[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jan 22 20:14:09 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e5dd4f7c by security tracker role at 2026-01-22T20:14:00+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,53 +1,53 @@
CVE-2026-24390 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24389 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24388 (Missing Authorization vulnerability in Ludwig You WPMasterToolKit wpma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24387 (Missing Authorization vulnerability in Arul Prasad J WP Quick Post Dup ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24386 (Missing Authorization vulnerability in Element Invader Element Invader ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24384 (Cross-Site Request Forgery (CSRF) vulnerability in launchinteractive M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24383 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24381 (Server-Side Request Forgery (SSRF) vulnerability in ThemeGoods PhotoMe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24380 (Missing Authorization vulnerability in Metagauss EventPrime eventprime ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24379 (Authorization Bypass Through User-Controlled Key vulnerability in wpjo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24377 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24374 (Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Registrat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24371 (Missing Authorization vulnerability in bookingalgorithms BA Book Every ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24368 (Missing Authorization vulnerability in Theme-one The Grid the-grid all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24367 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24366 (Missing Authorization vulnerability in YITHEMES YITH WooCommerce Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24365 (Cross-Site Request Forgery (CSRF) vulnerability in storeapps Stock Man ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24361 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24360 (Server-Side Request Forgery (SSRF) vulnerability in Craig Hewitt Serio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24358 (Missing Authorization vulnerability in ExpressTech Systems Quiz And Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24357 (Missing Authorization vulnerability in Brecht WP Recipe Maker wp-recip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24356 (Missing Authorization vulnerability in Roxnor GetGenie getgenie allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24355 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24354 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24353 (Missing Authorization vulnerability in wpeverest User Registration use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24332 (Discord through 2026-01-16 allows gathering information about whether ...)
TODO: check
CVE-2026-24055 (Langfuse is an open source large language model engineering platform. ...)
@@ -95,13 +95,13 @@ CVE-2026-23990 (The Flux Operator is a Kubernetes CRD controller that manages th
CVE-2026-23986 (Copier is a library and CLI app for rendering project templates. Prior ...)
TODO: check
CVE-2026-23978 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23976 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23975 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23974 (Missing Authorization vulnerability in uxper Golo golo allows Exploiti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23968 (Copier is a library and CLI app for rendering project templates. Prior ...)
TODO: check
CVE-2026-23967 (sm-crypto provides JavaScript implementations of the Chinese cryptogra ...)
@@ -123,7 +123,7 @@ CVE-2026-23960 (Argo Workflows is an open source container-native workflow engin
CVE-2026-23959 (CoreShop is a Pimcore enhanced eCommerce solution. An error-based SQL ...)
TODO: check
CVE-2026-23958 (Dataease is an open source data visualization analysis tool. Prior to ...)
- TODO: check
+ NOT-FOR-US: DataEase
CVE-2026-23957 (seroval facilitates JS value stringification, including complex struct ...)
TODO: check
CVE-2026-23956 (seroval facilitates JS value stringification, including complex struct ...)
@@ -183,93 +183,93 @@ CVE-2026-22792 (5ire is a cross-platform desktop artificial intelligence assista
CVE-2026-22598 (ManageIQ is an open-source management platform. A flaw was found in th ...)
TODO: check
CVE-2026-22483 (Cross-Site Request Forgery (CSRF) vulnerability in winkm89 teachPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22482 (Server-Side Request Forgery (SSRF) vulnerability in wbolt.com IMGspide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22481 (Missing Authorization vulnerability in Rasedul Haque Rumi BD Courier O ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22472 (Missing Authorization vulnerability in hassantafreshi Easy Form Builde ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22470 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22469 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22468 (Missing Authorization vulnerability in AbsolutePlugins Absolute Addons ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22466 (Missing Authorization vulnerability in Chandni Patel WP MapIt wp-mapit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22464 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22463 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22462 (Cross-Site Request Forgery (CSRF) vulnerability in richardevcom Add Po ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22461 (Missing Authorization vulnerability in WebAppick CTX Feed webappick-pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22458 (Missing Authorization vulnerability in Mikado-Themes Wanderland wander ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22450 (Missing Authorization vulnerability in Select-Themes Don Peppe donpepp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22447 (Missing Authorization vulnerability in Select-Themes Prowess prowess a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22445 (Missing Authorization vulnerability in Proptech Plugin Apimo Connector ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22430 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22426 (Authorization Bypass Through User-Controlled Key vulnerability in Elat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22411 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22409 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22407 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22406 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22404 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22402 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22401 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22400 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22398 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22396 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22393 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22391 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22388 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22382 (Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes PawFr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22360 (Cross-Site Request Forgery (CSRF) vulnerability in AA-Team SearchAzon ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22359 (Cross-Site Request Forgery (CSRF) vulnerability in AA-Team Wordpress M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22358 (Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft Elec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22355 (Cross-Site Request Forgery (CSRF) vulnerability in gregmolnar Simple X ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22353 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22349 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22348 (Missing Authorization vulnerability in Tasos Fel Civic Cookie Control ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22347 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22281 (Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22280 (Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22279 (Dell PowerScale OneFS, versions prior 9.13.0.0, contains an insufficie ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22278 (Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-21852 (Claude Code is an agentic coding tool. Prior to version 2.0.65, vulner ...)
