[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Feb 20 20:14:20 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
88d3469c by security tracker role at 2026-02-20T20:14:13+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2026-2854 (A flaw has been found in D-Link DWR-M960 1.01.07. This impacts the fun ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-2853 (A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-2852 (A vulnerability was identified in yeqifu warehouse up to aaf29962ba407 ...)
TODO: check
CVE-2026-2851 (A vulnerability was determined in yeqifu warehouse up to aaf29962ba407 ...)
@@ -11,17 +11,17 @@ CVE-2026-2850 (A vulnerability was found in yeqifu warehouse up to aaf29962ba407
CVE-2026-2849 (A vulnerability has been found in yeqifu warehouse up to aaf29962ba407 ...)
TODO: check
CVE-2026-2848 (A flaw has been found in SourceCodester Simple Responsive Tourism Webs ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-2847 (A vulnerability was detected in UTT HiPER 520 1.7.7-160105. Affected i ...)
TODO: check
CVE-2026-2846 (A security vulnerability has been detected in UTT HiPER 520 1.7.7-1601 ...)
TODO: check
CVE-2026-2832 (Certain Samsung MultiXpress Multifunction Printers may be vulnerable t ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2026-2818 (A zip-slip path traversal vulnerability in Spring Data Geode's import ...)
TODO: check
CVE-2026-2486 (The Master Addons For Elementor plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2473 (Predictable bucket naming in Vertex AI Experiments in Google Cloud Ver ...)
TODO: check
CVE-2026-2472 (Stored Cross-Site Scripting (XSS) in the _genai/_evals_visualization c ...)
@@ -41,7 +41,7 @@ CVE-2026-27502 (SVXportal version 2.5 and prior contain a reflected cross-site s
CVE-2026-27115 (ADB Explorer is a fluent UI for ADB on Windows. Versions 0.9.26020 and ...)
TODO: check
CVE-2026-27072 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-26747 (A Host Header Poisoning vulnerability exists in Monica 4.1.2 due to im ...)
TODO: check
CVE-2026-26746 (OpenSourcePOS 3.4.1 contains a Local File Inclusion (LFI) vulnerabilit ...)
@@ -85,27 +85,27 @@ CVE-2026-26048 (The Wi-Fi router is vulnerable to de-authentication attacks due
CVE-2026-25715 (The web management interface of the device allows the administrator u ...)
TODO: check
CVE-2026-24959 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24956 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24955 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24953 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24950 (Authorization Bypass Through User-Controlled Key vulnerability in them ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24949 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24948 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24946 (Missing Authorization vulnerability in tychesoftwares Print Invoice & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24944 (Missing Authorization vulnerability in weDevs Subscribe2 subscribe2 al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24943 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24941 (Missing Authorization vulnerability in wpjobportal WP Job Portal wp-jo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24891 (openITCOCKPIT is an open source monitoring tool built for different mo ...)
TODO: check
CVE-2026-24790 (The underlying PLC of the device can be remotely influenced, without p ...)
@@ -115,73 +115,73 @@ CVE-2026-24455 (The embedded web interface of the device does not support HTTPS/
CVE-2026-22885 (A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and ...)
TODO: check
CVE-2026-22384 (Deserialization of Untrusted Data vulnerability in leafcolor Applay - ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22383 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22381 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22380 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22379 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22378 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22377 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22376 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22375 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22374 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22373 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22372 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22371 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22370 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22369 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22368 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22367 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22366 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22365 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22364 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22363 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22362 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22361 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22357 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22356 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22354 (Deserialization of Untrusted Data vulnerability in Dotstore Woocommerc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22352 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22351 (Missing Authorization vulnerability in Marcus (aka @msykes) WP FullCal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22350 (Missing Authorization vulnerability in add-ons.org PDF for Elementor F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22346 (Deserialization of Untrusted Data vulnerability in A WP Life Slider Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22345 (Deserialization of Untrusted Data vulnerability in A WP Life Image Gal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22344 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22341 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-21627 (The vulnerability was rooted in how the Tassos Framework plugin handle ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2026-21620 (Relative Path Traversal, Improper Isolation or Compartmentalization vu ...)
