[Git][security-tracker-team/security-tracker][master] automatic update

Sat Apr 4 20:14:18 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b786ce1c by security tracker role at 2026-04-04T19:13:06+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,95 @@
+CVE-2026-5425 (The Widgets for Social Photo Feed plugin for WordPress is vulnerable t ...)
+	TODO: check
+CVE-2026-4896 (The WCFM \u2013 Frontend Manager for WooCommerce along with Bookings S ...)
+	TODO: check
+CVE-2026-3666 (The wpForo Forum plugin for WordPress is vulnerable to arbitrary file  ...)
+	TODO: check
+CVE-2026-3445 (The Paid Membership Plugin, Ecommerce, User Registration Form, Login F ...)
+	TODO: check
+CVE-2026-3309 (The Paid Membership Plugin, Ecommerce, User Registration Form, Login F ...)
+	TODO: check
+CVE-2026-2936 (The Visitor Traffic Real Time Statistics plugin for WordPress is vulne ...)
+	TODO: check
+CVE-2026-2826 (The Kadence Blocks \u2014 Page Builder Toolkit for Gutenberg Editor pl ...)
+	TODO: check
+CVE-2026-2600 (The ElementsKit Elementor Addons and Templates plugin for WordPress is ...)
+	TODO: check
+CVE-2026-2437 (The WP Travel Engine \u2013 Tour Booking Plugin \u2013 Tour Operator S ...)
+	TODO: check
+CVE-2026-1233 (The Text to Speech for WP (AI Voices by Mementor) plugin for WordPress ...)
+	TODO: check
+CVE-2026-0738 (The WP Shortcodes Plugin - Shortcodes Ultimate plugin for WordPress is ...)
+	TODO: check
+CVE-2026-0737 (The WP Shortcodes Plugin - Shortcodes Ultimate plugin for WordPress is ...)
+	TODO: check
+CVE-2026-0664 (The Royal Addons for Elementor plugin for WordPress is vulnerable to S ...)
+	TODO: check
+CVE-2026-0626 (The WPFunnels \u2013 Easy Funnel Builder To Optimize Buyer Journeys An ...)
+	TODO: check
+CVE-2026-0552 (The Simple Shopping Cart plugin for WordPress is vulnerable to Stored  ...)
+	TODO: check
+CVE-2025-15064 (The Ultimate Member \u2013 User Profile, Registration, Login, Member D ...)
+	TODO: check
+CVE-2025-14938 (The Listeo Core plugin for WordPress is vulnerable to unauthenticated  ...)
+	TODO: check
+CVE-2025-13368 (The Xpro Addons \u2014 140+ Widgets for Elementor plugin for WordPress ...)
+	TODO: check
+CVE-2018-25255 (10-Strike LANState 8.8 contains a local buffer overflow vulnerability  ...)
+	TODO: check
+CVE-2018-25254 (NICO-FTP 3.0.1.19 contains a structured exception handler buffer overf ...)
+	TODO: check
+CVE-2018-25253 (Termite 3.4 contains a buffer overflow vulnerability in the User inter ...)
+	TODO: check
+CVE-2018-25252 (FTP Voyager 16.2.0 contains a denial of service vulnerability that all ...)
+	TODO: check
+CVE-2018-25251 (Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay  ...)
+	TODO: check
+CVE-2018-25250 (MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent c ...)
+	TODO: check
+CVE-2018-25249 (MyBB My Arcade Plugin 1.3 contains a persistent cross-site scripting v ...)
+	TODO: check
+CVE-2018-25248 (MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting ...)
+	TODO: check
+CVE-2018-25247 (MyBB Like Plugin 3.0.0 contains a cross-site scripting vulnerability t ...)
+	TODO: check
+CVE-2018-25245 (7 Tik 1.0.1.0 contains a denial of service vulnerability that allows a ...)
+	TODO: check
+CVE-2018-25244 (Eco Search 1.0.2.0 contains a denial of service vulnerability that all ...)
+	TODO: check
+CVE-2018-25243 (FastTube 1.0.1.0 contains a denial of service vulnerability that allow ...)
+	TODO: check
+CVE-2018-25242 (One Search 1.1.0.0 contains a denial of service vulnerability that all ...)
+	TODO: check
+CVE-2018-25241 (VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that a ...)
+	TODO: check
+CVE-2018-25240 (Watchr 1.1.0.0 contains a denial of service vulnerability that allows  ...)
+	TODO: check
+CVE-2018-25239 (Smart VPN 1.1.3.0 contains a denial of service vulnerability that allo ...)
+	TODO: check
+CVE-2018-25238 (VSCO 1.1.1.0 contains a denial of service vulnerability that allows lo ...)
+	TODO: check
+CVE-2016-20061 (sheed AntiVirus 2.3 contains an unquoted service path vulnerability in ...)
+	TODO: check
+CVE-2016-20060 (Hotspot Shield 6.0.3 contains an unquoted service path vulnerability i ...)
+	TODO: check
+CVE-2016-20059 (IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerab ...)
+	TODO: check
+CVE-2016-20058 (Netgate AMITI Antivirus build 23.0.305 contains an unquoted service pa ...)
+	TODO: check
+CVE-2016-20057 (NETGATE Registry Cleaner build 16.0.205 contains an unquoted service p ...)
+	TODO: check
+CVE-2016-20056 (Spy Emergency build 23.0.205 contains an unquoted service path vulnera ...)
+	TODO: check
+CVE-2016-20055 (IObit Advanced SystemCare 10.0.2 contains an unquoted service path vul ...)
+	TODO: check
+CVE-2016-20053 (Redaxo CMS 5.2 contains a cross-site request forgery vulnerability tha ...)
+	TODO: check
+CVE-2016-20052 (Snews CMS 1.7 contains an unrestricted file upload vulnerability that  ...)
+	TODO: check
+CVE-2016-20051 (Snews CMS 1.7 contains a cross-site request forgery vulnerability that ...)
+	TODO: check
+CVE-2016-20050 (NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan  ...)
+	TODO: check
 CVE-2026-5485 (OS command injection in the browser-based authentication component in  ...)
 	NOT-FOR-US: Amazon
 CVE-2026-5484 (A weakness has been identified in BookStackApp BookStack up to 26.03.  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b786ce1c1e2bf3eb904ced769ba6c79b4ee012ec

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b786ce1c1e2bf3eb904ced769ba6c79b4ee012ec
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260404/16af0b42/attachment.htm>
