[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Feb 19 20:14:12 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3ef85dec by security tracker role at 2026-02-19T20:14:06+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,9 +7,9 @@ CVE-2026-2736 (Reflected Cross-site Scripting (XSS) in Alkacon's OpenCms v18.0,
CVE-2026-2735 (Stored Cross-Site Scripting (XSS) in Alkacon's OpenCms v18.0, which oc ...)
TODO: check
CVE-2026-2718 (The Dealia \u2013 Request a Quote plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2716 (The Client Testimonial Slider plugin for WordPress is vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2409 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2026-2274 (A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Googl ...)
@@ -17,7 +17,7 @@ CVE-2026-2274 (A SSRF and Arbitrary File Read vulnerability in AppSheet Core in
CVE-2026-2243 (A flaw was found in QEMU. A specially crafted VMDK image could trigger ...)
TODO: check
CVE-2026-2232 (The Product Table and List Builder for WooCommerce Lite plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-27475 (SPIP before 4.4.9 allows Insecure Deserialization in the public area t ...)
TODO: check
CVE-2026-27474 (SPIP before 4.4.9 allows Cross-Site Scripting (XSS) in the private are ...)
@@ -27,45 +27,45 @@ CVE-2026-27473 (SPIP before 4.4.9 allows Stored Cross-Site Scripting (XSS) via s
CVE-2026-27472 (SPIP before 4.4.9 allows Blind Server-Side Request Forgery (SSRF) via ...)
TODO: check
CVE-2026-27094 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27092 (Missing Authorization vulnerability in Greg Winiarski WPAdverts wpadve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27090 (Cross-Site Request Forgery (CSRF) vulnerability in WP Moose Kenta Comp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27074 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27069 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27066 (Missing Authorization vulnerability in PI Web Solution Live sales noti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27059 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27058 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27057 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27056 (Missing Authorization vulnerability in StellarWP iThemes Sync ithemes- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27055 (Missing Authorization vulnerability in PenciDesign Penci AI SmartConte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27052 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27050 (Cross-Site Request Forgery (CSRF) vulnerability in ThimPress RealPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27042 (Missing Authorization vulnerability in WPDeveloper NotificationX notif ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27013 (Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0 ...)
TODO: check
CVE-2026-26362 (Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Relative Pa ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26361 (Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External C ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26360 (Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External C ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26359 (Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External C ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26358 (Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Missing Aut ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26345 (SPIP before 4.4.8 allows Cross-Site Scripting (XSS) in the public area ...)
TODO: check
CVE-2026-26339 (Hyland Alfresco Transformation Service allows unauthenticated attacker ...)
@@ -105,7 +105,7 @@ CVE-2026-26189 (Trivy Action runs Trivy as GitHub action to scan a Docker contai
CVE-2026-26063 (CediPay is a crypto-to-fiat app for the Ghanaian market. A vulnerabili ...)
TODO: check
CVE-2026-26059 (ChurchCRM is an open-source church management system. In versions prio ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2026-26057 (Skill Scanner is a security scanner for AI Agent Skills that detects p ...)
TODO: check
CVE-2026-26030 (Semantic Kernel, Microsoft's semantic kernel Python SDK, has a remote ...)
@@ -129,181 +129,181 @@ CVE-2026-25535 (jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.
CVE-2026-25527 (changedetection.io is a free open source web page change detection too ...)
