[Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 12 08:37:02 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d36d8dbc by Salvatore Bonaccorso at 2025-03-12T09:36:39+01:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -59,129 +59,129 @@ CVE-2025-2013 (Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code E
CVE-2025-2012 (Ashlar-Vellum Cobalt VS File Parsing Out-Of-Bounds Read Remote Code Ex ...)
TODO: check
CVE-2025-28943 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28941 (Cross-Site Request Forgery (CSRF) vulnerability in ohtan Spam Byebye a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28940 (Cross-Site Request Forgery (CSRF) vulnerability in arkapravamajumder B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28938 (Missing Authorization vulnerability in Bjoern WP Performance Pack allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28937 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28936 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28933 (Cross-Site Request Forgery (CSRF) vulnerability in maxfoundry MaxA/B a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28932 (Cross-Site Request Forgery (CSRF) vulnerability in BCS Website Solutio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28931 (Cross-Site Request Forgery (CSRF) vulnerability in DevriX Hashtags all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28930 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28929 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28927 (Cross-Site Request Forgery (CSRF) vulnerability in A. Chappard Display ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28926 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28925 (Cross-Site Request Forgery (CSRF) vulnerability in Hieu Nguyen WATI Ch ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28923 (Cross-Site Request Forgery (CSRF) vulnerability in philippe No Disposa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28922 (Cross-Site Request Forgery (CSRF) vulnerability in Terence D. Go To To ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28920 (Missing Authorization vulnerability in Jogesh Responsive Google Map al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28919 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28918 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28915 (Unrestricted Upload of File with Dangerous Type vulnerability in Theme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28914 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28913 (Cross-Site Request Forgery (CSRF) vulnerability in Aftab Ali Muni WP A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28912 (Cross-Site Request Forgery (CSRF) vulnerability in Muntasir Rahman Cus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28910 (Cross-Site Request Forgery (CSRF) vulnerability in Ravinder Khurana WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28909 (Cross-Site Request Forgery (CSRF) vulnerability in edwardw WP No-Bot Q ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28908 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28907 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28906 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28905 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28902 (Cross-Site Request Forgery (CSRF) vulnerability in Benjamin Pick Conta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28901 (Cross-Site Request Forgery (CSRF) vulnerability in Naren Members page ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28900 (Cross-Site Request Forgery (CSRF) vulnerability in webgarb TabGarb Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28897 (Cross-Site Request Forgery (CSRF) vulnerability in Steveorevo Domain T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28896 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28895 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28894 (Cross-Site Request Forgery (CSRF) vulnerability in frucomerci List of ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28892 (Cross-Site Request Forgery (CSRF) vulnerability in a2rocklobster FTP S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28891 (Cross-Site Request Forgery (CSRF) vulnerability in jazzigor price-calc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28887 (Cross-Site Request Forgery (CSRF) vulnerability in Fastmover Plugins L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28886 (Cross-Site Request Forgery (CSRF) vulnerability in xjb REST API TO Min ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28884 (Cross-Site Request Forgery (CSRF) vulnerability in Rajesh Kumar WP Bul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28883 (Cross-Site Request Forgery (CSRF) vulnerability in Martin WP Compare T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28881 (Cross-Site Request Forgery (CSRF) vulnerability in mg12 Mobile Themes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28879 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28878 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28876 (Cross-Site Request Forgery (CSRF) vulnerability in Skrill_Team Skrill ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28875 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28874 (Authorization Bypass Through User-Controlled Key vulnerability in shan ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28872 (Missing Authorization vulnerability in jwpegram Block Spam By Math Rel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28871 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28870 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28868 (Cross-Site Request Forgery (CSRF) vulnerability in ZipList ZipList Rec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28867 (Cross-Site Request Forgery (CSRF) vulnerability in stesvis Frontpage c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28866 (Cross-Site Request Forgery (CSRF) vulnerability in smerriman Login Log ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28864 (Cross-Site Request Forgery (CSRF) vulnerability in Planet Studio Build ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28863 (Cross-Site Request Forgery (CSRF) vulnerability in Carlos Minatti Dele ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28862 (Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Comment D ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28861 (Cross-Site Request Forgery (CSRF) vulnerability in bhzad WP jQuery Per ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28860 (Cross-Site Request Forgery (CSRF) vulnerability in PPDPurveyor Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28859 (Cross-Site Request Forgery (CSRF) vulnerability in CodeVibrant Mainten ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28857 (Cross-Site Request Forgery (CSRF) vulnerability in rankchecker Rankche ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-28856 (Cross-Site Request Forgery (CSRF) vulnerability in dangrossman W3Count ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27792 (Opal is OBiBa\u2019s core database application for biobanks or epidemi ...)
TODO: check
CVE-2025-27181 (Substance3D - Modeler versions 1.15.0 and earlier are affected by a Us ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d36d8dbc45373b1a4fa1445ffa57fcdeb2959e61
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d36d8dbc45373b1a4fa1445ffa57fcdeb2959e61
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250312/49046d24/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list