[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jan 23 20:14:31 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6ea39d14 by security tracker role at 2026-01-23T20:14:25+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,207 +1,207 @@
CVE-2026-24636 (Missing Authorization vulnerability in Syed Balkhi Sugar Calendar (Lit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24635 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24634 (Authorization Bypass Through User-Controlled Key vulnerability in Rust ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24633 (Missing Authorization vulnerability in Passionate Brains Add Expires H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24632 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24631 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24630 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24629 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24627 (Missing Authorization vulnerability in Trusona Trusona for WordPress t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24626 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24625 (Missing Authorization vulnerability in Imaginate Solutions File Upload ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24624 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24623 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24622 (Missing Authorization vulnerability in Sergiy Dzysyak Suggestion Toolk ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24621 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24620 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24619 (Missing Authorization vulnerability in PopCash PopCash.Net Code Integr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24617 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24616 (Missing Authorization vulnerability in Damian WP Popups wp-popups-lite ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24615 (Missing Authorization vulnerability in themebeez Cream Magazine cream- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24614 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24613 (Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24612 (Missing Authorization vulnerability in themebeez Orchid Store orchid-s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24609 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24608 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24607 (Missing Authorization vulnerability in wptravelengine Travel Monster t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24606 (Missing Authorization vulnerability in Web Impian Bayarcash WooCommerc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24605 (Missing Authorization vulnerability in pencilwp X Addons for Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24604 (Missing Authorization vulnerability in themebeez Simple GDPR Cookie Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24603 (Missing Authorization vulnerability in themebeez Universal Google Adse ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24602 (Missing Authorization vulnerability in Raptive Raptive Ads adthrive-ad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24601 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24600 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24599 (Authorization Bypass Through User-Controlled Key vulnerability in XLPl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24598 (Missing Authorization vulnerability in bestwebsoft Multilanguage by Be ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24596 (Cross-Site Request Forgery (CSRF) vulnerability in marynixie Related P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24595 (Missing Authorization vulnerability in zohocrm Zoho CRM Lead Magnet zo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24594 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24593 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24591 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24589 (Insertion of Sensitive Information Into Sent Data vulnerability in Car ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24588 (Missing Authorization vulnerability in topdevs Smart Product Viewer sm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24587 (Missing Authorization vulnerability in kutsy AJAX Hits Counter + Popul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24585 (Missing Authorization vulnerability in Hyyan Abo Fakher Hyyan WooComme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24584 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24583 (Missing Authorization vulnerability in sumup SumUp Payment Gateway For ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24581 (Missing Authorization vulnerability in WP Swings Points and Rewards fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24580 (Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24579 (Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Ge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24578 (Missing Authorization vulnerability in Jahid Hasan Admin login URL Cha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24577 (Missing Authorization vulnerability in Genetech Products Pie Register ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24576 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24572 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24571 (Missing Authorization vulnerability in boxnow BOX NOW Delivery box-now ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24570 (Missing Authorization vulnerability in WisdmLabs Edwiser Bridge edwise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24569 (Missing Authorization vulnerability in Sully Media Library File Size m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24568 (Missing Authorization vulnerability in WP Travel WP Travel wp-travel a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24567 (Missing Authorization vulnerability in briarinc Anything Order by Term ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24566 (Missing Authorization vulnerability in iNET iNET Webkit inet-webkit al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24565 (Insertion of Sensitive Information Into Sent Data vulnerability in bPl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24564 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24563 (Missing Authorization vulnerability in Ashan Perera LifePress lifepres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24562 (Missing Authorization vulnerability in Ryviu Ryviu – Product Rev ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24561 (Missing Authorization vulnerability in Mahmudul Hasan Arif FluentBoard ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24560 (Missing Authorization