[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
373b7bff by Moritz Muehlenhoff at 2025-02-27T10:05:49+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2025-1728
 	REJECTED
 CVE-2025-1717 (The Login Me Now plugin for WordPress is vulnerable to authentication  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1689 (The ThemeMakers PayPal Express Checkout plugin for WordPress is vulner ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1686 (All versions of the package io.pebbletemplates:pebble are vulnerable t ...)
 	TODO: check
 CVE-2025-1460
 	REJECTED
 CVE-2025-1295 (The Templines Elementor Helper Core plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0469 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom Form B ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6261 (The Image Photo Gallery Final Tiles Grid plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5848 (A reflected cross-site scripting (XSS) vulnerability exists in multipl ...)
 	TODO: check
 CVE-2024-57423 (A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1. ...)
-	TODO: check
+	NOT-FOR-US: CloudClassroom-PHP
 CVE-2024-57040 (TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to  ...)
 	TODO: check
 CVE-2024-55581 (When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default  ...)
@@ -25,35 +25,35 @@ CVE-2024-55581 (When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the de
 CVE-2024-53573 (Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unaut ...)
 	TODO: check
 CVE-2024-50696 (SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integ ...)
-	TODO: check
+	NOT-FOR-US: SunGrow
 CVE-2024-50693 (SunGrow iSolarCloud before the October 31, 2024 remediation is vulnera ...)
-	TODO: check
+	NOT-FOR-US: SunGrow
 CVE-2024-50691 (SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from ...)
-	TODO: check
+	NOT-FOR-US: SunGrow
 CVE-2024-50689 (SunGrow iSolarCloud before the October 31, 2024 remediation is vulnera ...)
-	TODO: check
+	NOT-FOR-US: SunGrow
 CVE-2024-50688 (SunGrow iSolarCloud Android application V2.1.6.20241017 and prior cont ...)
-	TODO: check
+	NOT-FOR-US: SunGrow
 CVE-2024-50687 (SunGrow iSolarCloud before the October 31, 2024 remediation is vulnera ...)
-	TODO: check
+	NOT-FOR-US: SunGrow
 CVE-2024-50686 (SunGrow iSolarCloud before the October 31, 2024 remediation is vulnera ...)
-	TODO: check
+	NOT-FOR-US: SunGrow
 CVE-2024-50685 (SunGrow iSolarCloud before the October 31, 2024 remediation, is vulner ...)
-	TODO: check
+	NOT-FOR-US: SunGrow
 CVE-2024-50684 (SunGrow iSolarCloud Android app V2.1.6.20241017 and prior uses an inse ...)
-	TODO: check
+	NOT-FOR-US: SunGrow
 CVE-2024-2321 (An incorrect authorization vulnerability exists in multiple WSO2 produ ...)
-	TODO: check
+	NOT-FOR-US: WSO2 Identity Server
 CVE-2024-2297 (The Bricks theme for WordPress is vulnerable to Privilege Escalation i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13907 (The Total Upkeep \u2013 WordPress Backup Plugin plus Restore & Migrate ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13905 (The OneStore Sites plugin for WordPress is vulnerable to Server-Side R ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13647 (The School Management System \u2013 SakolaWP plugin for WordPress is v ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0392 (A Cross-Site Request Forgery (CSRF) vulnerability exists in the manage ...)
-	TODO: check
+	NOT-FOR-US: WSO2 Enterprise Integrator
 CVE-2024-36353
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2343791
 	TODO: check, AMD GPU related, but unclear if src:linux



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/373b7bff6d58e204f76577edd631d7780dbe3978

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/373b7bff6d58e204f76577edd631d7780dbe3978
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250227/e6faed4e/attachment.htm>