[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Feb 20 21:01:00 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dcf85cbb by Salvatore Bonaccorso at 2025-02-20T22:00:04+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35,25 +35,25 @@ CVE-2025-21105 (Dell RecoverPoint for Virtual Machines 6.0.X contains a command
 CVE-2025-20059 (Relative Path Traversal vulnerability in Ping Identity PingAM Java Pol ...)
 	TODO: check
 CVE-2025-1483 (The LTL Freight Quotes \u2013 GlobalTranz Edition plugin for WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1328 (The Typed JS: A typewriter style animation plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1265 (An OS command injection vulnerability exists in Vinci Protocol Analyze ...)
 	TODO: check
 CVE-2025-1258
 	REJECTED
 CVE-2025-1064 (The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1043 (The Embed Any Document \u2013 Embed PDF, Word, PowerPoint and Excel Fi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1039 (The Lenix Elementor Leads addon plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0897 (The Modal Window \u2013 create popup modal window plugin for WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0868 (A vulnerability, that could result in Remote Code Execution (RCE), has ...)
 	TODO: check
 CVE-2025-0866 (The Legoeso PDF Manager plugin for WordPress is vulnerable to time-bas ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0352 (Rapid Response Monitoring My Security Account App utilizes an API that ...)
 	TODO: check
 CVE-2025-0161 (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.0.9 and 11. ...)
@@ -61,7 +61,7 @@ CVE-2025-0161 (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.0.9 an
 CVE-2024-7141 (Versions of Gliffy Online prior to versions 4.14.0-7 contains a Cross  ...)
 	TODO: check
 CVE-2024-6432 (The Content Blocks (Custom Post Widget) plugin for WordPress is vulner ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-57716 (An issue in trenoncourt AutoQueryable v.1.7.0 allows a remote attacker ...)
 	TODO: check
 CVE-2024-57401 (SQL Injection vulnerability in Uniclare Student portal v.2 and before  ...)
@@ -77,35 +77,35 @@ CVE-2024-54959 (Nagios XI 2024R1.2.2 is vulnerable to a Cross-Site Request Forge
 CVE-2024-54958 (Nagios XI 2024R1.2.2 is susceptible to a stored Cross-Site Scripting ( ...)
 	TODO: check
 CVE-2024-49781 (IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49779 (IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages   could allow a re ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49344 (IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages     with Watson As ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49337 (IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages       is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-46933 (An issue was discovered in Atos Eviden BullSequana XH2140 BMC before C ...)
 	TODO: check
 CVE-2024-13888 (The WPMobile.App plugin for WordPress is vulnerable to Open Redirect i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13855 (The Prime Addons for Elementor plugin for WordPress is vulnerable to I ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13849 (The Cookie Notice Bar plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13802 (The Bandsintown Events plugin for WordPress is vulnerable to Stored Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13792 (The WooCommerce Food - Restaurant Menu & Food ordering plugin for Word ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13789 (The ravpage plugin for WordPress is vulnerable to PHP Object Injection ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13753 (The Ultimate Classified Listings plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13748 (The Ultimate Classified Listings plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13520 (The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) pl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13476 (The LTL Freight Quotes \u2013 GlobalTranz Edition plugin for WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-51339 (A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers ...)
 	TODO: check
 CVE-2023-51338 (PHPJabbers Meeting Room Booking System v1.0 is vulnerable to Multiple  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dcf85cbbd8af7ce7e4c77d91bdd6a407f733ef3f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dcf85cbbd8af7ce7e4c77d91bdd6a407f733ef3f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250220/6b75cb1a/attachment.htm>

More information about the debian-security-tracker-commits mailing list