vulnerability in Cloudinary Cloudinary cloudinar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24559 (Insertion of Sensitive Information Into Sent Data vulnerability in CRM ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24558 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24557 (Insertion of Sensitive Information Into Sent Data vulnerability in WEN ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24556 (Missing Authorization vulnerability in wpdive ElementCamp element-camp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24555 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24553 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24551 (Missing Authorization vulnerability in monetagwp Monetag Official Plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24550 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24549 (Cross-Site Request Forgery (CSRF) vulnerability in Paolo GeoDirectory ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24548 (Server-Side Request Forgery (SSRF) vulnerability in Prince Radio Playe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24544 (Missing Authorization vulnerability in Harmonic Design HD Quiz hd-quiz ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24543 (Missing Authorization vulnerability in Horea Radu Materialis Companion ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24542 (Cross-Site Request Forgery (CSRF) vulnerability in John James Jacoby W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24541 (Missing Authorization vulnerability in mkscripts Download After Email ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24540 (Missing Authorization vulnerability in Prince Integrate Google Drive i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24539 (Missing Authorization vulnerability in ABCdatos Protecci\xf3n de datos ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24538 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24536 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24535 (Missing Authorization vulnerability in webdevstudios Automatic Feature ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24534 (Missing Authorization vulnerability in uPress Booter booter-bots-crawl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24532 (Missing Authorization vulnerability in SiteLock SiteLock Security site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24531 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24530 (Missing Authorization vulnerability in sheepfish WebP Conversion webp- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24529 (Missing Authorization vulnerability in Alejandro Quick Restaurant Rese ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24528 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24526 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24525 (Missing Authorization vulnerability in CloudPanel CLP Varnish Cache cl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24524 (Missing Authorization vulnerability in Essekia Tablesome tablesome all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24523 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24522 (Missing Authorization vulnerability in MyThemeShop WP Subscribe wp-sub ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24521 (Cross-Site Request Forgery (CSRF) vulnerability in Timur Kamaev Kama T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24423 (SmarterTools SmarterMail versions prior to build 9511 contain an unaut ...)
TODO: check
CVE-2026-22276 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versi ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22275 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versi ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22274 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versi ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22273 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versi ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22271 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versi ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-21867
REJECTED
CVE-2026-1364 (IAQS and I6 developed by JNC has a Missing Authentication vulnerabilit ...)
@@ -213,7 +213,7 @@ CVE-2026-1299 (The email module, specifically the "BytesGenerator" class, didn\
CVE-2026-0994 (A denial-of-service (DoS) vulnerability exists in google.protobuf.json ...)
TODO: check
CVE-2026-0914 (The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-71177 (LavaLite CMS versions up to and including 10.1.0 contain a stored cros ...)
TODO: check
CVE-2025-70986 (Incorrect access control in the selectDept function of RuoYi v4.8.2 al ...)
@@ -245,19 +245,19 @@ CVE-2025-4320 (Authentication Bypass by Primary Weakness, Weak Password Recovery
CVE-2025-4319 (Improper Restriction of Excessive Authentication Attempts, Weak Passwo ...)
TODO: check
CVE-2025-46699 (Dell Data Protection Advisor, versions prior to 19.12, contains an Imp ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-2204 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2025-14947 (The All-in-One Video Gallery plugin for WordPress is vulnerable to una ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14866 (The Melapress Role Editor plugin for WordPress is vulnerable to Privil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13921 (The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-47906 (BloofoxCMS 0.5.2.1 contains a stored cross-site scripting vulnerabilit ...)
TODO: check
CVE-2021-47905 (MyBB Delete Account Plugin 1.4 contains a cross-site scripting vulnera ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2021-47904 (PhreeBooks 5.2.3 contains an authenticated file upload vulnerability i ...)
TODO: check
CVE-2021-47903 (LiteSpeed Web Server Enterprise 5.4.11 contains an authenticated comma ...)
@@ -289,9 +289,9 @@ CVE-2021-47888 (Textpattern versions prior to 4.8.3 contain an authenticated rem
CVE-2021-47881 (dataSIMS Avionics ARINC 664-1 version 4.5.3 contains a local buffer ov ...)
TODO: check
CVE-2018-25132 (MyBB Trending Widget Plugin 1.2 contains a cross-site scripting vulner ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2018-25116 (MyBB Thread Redirect Plugin 0.2.1 contains a cross-site scripting vuln ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2026-22995 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux <unfixed>
[trixie] - linux <not-affected> (Vulnerable code not present)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ea39d14c1f7d9fcd139cabe893efdf542459cc2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ea39d14c1f7d9fcd139cabe893efdf542459cc2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260123/09a59244/attachment.htm>
More information about the debian-security-tracker-commits
mailing list