[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Mar 27 20:16:37 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
65ae9af3 by Salvatore Bonaccorso at 2025-03-27T21:16:11+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,201 +9,201 @@ CVE-2025-31178 (A flaw was found in gnuplot. The GetAnnotateString() function ma
CVE-2025-31176 (A flaw was found in gnuplot. The plot3d_points() function may lead to ...)
TODO: check
CVE-2025-31141 (In JetBrains TeamCity before 2025.03 exception could lead to credentia ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-31140 (In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-31139 (In JetBrains TeamCity before 2025.03 base64 encoded password could be ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-30925 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30923 (Cross-Site Request Forgery (CSRF) vulnerability in powerfulwp Gift Mes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30922 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30921 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30920 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30919 (Cross-Site Request Forgery (CSRF) vulnerability in Store Locator Widge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30918 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30914 (Server-Side Request Forgery (SSRF) vulnerability in XpeedStudio Metfor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30912 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Float m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30909 (Missing Authorization vulnerability in Conversios Conversios.io allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30907 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30904 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30903 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30900 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30899 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30898 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30897 (Missing Authorization vulnerability in Adnan Analytify allows Exploiti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30896 (Missing Authorization vulnerability in weDevs WP ERP allows Exploiting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30895 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30894 (Missing Authorization vulnerability in Epsiloncool WP Fast Total Searc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30893 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30891 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30890 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30888 (Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Cu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30887 (Missing Authorization vulnerability in magepeopleteam WpEvently allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30885 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30884 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30883 (Missing Authorization vulnerability in richplugins Trust.Reviews allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30881 (Missing Authorization vulnerability in ThemeHunk Big Store allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30879 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30877 (Missing Authorization vulnerability in fatcatapps Quiz Cat allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30874 (Missing Authorization vulnerability in Jose Specific Content For Mobil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30873 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30872 (Cross-Site Request Forgery (CSRF) vulnerability in Nitin Prakash Produ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30871 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30868 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30867 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30866 (Missing Authorization vulnerability in Giannis Kipouros Terms & Condit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30865 (Cross-Site Request Forgery (CSRF) vulnerability in fuzzoid 3DPrint Lit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30864 (Missing Authorization vulnerability in falselight Exchange Rates allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30863 (Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integrati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30862 (Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi reCAPT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30861 (Missing Authorization vulnerability in Rustaurius Five Star Restaurant ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30860 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30859 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30857 (Cross-Site Request Forgery (CSRF) vulnerability in PressMaximum Curren ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30856 (Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30854 (Cross-Site Request Forgery (CSRF) vulnerability in Saso Serial Codes G ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30851 (Missing Authorization vulnerability in Tickera Tickera allows Exploiti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30850 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30847 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30846 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30845 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30843 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30842 (Cross-Site Request Forgery (CSRF) vulnerability in pixolette Christmas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30839 (Missing Authorization vulnerability in magepeopleteam Taxi Booking Man ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30838 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30836 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30833 (Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30832 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30831 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30830 (Missing Authorization vulnerability in Hossni Mubarak Cool Author Box ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30829 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30828 (Missing Authorization vulnerability in Arraytics Timetics allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30826 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30824 (Missing Authorization vulnerability in Israpil Textmetrics allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30823 (Cross-Site Request Forgery (CSRF) vulnerability in Boone Gorges Anthol ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30822 (Cross-Site Request Forgery (CSRF) vulnerability in Hakik Zaman Custom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30821 (Missing Authorization vulnerability in otacke SNORDIAN's H5PxAPIkatchu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30820 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30819 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30818 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30817 (Missing Authorization vulnerability in wpzita Z Companion allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30816 (Cross-Site Request Forgery (CSRF) vulnerability in Nks publish post em ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30815 (Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30814 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30813 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30812 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30811 (Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla Vali ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30810 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30809 (Missing Authorization vulnerability in Shahjada Live Forms allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30806 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30805 (Cross-Site Request Forgery (CSRF) vulnerability in wpdesk Flexible Coo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30804 (Cross-Site Request Forgery (CSRF) vulnerability in maennchen1.de wpSho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30803 (Missing Authorization vulnerability in Greg Ross Just Writing Statisti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30801 (Cross-Site Request Forgery (CSRF) vulnerability in Abu Bakar TWB Wooco ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30800 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30799 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30795 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30792 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30791 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30790 (Missing Authorization vulnerability in alexvtn Chatbox Manager allows ...)
TODO: check
CVE-2025-30789 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-30788 (Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30787 (Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30786 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-30785 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
@@ -211,7 +211,7 @@ CVE-2025-30785 (Improper Control of Filename for Include/Require Statement in PH
CVE-2025-30784 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-30783 (Cross-Site Request Forgery (CSRF) vulnerability in jgwhite33 WP Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30781 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in W ...)
TODO: check
CVE-2025-30780 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -223,43 +223,43 @@ CVE-2025-30777 (Authorization Bypass Through User-Controlled Key vulnerability i
CVE-2025-30776 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-30775 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30773 (Deserialization of Untrusted Data vulnerability in Cozmoslabs Translat ...)
