[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Nov 1 08:14:13 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d8b61589 by security tracker role at 2025-11-01T08:14:01+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,61 +1,61 @@
 CVE-2025-6990 (The kallyas theme for WordPress is vulnerable to Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6988 (The kallyas theme for WordPress is vulnerable to Stored Cross-Site Scr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6574 (The Service Finder Bookings plugin for WordPress is vulnerable to priv ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-63563 (Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 ...)
 	TODO: check
 CVE-2025-62276 (The Document Library and the Adaptive Media modules in Liferay Portal  ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-62275 (Blogs in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-5949 (The Service Finder Bookings plugin for WordPress is vulnerable to priv ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12367 (The SiteSEO \u2013 SEO Simplified plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12180 (The Qi Blocks plugin for WordPress is vulnerable to Missing Authorizat ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12171 (The RESTful Content Syndication plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12137 (The Import WP \u2013 Export and Import CSV and XML files to WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12118 (The Schema Scalpel plugin for WordPress is vulnerable to Stored Cross- ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12090 (The Employee Spotlight \u2013 Team Member Showcase & Meet the Team Plu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12038 (The Folderly plugin for WordPress is vulnerable to unauthorized modifi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11995 (The Community Events plugin for WordPress is vulnerable to Stored Cros ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11983 (The WP Discourse plugin for WordPress is vulnerable to Information Exp ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11928 (The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11927 (The Flying Images: Optimize and Lazy Load Images for Faster Page Speed ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11922 (The Inactive Logout plugin for WordPress is vulnerable to Stored Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11920 (The WPCOM Member plugin for WordPress is vulnerable to Local File Incl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11833 (The Post SMTP \u2013 Complete SMTP Solution with Logs, Alerts, Backup  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11816 (The Privacy Policy Generator, Terms & Conditions Generator WordPress P ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11755 (The WP Delicious \u2013 Recipe Plugin for Food Bloggers (formerly Deli ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11740 (The wpForo Forum plugin for WordPress is vulnerable to SQL Injection v ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11502 (The Schema & Structured Data for WP & AMP plugin for WordPress is vuln ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11499 (The Tablesome Table \u2013 Contact Form DB \u2013 WPForms, CF7, Gravit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11377 (The List category posts plugin for WordPress is vulnerable to Informat ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11174 (The Document Library Lite plugin for WordPress is vulnerable to Improp ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-10487 (The Advanced Ads \u2013Ad Manager & AdSense plugin for WordPress is vu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12464 (A stack-based buffer overflow was found in the QEMU e1000 network devi ...)
 	- qemu <unfixed>
 	[bookworm] - qemu <not-affected> (Vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8b61589781f9126e058113dc25076812c5d024e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8b61589781f9126e058113dc25076812c5d024e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251101/25686cd9/attachment.htm>

More information about the debian-security-tracker-commits mailing list