[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 6 20:13:42 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
37266883 by security tracker role at 2025-11-06T20:13:34+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
CVE-2025-6327 (Unrestricted Upload of File with Dangerous Type vulnerability in KingA ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-6325 (Incorrect Privilege Assignment vulnerability in KingAddons.com King Ad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64287 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64232 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64224 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64198 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64196 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63589 (A reflected XSS vulnerability exists in CMSimple_XH 1.8's index.php ro ...)
TODO: check
CVE-2025-63588 (An unauthenticated reflected cross-site scripting vulnerability in the ...)
@@ -23,317 +23,317 @@ CVE-2025-63551 (A Server-Side Request Forgery (SSRF) vulnerability, achievable t
CVE-2025-63307 (alexusmai laravel-file-manager 3.3.1 is vulnerable to Cross Site Scrip ...)
TODO: check
CVE-2025-62950 (Cross-Site Request Forgery (CSRF) vulnerability in Wasiliy Strecker / ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62914 (Missing Authorization vulnerability in anibalwainstein Effect Maker ef ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62076 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62075 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62074 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62067 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62066 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62065 (Unrestricted Upload of File with Dangerous Type vulnerability in Romet ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62064 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62059 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62057 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62055 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62053 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62051 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62049 (Missing Authorization vulnerability in Stylemix Cost Calculator Builde ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62047 (Unrestricted Upload of File with Dangerous Type vulnerability in Case- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62046 (Missing Authorization vulnerability in CodexThemes TheGem Demo Import ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62045 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62044 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62041 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62040 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62039 (Insertion of Sensitive Information Into Sent Data vulnerability in Ays ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62038 (Insertion of Sensitive Information Into Sent Data vulnerability in Sov ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62037 (Missing Authorization vulnerability in uxper Togo togo.This issue affe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62036 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62035 (Deserialization of Untrusted Data vulnerability in uxper Togo togo.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62034 (Incorrect Privilege Assignment vulnerability in uxper Togo togo.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62033 (Missing Authorization vulnerability in uxper Togo togo.This issue affe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62032 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62031 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62030 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62028 (Missing Authorization vulnerability in ThemeNectar Salient salient.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62018 (Missing Authorization vulnerability in hogash Kallyas kallyas.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62017 (Missing Authorization vulnerability in hogash Kallyas kallyas.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62016 (Unrestricted Upload of File with Dangerous Type vulnerability in hogas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62014 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62012 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62011 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62010 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60541 (A Server-Side Request Forgery (SSRF) in the /api/proxy/ component of l ...)
TODO: check
CVE-2025-60248 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60247 (Missing Authorization vulnerability in Bux Bux Woocommerce bux-woocomm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60245 (Deserialization of Untrusted Data vulnerability in WP User Manager WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60244 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60243 (Incorrect Privilege Assignment vulnerability in Holest Engineering Sel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60242 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60241 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60240 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60239 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60235 (Unrestricted Upload of File with Dangerous Type vulnerability in Plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60207 (Unrestricted Upload of File with Dangerous Type vulnerability in Addif ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60204 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60203 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60202 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60201 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60200 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60199 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60198 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60197 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60196 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60195 (Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60194 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60193 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60192 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60191 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60190 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60189 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60188 (Insertion of Sensitive Information Into Sent Data vulnerability in Vit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60187 (Unrestricted Upload of File with Dangerous Type vulnerability in Vito ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60074 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60073 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-5803 (Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booki ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-59556 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-59396 (The default configuration of WatchGuard Firebox devices through 2025-0 ...)
TODO: check
CVE-2025-59392 (On Elspec G5 devices through 1.2.2.19, a person with physical access t ...)
