 (Missing Authorization vulnerability in DeluxeThemes Userpro userpro al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68606 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68605 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68603 (Missing Authorization vulnerability in Marketing Fire Editorial Calend ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68602 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68601 (Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Five Sta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68600 (Server-Side Request Forgery (SSRF) vulnerability in Yannick Lefebvre L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68599 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68598 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68597 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68596 (Missing Authorization vulnerability in Bit Apps Bit Assist bit-assist ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68595 (Missing Authorization vulnerability in Trustindex Widgets for Social P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68594 (Missing Authorization vulnerability in Assaf Parag Poll, Survey & Quiz ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68593 (Missing Authorization vulnerability in Liton Arefin WP Adminify admini ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68592 (Missing Authorization vulnerability in Liton Arefin WP Adminify admini ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68591 (Missing Authorization vulnerability in Mitchell Bennis Simple File Lis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68590 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68589 (Missing Authorization vulnerability in WP Socio WP Telegram Widget and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68588 (Missing Authorization vulnerability in totalsoft TS Poll poll-wp allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68587 (Missing Authorization vulnerability in Bob Watu Quiz watu allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68586 (Missing Authorization vulnerability in Gora Tech Cooked cooked allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68585 (Missing Authorization vulnerability in Ben Balter WP Document Revision ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68584 (Cross-Site Request Forgery (CSRF) vulnerability in Constantin Boiangiu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68583 (Cross-Site Request Forgery (CSRF) vulnerability in Tikweb Management F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68582 (Missing Authorization vulnerability in Funnelforms Funnelforms Free fu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68581 (Missing Authorization vulnerability in YITHEMES YITH Slider for page b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68580 (Cross-Site Request Forgery (CSRF) vulnerability in pluginsware Advance ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68579 (Missing Authorization vulnerability in FolioVision FV Simpler SEO fv-a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68578 (Missing Authorization vulnerability in Addonify Addonify addonify-quic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68577 (Missing Authorization vulnerability in Virusdie Virusdie virusdie allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68576 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68575 (Missing Authorization vulnerability in Wappointment team Wappointment ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68574 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68573 (Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68572 (Missing Authorization vulnerability in Spider Themes BBP Core bbp-core ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68571 (Missing Authorization vulnerability in SALESmanago SALESmanago salesma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68570 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68569 (Missing Authorization vulnerability in codepeople WP Time Slots Bookin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68568 (Missing Authorization vulnerability in integrationclaspo Popup Builder ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68567 (Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68566 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68565 (Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68563 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68540 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68537 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68535 (Missing Authorization vulnerability in sunshinephotocart Sunshine Phot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68533 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68532 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68530 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68529 (Cross-Site Request Forgery (CSRF) vulnerability in Rhys Wynne WP Email ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68528 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68527 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68525 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68523 (Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68522 (Missing Authorization vulnerability in wpstream WpStream wpstream allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68521 (Missing Authorization vulnerability in wpstream WpStream wpstream allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68519 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68517 (Missing Authorization vulnerability in Essekia Tablesome tablesome all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68516 (Insertion of Sensitive Information Into Sent Data vulnerability in Ess ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68513 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68512 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68511 (Missing Authorization vulnerability in Jegstudio Gutenverse Form guten ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68509 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in J ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68508 (Missing Authorization vulnerability in Brave Brave brave-popup-builder ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68506 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68505 (Missing Authorization vulnerability in icc0rz H5P h5p allows Exploitin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68500 (Server-Side Request Forgery (SSRF) vulnerability in bdthemes Prime Sli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68497 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68496 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68494 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68038 (Deserialization of Untrusted Data vulnerability in Icegram Icegram Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67909 (Authorization Bypass Through User-Controlled Key vulnerability in WP S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67633 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67632 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67631 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67630 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67629 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67628 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67627 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67625 (Cross-Site Request Forgery (CSRF) vulnerability in tmtraderunner Trade ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67623 (Server-Side Request Forgery (SSRF) vulnerability in 6Storage 6Storage ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67622 (Cross-Site Request Forgery (CSRF) vulnerability in titopandub Evergree ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67621 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60935 (An open redirect vulnerability in the login endpoint of Blitz Panel v1 ...)
TODO: check
CVE-2025-5448
REJECTED
CVE-2025-43876 (Under certain circumstances a successful exploitation could result in ...)
- TODO: check
+ NOT-FOR-US: Johnson Controls
CVE-2025-43875 (Under certain circumstances a successful exploitation could result in ...)
- TODO: check
+ NOT-FOR-US: Johnson Controls
CVE-2025-3232 (A remote unauthenticated attacker may be able to bypass authentication ...)
TODO: check
CVE-2025-36154 (IBM Concert 1.0.0 through 2.1.0 stores sensitive information in cleart ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-2515 (A vulnerability was found in BlueChi, a multi-node systemd service con ...)
TODO: check
CVE-2025-2155 (Unrestricted Upload of File with Dangerous Type vulnerability in Echo ...)
@@ -297,7 +297,7 @@ CVE-2023-54128 (In the Linux kernel, the following vulnerability has been resolv
CVE-2023-54127 (In the Linux kernel, the following vulnerability has been resolved: f ...)
TODO: check
CVE-2023-54126 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- TODO: check
+ NOT-FOR-US: MikroTik
CVE-2023-54125 (In the Linux kernel, the following vulnerability has been resolved: f ...)
TODO: check
CVE-2023-54124 (In the Linux kernel, the following vulnerability has been resolved: f ...)
@@ -465,11 +465,11 @@ CVE-2023-54044 (In the Linux kernel, the following vulnerability has been resolv
CVE-2023-54043 (In the Linux kernel, the following vulnerability has been resolved: i ...)
TODO: check
CVE-2023-40679 (Missing Authorization vulnerability in Jewel Theme Master Addons for E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-36525 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-32120 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2022-50783 (In the Linux kernel, the following vulnerability has been resolved: m ...)
TODO: check
CVE-2022-50782 (In the Linux kernel, the following vulnerability has been resolved: e ...)
@@ -265764,7 +265764,7 @@ CVE-2023-28621 (Improper Neutralization of Input During Web Page Generation ('Cr
CVE-2023-28620 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cybe ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28619 (Missing Authorization vulnerability in bnayawpguy Resoto allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-28618 (Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou E ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28391 (A memory corruption vulnerability exists in the HTTP Server header par ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f49987a5d9a32b6068943612183dbedd9bf15cb4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f49987a5d9a32b6068943612183dbedd9bf15cb4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251224/ab26b2c7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list