[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jul 4 09:13:39 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f613e439 by security tracker role at 2025-07-04T08:13:32+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,45 +1,45 @@
 CVE-2025-7053 (A vulnerability was found in Cockpit up to 2.11.3. It has been rated a ...)
 	TODO: check
 CVE-2025-7046 (The Portfolio for Elementor & Image Gallery | PowerFolio plugin for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6944 (The Uncode Core plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6814 (The Booking X plugin for WordPress is vulnerable to unauthorized acces ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6787 (The Smart Docs plugin for WordPress is vulnerable to Stored Cross-Site ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6786 (The DocCheck Login plugin for WordPress is vulnerable to unauthorized  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6783 (The GoZen Forms plugin for WordPress is vulnerable to SQL Injection vi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6782 (The GoZen Forms plugin for WordPress is vulnerable to SQL Injection vi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6739 (The WPQuiz plugin for WordPress is vulnerable to SQL Injection via the ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6729 (The PayMaster for WooCommerce plugin for WordPress is vulnerable to Se ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6673 (The Easy restaurant menu manager plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6586 (The Download Plugin plugin for WordPress is vulnerable to arbitrary fi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6238 (The AI Engine plugin for WordPress is vulnerable to open redirect in v ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6041 (The yContributors plugin for WordPress is vulnerable to Cross-Site Req ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6039 (The ProcessingJS for WordPress plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5956 (The WP Human Resource Management plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5953 (The WP Human Resource Management plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5933 (The RD Contacto plugin for WordPress is vulnerable to Cross-Site Reque ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5924 (The WP Firebase Push Notification plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5567 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5322 (The VikRentCar Car Rental Management System plugin for WordPress is vu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-53600 (Whale browser before 4.32.315.22 allow an attacker to bypass the Same- ...)
 	TODO: check
 CVE-2025-53599 (Whale browser for iOS before 3.9.1.4206 allow an attacker to execute m ...)
@@ -47,11 +47,11 @@ CVE-2025-53599 (Whale browser for iOS before 3.9.1.4206 allow an attacker to exe
 CVE-2025-52554 (n8n is a workflow automation platform. Prior to version 1.99.1, an aut ...)
 	TODO: check
 CVE-2025-49826 (Next.js is a React framework for building full-stack web applications. ...)
-	TODO: check
+	NOT-FOR-US: Next.js
 CVE-2025-49005 (Next.js is a React framework for building full-stack web applications. ...)
-	TODO: check
+	NOT-FOR-US: Next.js
 CVE-2024-11937 (The Premium Addons for Elementor plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-53367 (DjVuLibre is a GPL implementation of DjVu, a web-centric format for di ...)
 	- djvulibre <unfixed> (bug #1108729)
 	NOTE: https://www.openwall.com/lists/oss-security/2025/07/03/1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f613e439f0a7e21ca8e5cb1f7f97bea79b1d9c65

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f613e439f0a7e21ca8e5cb1f7f97bea79b1d9c65
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250704/5d79d01c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list