[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Sep 30 09:13:44 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f110c81b by security tracker role at 2025-09-30T08:13:37+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
CVE-2025-9993 (The Bei Fen \u2013 WordPress Backup Plugin plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9991 (The Tiny Bootstrap Elements Light plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9948 (The Chat by Chatwee plugin for WordPress is vulnerable to Cross-Site R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9946 (The LockerPress \u2013 WordPress Security Plugin plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9852 (The Yoga Schedule Momoyoga plugin for WordPress is vulnerable to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9762 (The Post By Email plugin for WordPress is vulnerable to arbitrary file ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8777 (The planetcalc plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8625 (The Copypress Rest API plugin for WordPress is vulnerable to Remote Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8624 (The Nexa Blocks plugin for WordPress is vulnerable to Stored Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8623 (The WeedMaps Menu for WordPress plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8608 (The Mihdan: Elementor Yandex Maps plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8566 (The GutenBee \u2013 Gutenberg Blocks plugin for WordPress is vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8560 (The FancyTabs plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8559 (The All in One Music Player plugin for WordPress is vulnerable to Path ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8214 (The The Pack Elementor addon plugin for WordPress is vulnerable to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7052 (The LatePoint plugin for WordPress is vulnerable to Cross-Site Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7038 (The LatePoint plugin for WordPress is vulnerable to Authentication Byp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6941 (The LatePoint \u2013 Calendar Booking Plugin for Appointments and Even ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6815 (The LatePoint \u2013 Calendar Booking Plugin for Appointments and Even ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-61633
REJECTED
CVE-2025-61632
@@ -91,23 +91,23 @@ CVE-2025-54592 (FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.
CVE-2025-54591 (FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and ...)
TODO: check
CVE-2025-45376 (Dell Repository Manager (DRM), versions 3.4.7 and 3.4.8, contains an I ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43820 (Multiple cross-site scripting (XSS) vulnerabilities in the Calendar wi ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43818 (Cross-site scripting (XSS) vulnerability in the Calendar widget in Lif ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43817 (Multiple reflected cross-site scripting (XSS) vulnerabilities in Lifer ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43815 (Reflected cross-site scripting (XSS) vulnerability on the page configu ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43813 (Possible path traversal vulnerability and denial-of-service in the Com ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43812 (Cross-site scripting (XSS) vulnerability in web content template in Li ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43811 (Multiple stored cross-site scripting (XSS) vulnerability in the relate ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-36245 (IBM InfoSphere 11.7.0.0 through 11.7.1.6 Information Server could allo ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-34235 (Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to v ...)
TODO: check
CVE-2025-34234 (Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to v ...)
@@ -153,7 +153,7 @@ CVE-2025-34207 (Vasion Print (formerly PrinterLogic) Virtual Appliance Host prio
CVE-2025-30247 (An OS command injection vulnerability in user interface in Western Dig ...)
TODO: check
CVE-2025-11163 (The SmartCrawl SEO checker, analyzer & optimizer plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11149 (This affects all versions of the package node-static; all versions of ...)
TODO: check
CVE-2025-11148 (All versions of the package check-branches are vulnerable to Command I ...)
@@ -161,25 +161,25 @@ CVE-2025-11148 (All versions of the package check-branches are vulnerable to Com
CVE-2025-10991 (The attacker may obtain root access by connecting to the UART port and ...)
TODO: check
CVE-2025-10196 (The Survey Anyplace plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10191 (The Big Post Shipping for WooCommerce plugin for WordPress is vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10189 (The BP Direct Menus plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10182 (The dbview plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10179 (The My AskAI plugin for WordPress is vulnerable to Stored Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10168 (The Any News Ticker plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10131 (The All Social Share Options plugin for WordPress is vulnerable to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10130 (The Layers plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10128 (The Eulerpool Research Systems plugin for WordPress is vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10000 (The Qyrr \u2013 simply and modern QR-Code creation plugin for WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-58040 (Crypt::RandomEncryption for Perl version 0.01 uses insecure rand() fun ...)
NOT-FOR-US: Crypt::RandomEncryption Perl module
CVE-2025-9648 (A vulnerability in the CivetWeb library's function mg_handle_form_requ ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f110c81b25ca9ef0338222b4330e25c1a35a9130
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f110c81b25ca9ef0338222b4330e25c1a35a9130
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250930/e649aa40/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list