TODO: check
CVE-2025-30772 (Missing Authorization vulnerability in WPClever WPC Smart Upsell Funne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30771 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-30770 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-30769 (Cross-Site Request Forgery (CSRF) vulnerability in alexvtn WIP WooCaro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30768 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-30767 (Missing Authorization vulnerability in add-ons.org PDF for WPForms all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30766 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-30765 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-30764 (Cross-Site Request Forgery (CSRF) vulnerability in AntoineH Football P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30763 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-30367 (WeGIA is a Web manager for charitable institutions. A SQL Injection vu ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30366 (WeGIA is a Web manager for charitable institutions. Versions prior to ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30365 (WeGIA is a Web manager for charitable institutions. A SQL Injection vu ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30364 (WeGIA is a Web manager for charitable institutions. A SQL Injection vu ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30363 (WeGIA is a Web manager for charitable institutions. A stored Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30362 (WeGIA is a Web manager for charitable institutions. A stored Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30361 (WeGIA is a Web manager for charitable institutions. A security vulnera ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30358 (Mesop is a Python-based UI framework that allows users to build web ap ...)
TODO: check
CVE-2025-30221 (Pitchfork is a preforking HTTP server for Rack applications. Versions ...)
@@ -273,15 +273,15 @@ CVE-2025-2857 (Following the recent Chrome sandbox escape (CVE-2025-2783), vario
CVE-2025-2855 (A vulnerability, which was classified as problematic, has been found i ...)
TODO: check
CVE-2025-2854 (A vulnerability classified as critical was found in code-projects Payr ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-2852 (A vulnerability has been found in SourceCodester Food Ordering Managem ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-2849 (A vulnerability, which was classified as problematic, was found in UPX ...)
TODO: check
CVE-2025-2847 (A vulnerability, which was classified as critical, has been found in C ...)
- TODO: check
+ NOT-FOR-US: Codezips
CVE-2025-2846 (A vulnerability classified as critical was found in SourceCodester Onl ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-2516 (The use of a weak cryptographic key pair in the signature verification ...)
TODO: check
CVE-2025-29993 (The affected versions of PowerCMS allow HTTP header injection. This vu ...)
@@ -319,27 +319,27 @@ CVE-2025-29306 (An issue in FoxCMS v.1.2.5 allows a remote attacker to execute a
CVE-2025-29072 (An integer overflow in Nethermind Juno before v.12.05 within the Sierr ...)
TODO: check
CVE-2025-28138 (TOTOLINK A800R V4.1.2cu.5137_B20200730 contains a remote command execu ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-28135 (TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer o ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-27793 (Vega is a visualization grammar, a declarative format for creating, sa ...)
TODO: check
CVE-2025-26909 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26762 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26738 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26737 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26736 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26734 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26732 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26731 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26619 (Vega is a visualization grammar, a declarative format for creating, sa ...)
TODO: check
CVE-2025-26265 (A segmentation fault in openairinterface5g v2.1.0 allows attackers to ...)
@@ -347,73 +347,73 @@ CVE-2025-26265 (A segmentation fault in openairinterface5g v2.1.0 allows attacke
CVE-2025-25686 (semcms <=5.0 is vulnerable to SQL Injection in SEMCMS_Fuction.php.)
TODO: check
CVE-2025-25100 (Cross-Site Request Forgery (CSRF) vulnerability in victoracano Cazamba ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-25086 (Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Secret ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22816 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22783 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22770 (Missing Authorization vulnerability in EnvoThemes Envo Multipurpose al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22673 (Missing Authorization vulnerability in WPFactory EAN for WooCommerce a ...)
TODO: check
CVE-2025-22672 (Server-Side Request Forgery (SSRF) vulnerability in SuitePlugins Video ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22671 (Missing Authorization vulnerability in Leap13 Disable Elementor Editor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22670 (Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booki ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22669 (Cross-Site Request Forgery (CSRF) vulnerability in AwesomeTOGI Awesome ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22668 (Missing Authorization vulnerability in AwesomeTOGI Awesome Event Booki ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22667 (Missing Authorization vulnerability in Creative Werk Designs Export Or ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22665 (Missing Authorization vulnerability in Shakeeb Sadikeen RapidLoad allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22660 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22659 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22658 (Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar List ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22652 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22649 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22648 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22647 (Missing Authorization vulnerability in smackcoders AIO Performance Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22646 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22644 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22640 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22638 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22637 (Cross-Site Request Forgery (CSRF) vulnerability in verkkovaraani Print ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22634 (Cross-Site Request Forgery (CSRF) vulnerability in MD Abu Jubayer Hoss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22629 (Missing Authorization vulnerability in iNET iNET Webkit allows Accessi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22628 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22497 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22496 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22278 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-1998 (IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through 7.2.3.14, and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1997 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-56469 (IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through 7.2.3.15, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-55073 (A Broken Object Level Authorization vulnerability in the component /ap ...)
TODO: check
CVE-2024-55072 (A Broken Object Level Authorization vulnerability in the component /ap ...)
@@ -423,9 +423,9 @@ CVE-2024-55070 (A Broken Object Level Authorization vulnerability in the compone
CVE-2024-12905 (An Improper Link Resolution Before File Access ("Link Following") and ...)
TODO: check
CVE-2023-38272 (IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-37405 (IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-53033 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.7-1
[bullseye] - linux 5.10.178-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65ae9af3c7fe309f7e1ab5b5a02ea7a92c138bef
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65ae9af3c7fe309f7e1ab5b5a02ea7a92c138bef
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250327/c8f3ae6e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list