[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Mar 13 08:14:41 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
faab35a0 by Moritz Muehlenhoff at 2025-03-13T09:14:24+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2025-2271 (A vulnerability exists in Issuetrak v17.2.2 and prior that allows a lo ...)
 	TODO: check
 CVE-2025-2250 (The WordPress Report Brute Force Attacks and Login Protection ReportAt ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2107 (The ArielBrailovsky-ViralAd plugin for WordPress is vulnerable to SQL  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2106 (The ArielBrailovsky-ViralAd plugin for WordPress is vulnerable to SQL  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2104 (The Page Builder: Pagelayer \u2013 Drag and Drop website builder plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-25293 (ruby-saml provides security assertion markup language (SAML) single si ...)
 	TODO: check
 CVE-2025-25292 (ruby-saml provides security assertion markup language (SAML) single si ...)
@@ -15,25 +15,25 @@ CVE-2025-25292 (ruby-saml provides security assertion markup language (SAML) sin
 CVE-2025-25291 (ruby-saml provides security assertion markup language (SAML) single si ...)
 	TODO: check
 CVE-2025-1785 (The Download Manager plugin for WordPress is vulnerable to Directory T ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1561 (The AppPresser \u2013 Mobile App Framework plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1559 (The CC-IMG-Shortcode plugin for WordPress is vulnerable to Stored Cros ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1503 (The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1487 (The WoWPth WordPress plugin through 2.0 does not sanitise and escape a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1486 (The WoWPth WordPress plugin through 2.0 does not sanitise and escape a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1436 (The Limit Bio WordPress plugin through 1.0 does not have CSRF check wh ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1401 (The WP Click Info WordPress plugin through 2.7.4 does not sanitise and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1257 (An issue was discovered in GitLab EE affecting all versions starting w ...)
 	TODO: check
 CVE-2025-1119 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments B ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0652 (An issue has been discovered in GitLab EE/CE affecting all versions st ...)
 	TODO: check
 CVE-2024-8402 (An issue was discovered in GitLab EE affecting all versions starting f ...)
@@ -41,15 +41,15 @@ CVE-2024-8402 (An issue was discovered in GitLab EE affecting all versions start
 CVE-2024-7296 (An issue was discovered in GitLab EE affecting all versions from 16.5  ...)
 	TODO: check
 CVE-2024-13891 (The Schedule WordPress plugin through 1.0.0 does not sanitise and esca ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13887 (The Business Directory Plugin \u2013 Easy Listing Directories for Word ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13885 (The WP e-Customers Beta WordPress plugin through 0.0.1 does not saniti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13884 (The Limit Bio WordPress plugin through 1.0 does not sanitise and escap ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13703 (The CRM and Lead Management by vcita plugin for WordPress is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13054 (An issue was discovered in GitLab CE/EE affecting all versions before  ...)
 	TODO: check
 CVE-2024-12380 (An issue was discovered in GitLab EE/CE affecting all versions startin ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/faab35a01b4cec4b941a1b17b88460274599128f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/faab35a01b4cec4b941a1b17b88460274599128f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250313/05c84528/attachment.htm>

More information about the debian-security-tracker-commits mailing list