[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jan 24 20:41:19 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dc448bde by Salvatore Bonaccorso at 2025-01-24T21:39:37+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,213 +1,213 @@
CVE-2025-24756 (Cross-Site Request Forgery (CSRF) vulnerability in mgplugin Roi Calcul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24755 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24753 (Missing Authorization vulnerability in Kadence WP Gutenberg Blocks by ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24751 (Missing Authorization vulnerability in GoDaddy CoBlocks allows Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24750 (Missing Authorization vulnerability in ExactMetrics ExactMetrics allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24746 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24739 (Cross-Site Request Forgery (CSRF) vulnerability in FluentSMTP & WPMana ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24738 (Cross-Site Request Forgery (CSRF) vulnerability in NowButtons.com Call ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24736 (Missing Authorization vulnerability in Metaphor Creations Post Duplica ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24733 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24732 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24731 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24730 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24729 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24728 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24727 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24726 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24725 (Missing Authorization vulnerability in ThimPress Thim Elementor Kit al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24724 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Me ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24723 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24722 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24721 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24720 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Sticky ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24719 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24717 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Modal W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24716 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Herd Ef ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24715 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Counter ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24714 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24713 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24712 (Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme Radius ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24711 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Popup B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24709 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24706 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24705 (Missing Authorization vulnerability in Arshid WooCommerce Quick View a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24704 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24703 (Server-Side Request Forgery (SSRF) vulnerability in DLX Plugins Commen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24702 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24701 (Server-Side Request Forgery (SSRF) vulnerability in Kiboko Labs Chaine ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24698 (Cross-Site Request Forgery (CSRF) vulnerability in G5Theme Essential R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24696 (Cross-Site Request Forgery (CSRF) vulnerability in WP Attire Attire Bl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24695 (Server-Side Request Forgery (SSRF) vulnerability in HasThemes Extensio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24693 (Missing Authorization vulnerability in Yehi Advanced Notifications all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24691 (Missing Authorization vulnerability in Gagan Sandhu , Enej Bajgoric , ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24687 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24683 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24682 (Missing Authorization vulnerability in mikemmx Super Block Slider allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24681 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24679 (Missing Authorization vulnerability in webraketen Internal Links Manag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24678 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24675 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24674 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24673 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24672 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24669 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24668 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24666 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24663 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24659 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24658 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24657 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24652 (Missing Authorization vulnerability in Revmakx WP Duplicate \u2013 Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24650 (Unrestricted Upload of File with Dangerous Type vulnerability in Theme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24649 (Missing Authorization vulnerability in wpase.com Admin and Site Enhanc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24647 (Cross-Site Request Forgery (CSRF) vulnerability in datafeedr.com WooCo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24644 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24638 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24636 (Cross-Site Request Forgery (CSRF) vulnerability in Laymance Technologi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24634 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24633 (Missing Authorization vulnerability in silverplugins217 Build Private ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24627 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24625 (Missing Authorization vulnerability in Marco Almeida | Webdados Taxono ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24623 (Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Secur ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24622 (Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins Job Boa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24618 (Missing Authorization vulnerability in ElementInvader ElementInvader A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24613 (Missing Authorization vulnerability in Foliovision FV Thoughtful Comme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24611 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24610 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24604 (Missing Authorization vulnerability in Vikas Ratudi VForm allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24596 (Missing Authorization vulnerability in WC Product Table WooCommerce Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24595 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24594 (Missing Authorization vulnerability in Speedcomp Linet ERP-Woocommerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24591 (Missing Authorization vulnerability in NinjaTeam GDPR CCPA Compliance ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24589 (Missing Authorization vulnerability in JS Morisset JSM Show Post Metad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24588 (Missing Authorization vulnerability in Patreon Patreon WordPress allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24587 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24585 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24582 (Insertion of Sensitive Information Into Sent Data vulnerability in Cod ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24580 (Missing Authorization vulnerability in Code for Recovery 12 Step Meeti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24579 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24578 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24575 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24573 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24572 (Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24571 (Missing Authorization vulnerability in Epsiloncool WP Fast Total Searc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24570 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24568 (Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24562 (Cross-Site Request Forgery (CSRF) vulnerability in Optimal Access Inc. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24561 (Cross-Site Request Forgery (CSRF) vulnerability in ReviewsTap ReviewsT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24555 (Cross-Site Request Forgery (CSRF) vulnerability in SubscriptionDNA.com ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24552 (Generation of Error Message Containing Sensitive Information vulnerabi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24547 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24546 (Cross-Site Request Forgery (CSRF) vulnerability in RSTheme Ultimate Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24543 (Cross-Site Request Forgery (CSRF) vulnerability in RSTheme Ultimate Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24542 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24363 (The HL7 FHIR IG publisher is a tool to take a set of inputs and create ...)
- TODO: check
+ NOT-FOR-US: HL7 FHIR IG publisher
CVE-2025-24362 (In some circumstances, debug artifacts uploaded by the CodeQL Action a ...)
TODO: check
CVE-2025-24359 (ASTEVAL is an evaluator of Python expressions and statements. Prior to ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc448bdee5fd1f304ec179785bb4b65eee8c87db
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc448bdee5fd1f304ec179785bb4b65eee8c87db
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250124/f83d71c5/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list