Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
485b3a90 by Salvatore Bonaccorso at 2023-11-13T09:29:41+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,65 +1,65 @@
CVE-2023-5747 (Bashis, a Security Researcher at IPVM has found a flaw that
allows for ...)
TODO: check
CVE-2023-5741 (The POWR plugin for WordPress is vulnerable to Stored
Cross-Site Scrip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5037
REJECTED
CVE-2023-4775 (The Advanced iFrame plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47669 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs
User Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47652 (Cross-Site Request Forgery (CSRF) vulnerability in Lucian
Apostol Auto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47516 (Cross-Site Request Forgery (CSRF) vulnerability in Stark
Digital Categ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47230 (Cross-Site Request Forgery (CSRF) vulnerability in Cimatti
Consulting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47163 (Remarshal prior to v0.17.1 expands YAML alias nodes
unlimitedly, hence ...)
- TODO: check
+ NOT-FOR-US: Remarshal
CVE-2023-46638 (Cross-Site Request Forgery (CSRF) vulnerability in Webcodin
WCP OpenWe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46636 (Cross-Site Request Forgery (CSRF) vulnerability in David
St\xf6ckl Cus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46634 (Cross-Site Request Forgery (CSRF) vulnerability in phoeniixx
Custom My ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46629 (Cross-Site Request Forgery (CSRF) vulnerability in
themelocation Remov ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46625 (Cross-Site Request Forgery (CSRF) vulnerability in DAEXT
Autolinks Man ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46620 (Cross-Site Request Forgery (CSRF) vulnerability in Fluenx
DeepL API tr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46619 (Cross-Site Request Forgery (CSRF) vulnerability in WebDorado
WDSocialW ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46618 (Cross-Site Request Forgery (CSRF) vulnerability in Bala
Krishna, Serge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46207 (Server-Side Request Forgery (SSRF) vulnerability in
StylemixThemes Mot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46201 (Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk
Auto Log ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41239 (Server-Side Request Forgery (SSRF) vulnerability in Blubrry
PowerPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38515 (Server-Side Request Forgery (SSRF) vulnerability in Andy Moyle
Church ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38364 (IBM CICS TX Advanced 10.1 is vulnerable to cross-site
scripting. This ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-38363 ([PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION]
on [PLATF ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-37978 (Server-Side Request Forgery (SSRF) vulnerability in Dimitar
Ivanov HTT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35041 (Cross-Site Request Forgery (CSRF) vulnerability leading to
Local File ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34384 (Cross-Site Request Forgery (CSRF) vulnerability in Kebo Kebo
Twitter F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34378 (Cross-Site Request Forgery (CSRF) vulnerability in
scriptburn.Com WP H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34013 (Server-Side Request Forgery (SSRF) vulnerability in Poll Maker
Team Po ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33207 (Cross-Site Request Forgery (CSRF) vulnerability in Krzysztof
Wielog\xf ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32588 (Cross-Site Request Forgery (CSRF) vulnerability in
BRANDbrilliance Pos ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32583 (Cross-Site Request Forgery (CSRF) vulnerability in Prashant
Walke WP A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6084 (A vulnerability was found in Tongda OA 2017 up to 11.9 and
classified ...)
NOT-FOR-US: Tongda OA
CVE-2023-47037 (We failed to applyCVE-2023-40611 in 2.7.1 and this
vulnerability was m ...)
@@ -26097,7 +26097,7 @@ CVE-2023-31221 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-31220 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
WP-EXPER ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31219 (Server-Side Request Forgery (SSRF) vulnerability in WPChill
Download M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31218 (Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site
Scripti ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31217 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -31193,7 +31193,7 @@ CVE-2023-29427 (Unauth. Reflected Cross-Site Scripting
(XSS) vulnerability in TM
CVE-2023-29426 (Cross-Site Request Forgery (CSRF) vulnerability in Robert
Schulz (sprd ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29425 (Cross-Site Request Forgery (CSRF) vulnerability in
plainware.Com Shift ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29424 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Plai ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29423 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in PI W ...)
@@ -31930,7 +31930,7 @@ CVE-2023-29246 (An attacker who has gained access to an
admin account can perfor
CVE-2023-29239
RESERVED
CVE-2023-29238 (Cross-Site Request Forgery (CSRF) vulnerability in Whydonate
Whydonate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29237
RESERVED
CVE-2023-29236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Cththeme ...)
@@ -32793,7 +32793,7 @@ CVE-2023-28989 (Cross-Site Request Forgery (CSRF)
vulnerability in weDevs Happy
CVE-2023-28988 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in PI W ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28987 (Cross-Site Request Forgery (CSRF) vulnerability in Wpmet Wp
Ultimate R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28986 (Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider,
wpaffil ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28985 (An Improper Validation of Syntactic Correctness of Input
vulnerability ...)