TODO: check
CVE-2026-1332 (MeetingHub developed by HAMASTAR Technology has a Missing Authenticati ...)
@@ -279,13 +279,13 @@ CVE-2026-1331 (MeetingHub developed by HAMASTAR Technology has an Arbitrary File
CVE-2026-1330 (MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read ...)
TODO: check
CVE-2026-1329 (A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-1328 (A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-1327 (A security vulnerability has been detected in Totolink NR1800X 9.1.0u. ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-1326 (A weakness has been identified in Totolink NR1800X 9.1.0u.6279_B202109 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-1325 (A security flaw has been discovered in Sangfor Operation and Maintenan ...)
TODO: check
CVE-2026-1324 (A vulnerability was identified in Sangfor Operation and Maintenance Ma ...)
@@ -295,19 +295,19 @@ CVE-2026-1260 (Invalid memory access in Sentencepiece versions less than 0.2.1 w
CVE-2026-1225 (ACE vulnerability in configuration file processing by QOS.CH logback- ...)
TODO: check
CVE-2026-1036 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0920 (The LA-Studio Element Kit for Elementor plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0535 (A maliciously crafted HTML payload, stored in a component\u2019s descr ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2026-0534 (A maliciously crafted HTML payload, stored in a part\u2019s attribute ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2026-0533 (A maliciously crafted HTML payload in a design name, when displayed du ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2025-71176 (pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytes ...)
TODO: check
CVE-2025-70899 (PHPgurukul Online Course Registration v3.1 lacks Cross-Site Request Fo ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-69828 (File Upload vulnerability in TMS Global Software TMS Management Consol ...)
TODO: check
CVE-2025-69822 (An issue in Atomberg Atomberg Erica Smart Fan Firmware Version: V1.0.3 ...)
@@ -317,517 +317,517 @@ CVE-2025-69821 (An issue in Beat XP VEGA Smartwatch (Firmware Version - RB303ATV
CVE-2025-69820 (Directory Traversal vulnerability in Beam beta9 v.0.1.552 allows a rem ...)
TODO: check
CVE-2025-69764 (Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-69612 (A path traversal vulnerability exists in TMS Management Console (versi ...)
TODO: check
CVE-2025-69321 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69320 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69319 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69318 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69317 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69316 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69315 (Missing Authorization vulnerability in NSquared Simply Schedule Appoin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69314 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69313 (Missing Authorization vulnerability in WPXPO PostX ultimate-post allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69312 (Unrestricted Upload of File with Dangerous Type vulnerability in Xpro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69311 (Missing Authorization vulnerability in Broadstreet Broadstreet Ads bro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69300 (Missing Authorization vulnerability in Leap13 Premium Addons for Eleme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69293 (Incorrect Privilege Assignment vulnerability in e-plugins Final User f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69292 (Incorrect Privilege Assignment vulnerability in e-plugins WP Membershi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69285 (SQLBot is an intelligent data query system based on a large language m ...)