TODO: check
CVE-2026-20761 (A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and ...)
@@ -193,355 +193,355 @@ CVE-2025-70833 (An Authentication Bypass vulnerability in Smanga 3.2.7 allows an
CVE-2025-70831 (A Remote Code Execution (RCE) vulnerability was found in Smanga 3.2.7 ...)
TODO: check
CVE-2025-69410 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69409 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69408 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69407 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69406 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69405 (Deserialization of Untrusted Data vulnerability in ThemeREX Lorem Ipsu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69404 (Deserialization of Untrusted Data vulnerability in ThemeREX Extreme St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69403 (Unrestricted Upload of File with Dangerous Type vulnerability in Bravi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69402 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69401 (Authentication Bypass by Spoofing vulnerability in mdalabar WooODT Lit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69400 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69399 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69398 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69397 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69396 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69395 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69394 (Authorization Bypass Through User-Controlled Key vulnerability in cnvr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69393 (Missing Authorization vulnerability in Jthemes Exzo exzo allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69392 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69391 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69390 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69389 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69388 (Missing Authorization vulnerability in cliengo Cliengo \u2013 Chatbot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69387 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69386 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69385 (Missing Authorization vulnerability in AgniHD Cartify - WooCommerce Gu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69384 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69383 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69382 (Deserialization of Untrusted Data vulnerability in themesflat Themesfl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69381 (Missing Authorization vulnerability in vanquish WooCommerce Bulk Produ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69380 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69379 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69378 (Incorrect Privilege Assignment vulnerability in XforWooCommerce Produc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69377 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69376 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69375 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69374 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69373 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69372 (Deserialization of Untrusted Data vulnerability in AncoraThemes SevenH ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69371 (Deserialization of Untrusted Data vulnerability in AncoraThemes Kindly ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69370 (Deserialization of Untrusted Data vulnerability in ThemeGoods Capella ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69368 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69367 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69366 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69365 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69337 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69330 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69329 (Deserialization of Untrusted Data vulnerability in Jthemes Prestige pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69328 (Deserialization of Untrusted Data vulnerability in magepeopleteam Book ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69326 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69325 (Path Traversal: '.../...//' vulnerability in primersoftware Primer MyD ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69324 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69323 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69322 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69310 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69309 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69308 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69307 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69306 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69305 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69304 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69303 (Missing Authorization vulnerability in modeltheme ModelTheme Framework ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69302 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69301 (Deserialization of Untrusted Data vulnerability in ThemeGoods PhotoMe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69299 (Server-Side Request Forgery (SSRF) vulnerability in Laborator Oxygen o ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69298 (Missing Authorization vulnerability in GhostPool Gauge gauge allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69297 (Missing Authorization vulnerability in GhostPool Aardvark Plugin aardv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69296 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69295 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69294 (Deserialization of Untrusted Data vulnerability in fuelthemes PeakShop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69063 (Missing Authorization vulnerability in Saad Iqbal New User Approve new ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69011 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68895 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68880 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68863 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68862 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68856 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68855 (Insertion of Sensitive Information Into Sent Data vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68854 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68853 (Deserialization of Untrusted Data vulnerability in Kleor Contact Manag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68852 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68848 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68847 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68846 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68845 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68844 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68843 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68842 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68841 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68837 (Missing Authorization vulnerability in ELEXtensions ELEX WordPress Hel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68834 (Missing Authorization vulnerability in Saiful Islam Sync Master Sheet ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68564 (Missing Authorization vulnerability in sendy Sendy sendy allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68552 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68549 (Unrestricted Upload of File with Dangerous Type vulnerability in zozot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68545 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68543 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68542 (Missing Authorization vulnerability in vgdevsolutions Checkout Gateway ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68541 (Deserialization of Untrusted Data vulnerability in BoldThemes Ippsum i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68539 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68536 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68534 (Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68531 (Deserialization of Untrusted Data vulnerability in modeltheme ModelThe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68526 (Deserialization of Untrusted Data vulnerability in A WP Life Modal Pop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68514 (Authorization Bypass Through User-Controlled Key vulnerability in Cozm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68501 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68495 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68069 (Missing Authorization vulnerability in wpWax Directorist directorist a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68051 (Authorization Bypass Through User-Controlled Key vulnerability in Ship ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68050 (Missing Authorization vulnerability in Leadpages Leadpages leadpages a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68048 (Missing Authorization vulnerability in XLPlugins NextMove Lite woo-tha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68043 (Missing Authorization vulnerability in LottieFiles LottieFiles lottief ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68042 (Missing Authorization vulnerability in Travelpayouts Travelpayouts tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68037 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68032 (Missing Authorization vulnerability in Passionate Brains Advanced WC A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68031 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68028 (Missing Authorization vulnerability in Passionate Brains GA4WP: Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68026 (Missing Authorization vulnerability in Niaj Morshed LC Wizard ghl-wiza ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68025 (Missing Authorization vulnerability in Addonify Addonify Floating Cart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68024 (Missing Authorization vulnerability in Addonify Addonify \u2013 WooCom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68023 (Missing Authorization vulnerability in Addonify Addonify – Compa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68022 (Missing Authorization vulnerability in soporteblue Plugin BlueX for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68021 (Missing Authorization vulnerability in ConveyThis ConveyThis conveythi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68005 (Missing Authorization vulnerability in themewant Easy Hotel Booking ea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68002 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68000 (Missing Authorization vulnerability in PickPlugins Testimonial Slider ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67998 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67997 (Deserialization of Untrusted Data vulnerability in BoldThemes Travelic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67996 (Deserialization of Untrusted Data vulnerability in BoldThemes Nestin n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67995 (Deserialization of Untrusted Data vulnerability in LoftOcean PatioTime ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67994 (Missing Authorization vulnerability in YayCommerce YayCurrency yaycurr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67993 (Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67992 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67991 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67990 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67988 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67987 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67984 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67982 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67981 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67980 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67979 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67978 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67977 (Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67975 (Missing Authorization vulnerability in aDirectory aDirectory adirector ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67974 (Missing Authorization vulnerability in WP Legal Pages WPLegalPages wpl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67973 (Missing Authorization vulnerability in sunshinephotocart Sunshine Phot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67972 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67971 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67970 (Missing Authorization vulnerability in vertim Schedula schedula-smart- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67969 (Missing Authorization vulnerability in knitpay UPI QR Code Payment Gat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67624 (Missing Authorization vulnerability in Arya Dhiratara Optimize More! & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67547 (Missing Authorization vulnerability in uixthemes Konte konte allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67438 (A Stored Cross-Site Scripting (XSS) vulnerability in Sync-in Server be ...)
TODO: check
CVE-2025-60183 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60087 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53237 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53233 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53231 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53228 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53217 (Missing Authorization vulnerability in staviravn AIO WP Builder all-in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52744 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52603 (HCL Connections is vulnerable to information disclosure. In a very sp ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-15583 (A weakness has been identified in detronetdip E-commerce 1.0.0. This a ...)
TODO: check
CVE-2025-15582 (A security flaw has been discovered in detronetdip E-commerce 1.0.0. T ...)
TODO: check
CVE-2025-14547 (An integer underflow vulnerability is present in Silicon Lab\u2019s im ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2025-14055 (An integer underflow vulnerability in Silicon Labs Secure NCP host imp ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2025-10970 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2024-56208 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-54222 (Missing Authorization vulnerability in Seraphinite Solutions Seraphini ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-52387 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-51915 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-50555 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-50452 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-43228 (Missing Authorization vulnerability in SecuPress SecuPress Free secupr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-34438 (Missing Authorization vulnerability in Anssi Laitila Shared Files shar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2019-25445 (Fiverr Clone Script 1.2.2 contains a cross-site scripting vulnerabilit ...)
TODO: check
CVE-2019-25444 (Fiverr Clone Script 1.2.2 contains an SQL injection vulnerability that ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88d3469c9e1930bacca05d979697dccc2334df11
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88d3469c9e1930bacca05d979697dccc2334df11
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260220/7379b04f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list