TODO: check
CVE-2025-58998 (Deserialization of Untrusted Data vulnerability in Cristi\xe1n L\xe1va ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58996 (Unrestricted Upload of File with Dangerous Type vulnerability in Helmu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58995 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58994 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58986 (Missing Authorization vulnerability in ganddser Jock On Air Now (JOAN) ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58972 (Path Traversal: '.../...//' vulnerability in Dmitry V. (CEO of "UKR So ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58964 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58638 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58636 (Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58629 (Missing Authorization vulnerability in kamleshyadav Miraculous miracul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58627 (Authorization Bypass Through User-Controlled Key vulnerability in kaml ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58619 (Deserialization of Untrusted Data vulnerability in sbouey Falang multi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58595 (Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In O ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58592 (Deserialization of Untrusted Data vulnerability in Cozmoslabs Translat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58243 (Missing Authorization vulnerability in Jthemes imEvent imevent allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58207 (Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Ge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54737 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54722 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54721 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54719 (Deserialization of Untrusted Data vulnerability in NooTheme Yogi - Hea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54718 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54711 (Missing Authorization vulnerability in bPlugins Info Cards info-cards ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53586 (Deserialization of Untrusted Data vulnerability in NooTheme WeMusic no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53585 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53574 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53573 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53349 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53324 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53316 (Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53286 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53283 (Unrestricted Upload of File with Dangerous Type vulnerability in boris ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53252 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53246 (Missing Authorization vulnerability in Gaurav Aggarwal Backup and Move ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53245 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53242 (Deserialization of Untrusted Data vulnerability in VictorThemes Seil s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53239 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53214 (Missing Authorization vulnerability in sertifier Sertifier Certificate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52773 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52764 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49909 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49905 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49904 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49900 (Incorrect Privilege Assignment vulnerability in bPlugins Advanced scro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49398 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49394 (Missing Authorization vulnerability in bPlugins Image Gallery block \u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49393 (Deserialization of Untrusted Data vulnerability in Fetch Designs Sign- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49390 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49386 (Deserialization of Untrusted Data vulnerability in Scott Reilly Preser ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49372 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48330 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-48290 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48090 (Path Traversal: '.../...//' vulnerability in CocoBasic Blanka - One Pa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48089 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48086 (Deserialization of Untrusted Data vulnerability in wpdreams Ajax Searc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48085 (Cross-Site Request Forgery (CSRF) vulnerability in ZIPANG Simple Strip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48083 (Cross-Site Request Forgery (CSRF) vulnerability in andriassundskard wp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48078 (Cross-Site Request Forgery (CSRF) vulnerability in Norbert Slick Googl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48077 (Cross-Site Request Forgery (CSRF) vulnerability in nitinmaurya12 Block ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47588 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39468 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39467 (Path Traversal: '.../...//' vulnerability in Mikado-Themes Wanderland ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39466 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39465 (Missing Authorization vulnerability in flippercode Advanced Google Map ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39463 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-37735 (Improper preservation of permissions in Elastic Defend on Windows host ...)
TODO: check
CVE-2025-36054 (IBM Business Automation Workflow containers 24.0.0 through 24.0.0-IF00 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-34247 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-34246 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-34245 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-34244 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-34243 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-34242 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-34241 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-34240 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-34239 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a command inje ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-34238 (Advantech WebAccess/VPN versions prior to 1.1.5 contain an absolute pa ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-34237 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-34236 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-32222 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
TODO: check
CVE-2025-31029 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28953 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27919 (An issue was discovered in AnyDesk through 9.0.4. A remotely connected ...)
TODO: check
CVE-2025-27918 (An issue was discovered in AnyDesk before 9.0.0. It has an integer ove ...)
@@ -343,39 +343,39 @@ CVE-2025-27917 (An issue was discovered in AnyDesk through 9.0.4. Remote Denial
CVE-2025-27916 (An issue was discovered in AnyDesk through 9.0.4. When the connection ...)
TODO: check
CVE-2025-22397 (Dell Integrated Dell Remote Access Controller 9, 14G versions prior to ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-22288 (Path Traversal: '.../...//' vulnerability in WPMU DEV - Your All-in-On ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-12815 (An ownership verification issue in the Virtual Desktop preview page in ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2025-12808 (Improper access control in Devolutions Server 2025.3.5.0 and earlier a ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2025-12556 (An argument injection vulnerability exists in the affected product tha ...)
TODO: check
CVE-2025-12485 (Improper privilege management during pre-MFA cookie handling in Devolu ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2025-11956 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2025-11268 (The Strong Testimonials plugin for WordPress is vulnerable to arbitrar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10955 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2025-10885 (A maliciously crafted file, when executed on the victim's machine, can ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-25621 (containerd is an open-source container runtime. Versions 0.1.0 through ...)
TODO: check
CVE-2022-50596 (D-Link DIR-1260 Wi-Fi router firmware versions up to and including v1. ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2022-50595 (Advantech iView versions prior to v5.7.04 build 6425contain a vulnerab ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2022-50594 (Advantech iView versions prior to v5.7.04 build 6425contain a vulnerab ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2022-50593 (Advantech iView versions prior to v5.7.04 build 6425contain a vulnerab ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2022-50592 (Advantech iView versions prior to v5.7.04 build 6425contain a vulnerab ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2022-50591 (Advantech iView versions prior to v5.7.04 build 6425contain a vulnerab ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2022-50590 (SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerabili ...)
TODO: check
CVE-2022-50589 (SuiteCRM versions prior to 7.12.6 contain a SQL injection vulnerabilit ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37266883480337d03607d52486db89955c8b9ba1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37266883480337d03607d52486db89955c8b9ba1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251106/bdac92f4/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list