TODO: check
CVE-2025-69193 (Missing Authorization vulnerability in e-plugins WP Membership wp-memb ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69192 (Missing Authorization vulnerability in e-plugins Real Estate Pro real- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69191 (Missing Authorization vulnerability in e-plugins ListingHub listinghub ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69190 (Missing Authorization vulnerability in e-plugins Listihub listihub all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69188 (Missing Authorization vulnerability in e-plugins fitness-trainer fitne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69187 (Missing Authorization vulnerability in e-plugins Final User final-user ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69186 (Missing Authorization vulnerability in e-plugins Hospital Doctor Direc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69185 (Missing Authorization vulnerability in e-plugins Hotel Listing hotel-l ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69184 (Missing Authorization vulnerability in e-plugins Institutions Director ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69183 (Incorrect Privilege Assignment vulnerability in e-plugins Hospital Doc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69182 (Incorrect Privilege Assignment vulnerability in e-plugins Institutions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69181 (Missing Authorization vulnerability in e-plugins Lawyer Directory lawy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69180 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69102 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69101 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69100 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69099 (Deserialization of Untrusted Data vulnerability in fuelthemes North no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69098 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69097 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69095 (Missing Authorization vulnerability in designthemes Reservation Plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69079 (Deserialization of Untrusted Data vulnerability in ThemeREX Sound | Mu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69078 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69077 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69076 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69075 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69074 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69073 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69072 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69071 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69070 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69068 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69067 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69066 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69065 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69064 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69062 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69061 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69060 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69059 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69058 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69057 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69056 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69055 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69054 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69053 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69052 (Missing Authorization vulnerability in FmeAddons Registration & Login ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69051 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69050 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69049 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69048 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69047 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69046 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69045 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69044 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69043 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69042 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69041 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69040 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69039 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69038 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69037 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69036 (Deserialization of Untrusted Data vulnerability in strongholdthemes Te ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69035 (Deserialization of Untrusted Data vulnerability in strongholdthemes De ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69005 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69004 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69003 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69002 (Deserialization of Untrusted Data vulnerability in designthemes OneLif ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69001 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68999 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68986 (Unrestricted Upload of File with Dangerous Type vulnerability in zozot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68913 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68912 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68911 (Missing Authorization vulnerability in solacewp Solace solace allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68910 (Unrestricted Upload of File with Dangerous Type vulnerability in blaze ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68909 (Unrestricted Upload of File with Dangerous Type vulnerability in blaze ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68908 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68907 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68906 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68905 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68904 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68903 (Deserialization of Untrusted Data vulnerability in AivahThemes Anona a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68902 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68901 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68900 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68899 (Deserialization of Untrusted Data vulnerability in designthemes Vivagh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68898 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68896 (Missing Authorization vulnerability in vrpr WDV One Page Docs wdv-one- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68894 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68884 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68883 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68882 (Missing Authorization vulnerability in Scalenut Scalenut scalenut allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68881 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68871 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68869 (Incorrect Privilege Assignment vulnerability in LazyCoders LLC LazyTas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68866 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68864 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68859 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68858 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68857 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68849 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68839 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68838 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68835 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68609 (A vulnerability in Palantir's Aries service allowed unauthenticated ac ...)
- TODO: check
+ NOT-FOR-US: Palantir
CVE-2025-68558 (Missing Authorization vulnerability in averta Depicter Slider depicter ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68538 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68520 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68518 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68510 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68507 (Missing Authorization vulnerability in Icegram Icegram icegram allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68073 (Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68072 (Missing Authorization vulnerability in Merv Barrett Easy Property List ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68059 (Missing Authorization vulnerability in e-plugins Hotel Listing hotel-l ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68058 (Missing Authorization vulnerability in e-plugins Institutions Director ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68057 (Missing Authorization vulnerability in e-plugins Hospital Doctor Direc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68047 (Deserialization of Untrusted Data vulnerability in Arraytics Eventin w ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68046 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68041 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68039 (Missing Authorization vulnerability in Chris Simmons WP BackItUp wp-ba ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68035 (Insertion of Sensitive Information Into Sent Data vulnerability in tab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68034 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68030 (Server-Side Request Forgery (SSRF) vulnerability in WP Messiah Frontis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68027 (Incorrect Privilege Assignment vulnerability in Themefic Hydra Booking ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68020 (Missing Authorization vulnerability in WANotifier WANotifier notifier ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68019 (Missing Authorization vulnerability in cleverplugins SEO Booster seo-b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68018 (Missing Authorization vulnerability in ilmosys Order Listener for WooC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68017 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68016 (Missing Authorization vulnerability in Onepay Sri Lanka onepay Payment ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68015 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68013 (Missing Authorization vulnerability in cardpaysolutions Payment Gatewa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68012 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68011 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68010 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68009 (Missing Authorization vulnerability in Codeless Slider Templates slide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68008 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68007 (Missing Authorization vulnerability in Event Espresso Event Espresso 4 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68006 (Insertion of Sensitive Information Into Sent Data vulnerability in Dee ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68004 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68003 (Missing Authorization vulnerability in renatoatshown Shown Connector s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68001 (Unrestricted Upload of File with Dangerous Type vulnerability in garid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67968 (Unrestricted Upload of File with Dangerous Type vulnerability in Inspi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67967 (Missing Authorization vulnerability in e-plugins Lawyer Directory lawy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67966 (Incorrect Privilege Assignment vulnerability in e-plugins Lawyer Direc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67964 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67963 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67961 (Server-Side Request Forgery (SSRF) vulnerability in Marco van Wieren W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67960 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67959 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67958 (Missing Authorization vulnerability in Taxcloud TaxCloud for WooCommer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67957 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67956 (Missing Authorization vulnerability in wpeverest User Registration use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67955 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67954 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67953 (Incorrect Privilege Assignment vulnerability in Booking Activities Tea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67952 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67949 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67947 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67946 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67945 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67944 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67943 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67942 (Missing Authorization vulnerability in peachpayments Peach Payments Ga ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67941 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67940 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67939 (Missing Authorization vulnerability in Tickera Tickera tickera-event-t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67938 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67923 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67684 (Quick.Cart is vulnerable to Local File Inclusion and Path Traversal is ...)