TODO: check
CVE-2026-25473 (Missing Authorization vulnerability in AA-Team WZone woozone allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25472 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25463 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25459 (Missing Authorization vulnerability in uixthemes Sober sober allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25453 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25451 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25441 (Missing Authorization vulnerability in LeadConnector LeadConnector lea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25432 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25428 (Server-Side Request Forgery (SSRF) vulnerability in totalsoft TS Poll ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25423 (Missing Authorization vulnerability in creativeinteractivemedia Real 3 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25422 (Cross-Site Request Forgery (CSRF) vulnerability in Themes4WP Popularis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25420 (Missing Authorization vulnerability in MailerLite MailerLite official- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25419 (Missing Authorization vulnerability in flycart UpsellWP checkout-upsel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25418 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25416 (Missing Authorization vulnerability in blazethemes News Kit Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25415 (Missing Authorization vulnerability in iqonicdesign WPBookit Pro wpboo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25412 (Missing Authorization vulnerability in mdempfle Advanced iFrame advanc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25411 (Cross-Site Request Forgery (CSRF) vulnerability in themastercut Revisi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25410 (Missing Authorization vulnerability in tstephenson WP-CORS wp-cors all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25409 (Missing Authorization vulnerability in crgeary JAMstack Deployments wp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25408 (Missing Authorization vulnerability in PluginRx Broken Link Notifier b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25407 (Missing Authorization vulnerability in cookiebot Cookiebot cookiebot a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25404 (Missing Authorization vulnerability in Automattic WP Job Manager wp-jo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25402 (Missing Authorization vulnerability in echoplugins Knowledge Base for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25399 (Missing Authorization vulnerability in CryoutCreations Serious Slider ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25395 (Missing Authorization vulnerability in ikreatethemes Business Roy busi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25394 (Missing Authorization vulnerability in sparklewpthemes Fitness FSE fit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25393 (Missing Authorization vulnerability in sparklewpthemes Hello FSE hello ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25392 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in K ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25391 (Missing Authorization vulnerability in WP Grids WP Wand ai-content-gen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25389 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25388 (Missing Authorization vulnerability in scripteo Ads Pro ap-plugin-scri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25387 (Missing Authorization vulnerability in Elementor Image Optimizer by El ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25386 (Missing Authorization vulnerability in Elementor Ally pojo-accessibili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25385 (Server-Side Request Forgery (SSRF) vulnerability in KaizenCoders URL S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25384 (Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25378 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25375 (Missing Authorization vulnerability in WP Chill Image Photo Gallery Fi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25374 (Missing Authorization vulnerability in raratheme Spa and Salon spa-and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25372 (Missing Authorization vulnerability in Kodezen LLC Academy LMS academy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25370 (Missing Authorization vulnerability in AresIT WP Compress wp-compress- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25368 (Missing Authorization vulnerability in codepeople Calculated Fields Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25367 (Missing Authorization vulnerability in NooTheme CitiLights noo-citilig ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25364 (Missing Authorization vulnerability in BoldGrid Client Invoicing by Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25363 (Missing Authorization vulnerability in FooPlugins FooGallery foogaller ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25362 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25348 (Missing Authorization vulnerability in alttextai Download Alt Text AI ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25343 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25338 (Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25337 (Cross-Site Request Forgery (CSRF) vulnerability in wpcoachify Coachify ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25336 (Missing Authorization vulnerability in wpcoachify Coachify coachify al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25335 (Missing Authorization vulnerability in Ays Pro Secure Copy Content Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25333 (Missing Authorization vulnerability in peregrinethemes Shopwell shopwe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25332 (Missing Authorization vulnerability in Fahad Mahmood Endless Posts Nav ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25331 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25330 (Missing Authorization vulnerability in PublishPress PublishPress Autho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25329 (Missing Authorization vulnerability in ExpressTech Systems Quiz And Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25326 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25325 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25324 (Authorization Bypass Through User-Controlled Key vulnerability in Expr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25323 (Missing Authorization vulnerability in MiKa OSM osm allows Exploiting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25322 (Cross-Site Request Forgery (CSRF) vulnerability in PublishPress Publis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25321 (Missing Authorization vulnerability in PSM Plugins SupportCandy suppor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25320 (Missing Authorization vulnerability in Cool Plugins Elementor Contact ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25319 (Cross-Site Request Forgery (CSRF) vulnerability in wpzita Zita Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25318 (Missing Authorization vulnerability in Wisernotify team WiserReview Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25316 (Deserialization of Untrusted Data vulnerability in Brainstorm Force Ca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25315 (Missing Authorization vulnerability in hcaptcha hCaptcha for WP hcaptc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25314 (Missing Authorization vulnerability in WP Messiah TOP Table Of Content ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25313 (Missing Authorization vulnerability in Shahjahan Jewel FluentForm flue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25311 (Missing Authorization vulnerability in 10up Autoshare for Twitter auto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25310 (Server-Side Request Forgery (SSRF) vulnerability in Alobaidi Extend Li ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25308 (Missing Authorization vulnerability in wp.insider Simple Membership si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25307 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25305 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25008 (Insertion of Sensitive Information Into Sent Data vulnerability in Sha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25006 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25005 (Authorization Bypass Through User-Controlled Key vulnerability in N-Me ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25004 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25003 (Missing Authorization vulnerability in madalin.ungureanu Client Portal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25000 (Missing Authorization vulnerability in Kraft Plugins Wheel of Life whe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24999 (Missing Authorization vulnerability in Alma Alma alma-gateway-for-wooc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24834 (Kata Containers is an open source project focusing on a standard imple ...)