@@ -33035,7 +33035,7 @@ CVE-2023-28932 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-28931 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Neve ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28930 (Cross-Site Request Forgery (CSRF) vulnerability in Robin
Phillips Mobi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28929 (Trend Micro Security 2021, 2022, and 2023 (Consumer) are
vulnerable to ...)
NOT-FOR-US: Trend Micro
CVE-2023-28928
@@ -33911,11 +33911,11 @@ CVE-2023-28698 (Wade Graphic Design FANTSY has a
vulnerability of insufficient a
CVE-2023-28697 (Moxa MiiNePort E1 has a vulnerability of insufficient access
control. ...)
NOT-FOR-US: Moxa
CVE-2023-28696 (Cross-Site Request Forgery (CSRF) vulnerability in Harish
Chouhan, The ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28695 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Drew ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28694 (Cross-Site Request Forgery (CSRF) vulnerability in Wbcom
Designs Wbcom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28693 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Balasahe ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28692 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Kevo ...)
@@ -34146,7 +34146,7 @@ CVE-2023-28620 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-28619
RESERVED
CVE-2023-28618 (Cross-Site Request Forgery (CSRF) vulnerability in Marios
Alexandrou E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28391
RESERVED
CVE-2023-27927 (An authenticated malicious user could acquire the simple mail
transfer ...)
@@ -34536,13 +34536,13 @@ CVE-2023-28500 (A Java insecure deserialization
vulnerability in Adobe LiveCycle
CVE-2023-28499 (Auth. (author+) Stored Cross-Site Scripting (XSS)
vulnerability in sim ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28498 (Cross-Site Request Forgery (CSRF) vulnerability in MotoPress
Hotel Boo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28497 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant
Slideshow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28496 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in SMTP ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28495 (Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop
WP Shor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28494
RESERVED
CVE-2023-28493 (Auth (subscriber+) Reflected Cross-Site Scripting (XSS)
vulnerability ...)
@@ -34911,9 +34911,9 @@ CVE-2023-28422 (Auth. (admin+) Stored Cross-site
Scripting (XSS) vulnerability i
CVE-2023-28421
RESERVED
CVE-2023-28420 (Cross-Site Request Forgery (CSRF) vulnerability in Leo Caseiro
Custom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28419 (Cross-Site Request Forgery (CSRF) vulnerability in Stranger
Studios Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28418 (Auth. (subscriber+) Reflected Cross-Site Scripting (XSS)
vulnerability ...)
NOT-FOR-US: WordPress theme
CVE-2023-28417
@@ -35755,9 +35755,9 @@ CVE-2023-28175 (Improper Authorization in SSH server in
Bosch VMS 11.0, 11.1.0,
CVE-2023-28174 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in eLig ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28173 (Cross-Site Request Forgery (CSRF) vulnerability in Amit
Agarwal Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28172 (Cross-Site Request Forgery (CSRF) vulnerability in flippercode
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28171 (Auth. (subscriber+) Stored Cross-Site Scripting (XSS)
vulnerability in ...)
NOT-FOR-US: WordPress theme
CVE-2023-28170
@@ -35767,7 +35767,7 @@ CVE-2023-28169 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-28168
RESERVED
CVE-2023-28167 (Cross-Site Request Forgery (CSRF) vulnerability in Vsourz
Digital CF7 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28166 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Aakif Ka ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28165
@@ -36014,7 +36014,7 @@ CVE-2023-28136
CVE-2023-28135
RESERVED
CVE-2023-28134 (Local attacker can escalate privileges on affected
installations of Ch ...)
- TODO: check
+ NOT-FOR-US: Check Point Harmony Endpoint/ZoneAlarm Extreme Security
CVE-2023-28133 (Local privilege escalation in Check Point Endpoint Security
Client (ve ...)
NOT-FOR-US: Check Point Endpoint Security Client
CVE-2023-28132
@@ -37564,7 +37564,7 @@ CVE-2023-27634 (Cross-Site Request Forgery (CSRF)
vulnerability allows arbitrary
CVE-2023-27633
RESERVED
CVE-2023-27632 (Cross-Site Request Forgery (CSRF) vulnerability in mmrs151
Daily Praye ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27631 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27630
@@ -37582,7 +37582,7 @@ CVE-2023-27625
CVE-2023-27624 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Marc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27623 (Cross-Site Request Forgery (CSRF) vulnerability in Jens
T\xf6rnell WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27622 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Abel ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27621 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in MrDe ...)
@@ -37606,7 +37606,7 @@ CVE-2023-27613 (Unauth. Reflected Cross-Site Scripting
(XSS) vulnerability in Mo
CVE-2023-27612 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27611 (Cross-Site Request Forgery (CSRF) vulnerability in audrasjb
Reusable B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27610 (Auth. (admin+) SQL Injection (SQLi) vulnerability in
TransbankDevelope ...)
