[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 2 08:14:06 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
805935b5 by security tracker role at 2026-05-02T07:13:59+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2026-7647 (The Profile Builder Pro plugin for WordPress is vulnerable to PHP Obje ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-7641 (The Import and export users and customers plugin for WordPress is vuln ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-7638 (The App Builder \u2013 Create Native Android & iOS Apps On The Flight  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-7605 (A security flaw has been discovered in JeecgBoot up to 3.9.1. This vul ...)
 	TODO: check
 CVE-2026-7604 (A vulnerability was identified in JeecgBoot up to 3.9.1. This affects  ...)
@@ -31,41 +31,41 @@ CVE-2026-7594 (A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0.
 CVE-2026-7593 (A security vulnerability has been detected in Sunwood-ai-labs command- ...)
 	TODO: check
 CVE-2026-7592 (A weakness has been identified in itsourcecode Courier Management Syst ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2026-7458 (The User Verification by PickPlugins plugin for WordPress is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-7209 (The Simple Link Directory plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-7049 (The PixelYourSite Pro \u2013 Your smart PIXEL (TAG) Manager plugin for ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-6963 (The WP Mail Gateway plugin for WordPress is vulnerable to unauthorized ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-6916 (The Jeg Kit for Elementor \u2013 Powerful Addons for Elementor, Widget ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-6812 (The Ona theme for WordPress is vulnerable to Server-Side Request Forge ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-6447 (The Call for Price for WooCommerce plugin for WordPress is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-6446 (The My Social Feeds \u2013 Social Feeds Embedder plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-6378 (The Maxi Blocks plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-5113 (The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-5112 (The Gravity Forms plugin for WordPress is vulnerable to Unauthenticate ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-5111 (The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-5110 (The Gravity Forms plugin for WordPress is vulnerable to Unauthenticate ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-5109 (The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-4882 (The User Registration Advanced Fields plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-4658 (The Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns &  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-43824 (In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff  ...)
-	TODO: check
+	NOT-FOR-US: Argo CD
 CVE-2026-43058 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
 	TODO: check
 CVE-2026-42788 (Allocation of Resources Without Limits or Throttling vulnerability in  ...)
@@ -81,7 +81,7 @@ CVE-2026-39804 (Allocation of Resources Without Limits or Throttling vulnerabili
 CVE-2025-8903
 	REJECTED
 CVE-2025-14726 (The Widgets for Social Photo Feed plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12993
 	REJECTED
 CVE-2026-42050 [Stack buffer overflow in XTileImage]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/805935b566fdd2cc4c8432694c15422d16a5d014

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/805935b566fdd2cc4c8432694c15422d16a5d014
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260502/e5dc80ae/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list