[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Feb 19 08:14:05 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
73c8c340 by security tracker role at 2026-02-19T08:13:59+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2026-2711 (A vulnerability has been found in zhutoutoutousan worldquant-mine
CVE-2026-2709 (A flaw has been found in busy up to 2.5.5. The affected element is an ...)
TODO: check
CVE-2026-2706 (A flaw has been found in code-projects Patient Record Management Syste ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-2705 (A vulnerability was detected in Open Babel up to 3.1.1. The impacted e ...)
TODO: check
CVE-2026-2704 (A security vulnerability has been detected in Open Babel up to 3.1.1. ...)
@@ -21,11 +21,11 @@ CVE-2026-2693 (A vulnerability was determined in CoCoTeaNet CyreneAdmin up to 1.
CVE-2026-2692 (A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This ...)
TODO: check
CVE-2026-2691 (A vulnerability has been found in itsourcecode Event Management System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-2690 (A flaw has been found in itsourcecode Event Management System 1.0. Aff ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-2689 (A vulnerability was detected in itsourcecode Event Management System 1 ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-2686 (A security vulnerability has been detected in SECCN Dingcheng G10 3.1. ...)
TODO: check
CVE-2026-2684 (A vulnerability was determined in Tsinghua Unigroup Electronic Archive ...)
@@ -39,7 +39,7 @@ CVE-2026-2676 (A weakness has been identified in GoogTech sms-ssm up to e8534c76
CVE-2026-2672 (A security flaw has been discovered in Tsinghua Unigroup Electronic Ar ...)
TODO: check
CVE-2026-2670 (A vulnerability was identified in Advantech WISE-6610 1.2.1_20251110. ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2026-2669 (A vulnerability was determined in Rongzhitong Visual Integrated Comman ...)
TODO: check
CVE-2026-2668 (A vulnerability was found in Rongzhitong Visual Integrated Command and ...)
@@ -51,13 +51,13 @@ CVE-2026-2666 (A flaw has been found in mingSoft MCMS 6.1.1. The affected elemen
CVE-2026-2665 (A vulnerability was detected in huanzi-qch base-admin up to 57a8126bb3 ...)
TODO: check
CVE-2026-2504 (The Dealia \u2013 Request a quote plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2502 (The xmlrpc attacks blocker plugin for WordPress is vulnerable to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2284 (The News Element Elementor Blog Magazine plugin for WordPress is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2282 (The Slidorion plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-27182 (Saturn Remote Mouse Server contains a command injection vulnerability ...)
TODO: check
CVE-2026-27181 (MajorDoMo (aka Major Domestic Module) allows unauthenticated arbitrary ...)
@@ -113,47 +113,47 @@ CVE-2026-24743 (InvoicePlane is a self-hosted open source application for managi
CVE-2026-24126 (Weblate is a web based localization tool. Prior to 5.16.0, the SSH man ...)
TODO: check
CVE-2026-1999 (An incorrect authorization vulnerability was identified in GitHub Ente ...)
- TODO: check
+ NOT-FOR-US: Github Enterprise Server
CVE-2026-1994 (The s2Member plugin for WordPress is vulnerable to privilege escalatio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1646 (The Advance Block Extend plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1455 (The Whatsiplus Scheduled Notification for Woocommerce plugin for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1405 (The Slider Future plugin for WordPress is vulnerable to arbitrary file ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1373 (The Easy Author Image plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1355 (A Missing Authorization vulnerability was identified in GitHub Enterpr ...)
- TODO: check
+ NOT-FOR-US: Github Enterprise Server
CVE-2026-1055 (The TalkJS plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1047 (The salavat counter Plugin plugin for WordPress is vulnerable to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1044 (The Tennis Court Bookings plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1043 (The PostmarkApp Email Integrator plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0974 (The Orderable \u2013 WordPress Restaurant Online Ordering System and F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0926 (The Prodigy Commerce plugin for WordPress is vulnerable to Local File ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0912 (The Toret Manager plugin for WordPress is vulnerable to unauthorized m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0722 (The Shield Security plugin for WordPress is vulnerable to Cross-Site R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0573 (An URL redirection vulnerability was identified in GitHub Enterprise S ...)
- TODO: check
+ NOT-FOR-US: Github Enterprise Server
CVE-2026-0561 (The Shield Security plugin for WordPress is vulnerable to Reflected Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0556 (The XO Event Calendar plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0549 (The Groups plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4960 (The com.epson.InstallNavi.helper tool, deployed with the EPSON printer ...)