TODO: check
CVE-2025-67683 (Quick.Cart is vulnerable to reflected XSS via the sSort parameter. An ...)
TODO: check
CVE-2025-67626 (Cross-Site Request Forgery (CSRF) vulnerability in Angel Costa WP SEO ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67620 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67619 (Deserialization of Untrusted Data vulnerability in designthemes Kids H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67617 (Deserialization of Untrusted Data vulnerability in themeton Consult Ai ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67616 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67615 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67614 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67221 (The orjson.dumps function in orjson thru 3.11.4 does not limit recursi ...)
TODO: check
CVE-2025-66428 (An issue with WordPress directory names in WebPros WordPress Toolkit b ...)
TODO: check
CVE-2025-66143 (Missing Authorization vulnerability in merkulove Crumber crumber-eleme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66142 (Missing Authorization vulnerability in merkulove Comparimager for Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66141 (Missing Authorization vulnerability in merkulove Scroller scroller all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66140 (Missing Authorization vulnerability in merkulove Uper for Elementor up ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66139 (Missing Authorization vulnerability in merkulove Audier For Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66138 (Missing Authorization vulnerability in merkulove Motionger for Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66137 (Missing Authorization vulnerability in merkulove Searcher for Elemento ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66136 (Missing Authorization vulnerability in merkulove Carter for Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66135 (Missing Authorization vulnerability in merkulove Imager for Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-65098 (Typebot is an open-source chatbot builder. In versions prior to 3.13.2 ...)
TODO: check
CVE-2025-64252 (Server-Side Request Forgery (SSRF) vulnerability in Marco Milesi ANAC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64097 (NervesHub is a web service that allows users to manage over-the-air (O ...)
TODO: check
CVE-2025-63051 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63026 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63019 (Insertion of Sensitive Information Into Sent Data vulnerability in Joh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63018 (Missing Authorization vulnerability in wproyal Bard bard allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63017 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62754 (Missing Authorization vulnerability in Kapil Paul Payment Gateway bKas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62741 (Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft Pool ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62106 (Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62077 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62056 (Unrestricted Upload of File with Dangerous Type vulnerability in blaze ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62050 (Unrestricted Upload of File with Dangerous Type vulnerability in blaze ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-5805 (Missing Authorization vulnerability in Ninetheme Electron electron all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-56590 (An issue was discovered in the InsertFromURL() function of the Apryse ...)
TODO: check
CVE-2025-56589 (A Local File Inclusion (LFI) and a Server-Side Request Forgery (SSRF) ...)
TODO: check
CVE-2025-54003 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54002 (Missing Authorization vulnerability in Jthemes xSmart xsmart allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53240 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52762 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52746 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50007 (Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50006 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50005 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50004 (Deserialization of Untrusted Data vulnerability in artbees JupiterX Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50003 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50002 (Unrestricted Upload of File with Dangerous Type vulnerability in Faros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-4764 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-4763 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2025-49994 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49375 (Missing Authorization vulnerability in cozythemes HomeLancer homelance ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49336 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49249 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49066 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49055 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49050 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49049 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49046 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49045 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49043 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48094 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47666 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47600 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47555 (Authorization Bypass Through User-Controlled Key vulnerability in Them ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47500 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47474 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-36588 (Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improp ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-32123 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32057 (The Infotainment ECU manufactured by Bosch which is installed in Nissa ...)
TODO: check
CVE-2025-32056 (The anti-theft protection mechanism can be bypassed by attackers due t ...)
TODO: check
CVE-2025-31413 (Cross-Site Request Forgery (CSRF) vulnerability in bdthemes Element Pa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27380 (HTML injection in Project Release in Altium Enterprise Server (AES) 7. ...)
TODO: check
CVE-2025-27379 (A stored cross-site scripting (XSS) vulnerability in the BOM Viewer in ...)
@@ -837,11 +837,11 @@ CVE-2025-27378 (AES contains a SQL injection vulnerability due to an inactive co
CVE-2025-27377 (Altium Designer version 24.9.0 does not validate self-signed server ce ...)
TODO: check
CVE-2025-27005 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-15523 (MacOS version of Inkscape bundles a Python interpreter that inherits t ...)
TODO: check
CVE-2025-14295 (Storing Passwords in a Recoverable Format vulnerability in Automated L ...)
- TODO: check
+ NOT-FOR-US: Carrier Global
CVE-2025-12738 (Neo4j Enterprise edition versions prior to 2025.11.2 and 5.26.17 are v ...)
TODO: check
CVE-2025-10856 (Unrestricted Upload of File with Dangerous Type vulnerability in Solve ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5dd4f7c5d159cb7cd13f3308d6c47f7afd947f8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5dd4f7c5d159cb7cd13f3308d6c47f7afd947f8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260122/53c877a6/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list