NOT-FOR-US: TransbankDevelopers Transbank Webpay
CVE-2023-27609
@@ -38169,7 +38169,7 @@ CVE-2023-27447
CVE-2023-27446
RESERVED
CVE-2023-27445 (Cross-Site Request Forgery (CSRF) vulnerability in Meril Inc.
Blog Flo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27444
RESERVED
CVE-2023-27443 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -38177,27 +38177,27 @@ CVE-2023-27443 (Auth. (contributor+) Stored
Cross-Site Scripting (XSS) vulnerabi
CVE-2023-27442
RESERVED
CVE-2023-27441 (Cross-Site Request Forgery (CSRF) vulnerability in gl_SPICE
New Adman ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27440
RESERVED
CVE-2023-27439 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in gl_S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27438 (Cross-Site Request Forgery (CSRF) vulnerability in Evgen
Yurchenko WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27437
RESERVED
CVE-2023-27436 (Cross-Site Request Forgery (CSRF) vulnerability in Louis
Reingold Eleg ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27435 (Cross-Site Request Forgery (CSRF) vulnerability in Sami Ahmed
Siddiqui ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27434 (Cross-Site Request Forgery (CSRF) vulnerability in WPGrim
Classic Edit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27433 (Cross-Site Request Forgery (CSRF) vulnerability in YAS Global
Team Mak ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27432 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
WpSimple ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27431 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeHunk
Big Store ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-27430 (Cross-Site Request Forgery (CSRF) vulnerability in Ramon
Fincken Mass ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27429 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Auto ...)
@@ -38223,9 +38223,9 @@ CVE-2023-27420 (Unauth. Reflected Cross-Site Scripting
(XSS) vulnerability in Ev
CVE-2023-27419 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Everest ...)
NOT-FOR-US: WordPress theme
CVE-2023-27418 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Side Me ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27417 (Cross-Site Request Forgery (CSRF) vulnerability in Timo Reith
Affiliat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27416 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Deco ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27415 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Them ...)
@@ -40417,7 +40417,7 @@ CVE-2023-1026 (The WP Meta SEO plugin for WordPress is
vulnerable to unauthorize
CVE-2019-25105 (A vulnerability, which was classified as problematic, was
found in dro ...)
NOT-FOR-US: dro.pm
CVE-2023-26543 (Cross-Site Request Forgery (CSRF) vulnerability in Aleksandr
Guidrevit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26542
RESERVED
CVE-2023-26541 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Alex ...)
@@ -40441,7 +40441,7 @@ CVE-2023-26533
CVE-2023-26532
RESERVED
CVE-2023-26531 (Cross-Site Request Forgery (CSRF) vulnerability in
\u95ea\u7535\u535a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26530 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Paul Keh ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26529 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Dupe ...)
@@ -40455,7 +40455,7 @@ CVE-2023-26526
CVE-2023-26525
RESERVED
CVE-2023-26524 (Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech
Quiz An ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26523
RESERVED
CVE-2023-26522
@@ -40467,15 +40467,15 @@ CVE-2023-26520
CVE-2023-26519 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Alex ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26518 (Cross-Site Request Forgery (CSRF) vulnerability in AccessPress
Themes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26517 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Jeff ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26516 (Cross-Site Request Forgery (CSRF) vulnerability in WPIndeed
Debug Assi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26515 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Ko T ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26514 (Cross-Site Request Forgery (CSRF) vulnerability in WPGrim
Dynamic XML ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26513 (Excessive Iteration vulnerability in Apache Software
Foundation Apache ...)
NOT-FOR-US: Apache Sling
CVE-2023-26512 (CWE-502 Deserialization of Untrusted Dataat
therabbitmq-connector plug ...)
@@ -48757,7 +48757,7 @@ CVE-2023-23802 (Cross-Site Request Forgery (CSRF)
vulnerability in HasThemes HT
CVE-2023-23801 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes
Really Si ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23800 (Server-Side Request Forgery (SSRF) vulnerability in Vova
Anokhin WP Sh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23799 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability
in Leon ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23798 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -49192,7 +49192,7 @@ CVE-2023-23686 (Auth. (contributor+) Stored Cross-Site
Scripting (XSS) vulnerabi
CVE-2023-23685 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23684 (Server-Side Request Forgery (SSRF) vulnerability in
WPGraphQL.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23683 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Ozan ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23682 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Snap ...)
@@ -62624,7 +62624,7 @@ CVE-2022-45837 (Reflected Cross-Site Scripting (XSS)
vulnerability in Denis \u5f
CVE-2022-45836 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
W3 Eden, ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45835 (Server-Side Request Forgery (SSRF) vulnerability in PhonePe
PhonePe Pa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45834
RESERVED
CVE-2022-45833 (Auth. Path Traversal vulnerability in Easy WP SMTP plugin <=
1.5.1 on ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/485b3a90cdb06689858bfd64a21cbdbb6df89a00
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/485b3a90cdb06689858bfd64a21cbdbb6df89a00
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