TODO: check
CVE-2025-4521 (The IDonate \u2013 Blood Donation, Request And Donor Management System ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15586 (OGP-Website installs prior git commit 52f865a4fba763594453068acf8fa9e3 ...)
TODO: check
CVE-2025-15585 (Fileflows versions before 25.05.2 are affected by an authenticated SQL ...)
@@ -161,105 +161,105 @@ CVE-2025-15585 (Fileflows versions before 25.05.2 are affected by an authenticat
CVE-2025-15581 (Orthanc versions before 1.12.10 are affected by an authorisation logic ...)
TODO: check
CVE-2025-15041 (The BackWPup \u2013 WordPress Backup & Restore Plugin plugin for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14983 (The Advanced Custom Fields: Font Awesome Field plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14864 (The Virusdie - One-click website security plugin for WordPress is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14851 (The YaMaps for WordPress plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14452 (The WP Customer Reviews plugin for WordPress is vulnerable to Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14445 (The Image Hotspot by DevVN plugin for WordPress is vulnerable to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14427 (The Shield Security: Blocks Bots, Protects Users, and Prevents Securit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14357 (The Mega Store Woocommerce theme for WordPress is vulnerable to unauth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14342 (The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14294 (The Razorpay for WooCommerce plugin for WordPress is vulnerable to una ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14270 (The OneClick Chat to Order plugin for WordPress is vulnerable to autho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14167 (The Remove Post Type Slug plugin for WordPress is vulnerable to Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14076 (The iXML \u2013 Google XML sitemap generator plugin for WordPress is v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13930 (The Checkout Field Manager (Checkout Manager) for WooCommerce plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13864 (The Breeze - WordPress Cache Plugin plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13851 (The Buyent Classified plugin for WordPress (bundled with Buyent theme) ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13842 (The Breadcrumb NavXT plugin for WordPress is vulnerable to authorizati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13738 (The Easy Table of Contents plugin for WordPress is vulnerable to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13732 (The s2Member \u2013 Excellent for All Kinds of Memberships, Content Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13617 (The Apollo13 Framework Extensions plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13612 (The Album and Image Gallery plus Lightbox plugin for WordPress is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13603 (The WP AUDIO GALLERY plugin for WordPress is vulnerable to Unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13587 (The Two Factor (2FA) Authentication via Email plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13563 (The Lizza LMS Pro plugin for WordPress is vulnerable to Privilege Esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13438 (The Page Title, Description & Open Graph Updater plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13413 (The Country Blocker for AdSense plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13113 (The Web Accessibility by accessiBe plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13091 (The Shopire theme for WordPress is vulnerable to unauthorized modifica ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13079 (The Popup Builder \u2013 Create highly converting, mobile friendly mar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13048 (The StatCounter \u2013 Free Real Time Visitor Stats plugin for WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12975 (The CTX Feed \u2013 WooCommerce Product Feed Manager plugin for WordPr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12884 (The Advanced Ads \u2013 Ad Manager & AdSense plugin for WordPress is v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12882 (The Clasifico Listing plugin for WordPress is vulnerable to privilege ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12845 (The Tablesome Table \u2013 Contact Form DB \u2013 WPForms, CF7, Gravit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12821 (The NewsBlogger theme for WordPress is vulnerable to Cross-Site Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12812 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-12811 (Improper Inconsistent Interpretation of HTTP Requests ('HTTP Request S ...)
TODO: check
CVE-2025-12707 (The Library Management System plugin for WordPress is vulnerable to SQ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12500 (The Checkout Field Manager (Checkout Manager) for WooCommerce plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12451 (The Easy SVG Support plugin for WordPress is vulnerable to Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12448 (The Smartsupp \u2013 live chat, AI shopping assistant and chatbots plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12375 (The Printful Integration for WooCommerce plugin for WordPress is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12172 (The Mailchimp List Subscribe Form plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12117 (The Renden theme for WordPress is vulnerable to Stored Cross-Site Scri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12116 (The Drift theme for WordPress is vulnerable to Stored Cross-Site Scrip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12081 (The ACF Photo Gallery Field plugin for WordPress is vulnerable to unau ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12027 (The Mesmerize Companion plugin for WordPress is vulnerable to unauthor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11754 (The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11725 (The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11706 (The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2019-25401 (Bematech (formerly Logic Controls, now Elgin) MP-4200 TH printer conta ...)
TODO: check
CVE-2019-25400 (IPFire 2.21 Core Update 127 contains multiple reflected cross-site scr ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73c8c340684023d38ce1bd14dc09fe7028eeb077
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73c8c340684023d38ce1bd14dc09fe7028eeb077
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260219/f9349fb1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list