[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Nov 19 08:14:16 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1a061213 by security tracker role at 2025-11-19T08:14:08+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2025-6251 (The Royal Elementor Addons and Templates plugin for WordPress is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-65941
REJECTED
CVE-2025-65940
@@ -45,59 +45,59 @@ CVE-2025-63215 (The Sound4 IMPACT web-based management interface is vulnerable t
CVE-2025-62406 (Piwigo is a full featured open source photo gallery application for th ...)
TODO: check
CVE-2025-54990 (XWiki AdminTools integrates administrative tools for managing a runnin ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-13225 (Tanium addressed an arbitrary file deletion vulnerability in TanOS.)
TODO: check
CVE-2025-13206 (The GiveWP \u2013 Donation Plugin and Fundraising Platform plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13145 (The WP Import \u2013 Ultimate CSV XML Importer for WordPress plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13085 (The SiteSEO \u2013 SEO Simplified plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13054 (The User Profile Builder \u2013 Beautiful User Registration Forms, Use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13051 (When the service of ABP and AES is installed in a directory writable b ...)
- TODO: check
+ NOT-FOR-US: Asustor
CVE-2025-13035 (The Code Snippets plugin for WordPress is vulnerable to PHP Code Injec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12878 (The FunnelKit \u2013 Funnel Builder for WooCommerce Checkout plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12852 (DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX Al ...)
TODO: check
CVE-2025-12842 (The Booking Plugin for WordPress Appointments \u2013 Time Slot plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12822 (The WP Login and Register using JWT plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12814 (The SiteSEO \u2013 SEO Simplified plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12777 (The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to au ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12770 (The New User Approve plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12751 (The WSChat \u2013 WordPress Live Chat plugin for WordPress is vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12710 (The Pet-Manager \u2013 Petfinder plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12646 (The Community Events plugin for WordPress is vulnerable to SQL Injecti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12535 (The SureForms plugin for WordPress is vulnerable to Cross-Site Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12484 (The Giveaways and Contests by RafflePress \u2013 Get More Website Traf ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12427 (The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to In ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12426 (The Quiz Maker plugin for WordPress is vulnerable to Sensitive Informa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12359 (The Responsive Lightbox & Gallery plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12349 (The Icegram Express - Email Subscribers, Newsletters and Marketing Aut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12174 (The Directorist: AI-Powered Business Directory Plugin with Classified ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12119 (A mongoc_bulk_operation_t may read invalid memory if large options are ...)
TODO: check
CVE-2025-12057 (The WavePlayer WordPress plugin before 3.8.0 does not have authorizati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12056 (Out-of-bounds Read in Shelly Pro 3EM(before v1.4.4) allows Overread Bu ...)
TODO: check
CVE-2025-11243 (Allocation of Resources Without Limits or Throttling vulnerability in ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a061213f11bc7c1f41f41a77fe19dab40cf075e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a061213f11bc7c1f41f41a77fe19dab40cf075e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251119/04e7c4f9/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list