[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
962fa141 by Salvatore Bonaccorso at 2025-01-27T21:20:19+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,71 +1,71 @@
 CVE-2025-24783 (** UNSUPPORTED WHEN ASSIGNED ** Incorrect Usage of Seeds in Pseudo-Ran ...)
 	TODO: check
 CVE-2025-24782 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24754 (Missing Authorization vulnerability in Houzez.co Houzez. This issue af ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24747 (Missing Authorization vulnerability in Houzez.co Houzez. This issue af ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24744 (Missing Authorization vulnerability in NotFound Bridge Core. This issu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24743 (Missing Authorization vulnerability in Rometheme RomethemeKit For Elem ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24742 (Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps (formerl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24741 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in K ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24740 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in T ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24734 (Missing Authorization vulnerability in CodeSolz Better Find and Replac ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24708 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24689 (Insertion of Sensitive Information into Externally-Accessible File or  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24685 (Path Traversal vulnerability in MORKVA Morkva UA Shipping allows PHP L ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24680 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24671 (Deserialization of Untrusted Data vulnerability in Pdfcrowd Save as PD ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24667 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24665 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24664 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24662 (Missing Authorization vulnerability in NotFound LearnDash LMS allows E ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24653 (Missing Authorization vulnerability in NotFound Admin and Site Enhance ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24628 (Authentication Bypass by Spoofing vulnerability in BestWebSoft Google  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24626 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24612 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24606 (Missing Authorization vulnerability in Sprout Invoices Client Invoicin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24603 (Missing Authorization vulnerability in UkrSolution Print Barcode Label ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24601 (Deserialization of Untrusted Data vulnerability in ThimPress FundPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24600 (Missing Authorization vulnerability in David F. Carr RSVPMarker . This ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24593 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24590 (Missing Authorization vulnerability in Haptiq picu \u2013 Online Photo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24584 (Missing Authorization vulnerability in BdThemes Ultimate Store Kit Ele ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24540 (Cross-Site Request Forgery (CSRF) vulnerability in SeedProd Coming Soo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24538 (Cross-Site Request Forgery (CSRF) vulnerability in slaFFik BuddyPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24537 (Cross-Site Request Forgery (CSRF) vulnerability in The Events Calendar ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24533 (Cross-Site Request Forgery (CSRF) vulnerability in MetaSlider Responsi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24368 (Cacti is an open source performance and fault management framework. So ...)
 	TODO: check
 CVE-2025-24367 (Cacti is an open source performance and fault management framework. An ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/962fa1418d37f07c4c74f503147f14f12546abc6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/962fa1418d37f07c4c74f503147f14f12546abc6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250127/a666c7b2/attachment-0001.htm>