[Git][security-tracker-team/security-tracker][master] Process some new NFUs

Fri Feb 21 08:26:54 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e818b042 by Salvatore Bonaccorso at 2025-02-21T09:26:32+01:00
Process some new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35,9 +35,9 @@ CVE-2025-25662 (Tenda O4 V3.0 V1.0.0.10(2936) is vulnerable to Buffer Overflow i
 CVE-2025-22973 (An issue in QiboSoft QiboCMS X1.0 allows a remote attacker to obtain s ...)
 	TODO: check
 CVE-2025-1407 (The AMO Team Showcase plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1406 (The Newpost Catch plugin for WordPress is vulnerable to Stored Cross-S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1001 (Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the upda ...)
 	TODO: check
 CVE-2024-7131
@@ -47,27 +47,27 @@ CVE-2024-54756 (A remote code execution (RCE) vulnerability in the ZScript funct
 CVE-2024-38657 (External control of a file name in Ivanti Connect Secure before versio ...)
 	TODO: check
 CVE-2024-13883 (The WPUpper Share Buttons plugin for WordPress is vulnerable to Cross- ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13818 (The Registration Forms \u2013 User Registration Forms, Invitation-Base ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13751 (The 3D Photo Gallery plugin for WordPress is vulnerable to Stored Cros ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13672 (The Mini Course Generator | Embed mini-courses and interactive content ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13585 (The Ajax Search Lite  WordPress plugin before 4.12.5 does not sanitise ...)
 	TODO: check
 CVE-2024-13537 (The C9 Blocks plugin for WordPress is vulnerable to Full Path Disclosu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13388 (The TCBD Tooltip plugin for WordPress is vulnerable to Stored Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13379 (The C9 Admin Dashboard plugin for WordPress is vulnerable to Stored Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13314 (The Carousel, Slider, Gallery by WP Carousel  WordPress plugin before  ...)
 	TODO: check
 CVE-2024-13235 (The Pinpoint Booking System \u2013 #1 WordPress Booking Plugin plugin  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11260 (The Events Manager \u2013 Calendar, Bookings, Tickets, and more! plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-27096 (WeGIA is a Web Manager for Institutions with a focus on Portuguese lan ...)
 	NOT-FOR-US: WeGIA
 CVE-2025-27091 (OpenH264 is a free license codec library which supports H.264 encoding ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e818b042675316f522b7ca9998e264c8e95e3104

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e818b042675316f522b7ca9998e264c8e95e3104
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250221/8f9c34cb/attachment.htm>