TODO: check
CVE-2026-24392 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24375 (Missing Authorization vulnerability in WP Swings Ultimate Gift Cards F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23805 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23804 (Missing Authorization vulnerability in BBR Plugins Better Business Rev ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23803 (Server-Side Request Forgery (SSRF) vulnerability in Burhan Nasir Smart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23621 (GFI MailEssentials AI versions prior to22.4 contain an arbitrary direc ...)
TODO: check
CVE-2026-23620 (GFI MailEssentials AI versions prior to22.4 contain an arbitrary file ...)
@@ -341,39 +341,39 @@ CVE-2026-23605 (GFI MailEssentials AI versions prior to22.4 contain a stored cro
CVE-2026-23604 (GFI MailEssentials AI versions prior to22.4 contain a stored cross-sit ...)
TODO: check
CVE-2026-23549 (Deserialization of Untrusted Data vulnerability in magepeopleteam WpEv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23548 (Missing Authorization vulnerability in designinvento DirectoryPress di ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23547 (Missing Authorization vulnerability in cmsmasters CMSMasters Content C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23545 (Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cach ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23544 (Deserialization of Untrusted Data vulnerability in codetipi Valenti va ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23543 (Missing Authorization vulnerability in WPDeveloper Essential Addons fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23542 (Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23541 (Missing Authorization vulnerability in WPFunnels Mail Mint mail-mint a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22422 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22333 (Deserialization of Untrusted Data vulnerability in YITHEMES YITH WooCo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22269 (Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22268 (Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22267 (Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22266 (Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-1581 (The wpForo Forum plugin for WordPress is vulnerable to time-based SQL ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1461 (The Simple Membership plugin for WordPress is vulnerable to Improper H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1219 (The MP3 Audio Player \u2013 Music Player, Podcast Player & Radio by So ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9953 (Authorization Bypass Through User-Controlled SQL Primary Key vulnerabi ...)
TODO: check
CVE-2025-9062 (Authorization Bypass Through User-Controlled Key vulnerability in MeCO ...)
@@ -425,9 +425,9 @@ CVE-2025-15560 (An authenticated attacker with minimal permissions can exploit a
CVE-2025-15559 (An unauthenticated attacker can inject OS commands when calling a serv ...)
TODO: check
CVE-2025-13590 (A malicious actor with administrative privileges can upload an arbitra ...)
- TODO: check
+ NOT-FOR-US: WSO2
CVE-2025-12107 (Due to the use of a vulnerable third-party Velocity template engine, a ...)
- TODO: check
+ NOT-FOR-US: WSO2
CVE-2019-25430 (Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting v ...)
TODO: check
CVE-2019-25429 (Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting v ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef85deccf93a57e76f212c6e9f9ebd33cee3940
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef85deccf93a57e76f212c6e9f9ebd33cee3940
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260219/cd907ec4/attachment.htm>
More information about the debian-security-tracker-commits
mailing list