[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso (@carnil) Mon, 01 Nov 2021 13:54:37 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7440c49c by Salvatore Bonaccorso at 2021-11-01T21:54:05+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43586,15 +43586,15 @@ CVE-2021-25880
 CVE-2021-25879
        RESERVED
 CVE-2021-25878 (AVideo/YouPHPTube 10.0 and prior is affected by multiple 
reflected Cro ...)
-       TODO: check
+       NOT-FOR-US: AVideo/YouPHPTube
 CVE-2021-25877 (AVideo/YouPHPTube 10.0 and prior is affected by Insecure file 
write. A ...)
-       TODO: check
+       NOT-FOR-US: AVideo/YouPHPTube
 CVE-2021-25876 (AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross 
Script S ...)
-       TODO: check
+       NOT-FOR-US: AVideo/YouPHPTube
 CVE-2021-25875 (AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior has 
multiple reflec ...)
-       TODO: check
+       NOT-FOR-US: AVideo/YouPHPTube
 CVE-2021-25874 (AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior is affected 
by a SQ ...)
-       TODO: check
+       NOT-FOR-US: AVideo/YouPHPTube
 CVE-2021-25873
        RESERVED
 CVE-2021-25872
@@ -46039,7 +46039,7 @@ CVE-2021-24815
 CVE-2021-24814
        RESERVED
 CVE-2021-24813 (The Events Made Easy WordPress plugin before 2.2.24 does not 
sanitise  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24812
        RESERVED
 CVE-2021-24811
@@ -46047,9 +46047,9 @@ CVE-2021-24811
 CVE-2021-24810
        RESERVED
 CVE-2021-24809 (The BP Better Messages WordPress plugin before 1.9.9.41 does 
not check ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24808 (The BP Better Messages WordPress plugin before 1.9.9.41 
sanitise (with ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24807
        RESERVED
 CVE-2021-24806
@@ -46067,7 +46067,7 @@ CVE-2021-24801
 CVE-2021-24800
        RESERVED
 CVE-2021-24799 (The Far Future Expiry Header WordPress plugin before 1.5 does 
not have ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24798
        RESERVED
 CVE-2021-24797
@@ -46077,9 +46077,9 @@ CVE-2021-24796
 CVE-2021-24795
        RESERVED
 CVE-2021-24794 (The Connections Business Directory WordPress plugin before 
10.4.3 does ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24793 (The WPeMatico RSS Feed Fetcher WordPress plugin before 2.6.12 
does not ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24792
        RESERVED
 CVE-2021-24791
@@ -46087,7 +46087,7 @@ CVE-2021-24791
 CVE-2021-24790
        RESERVED
 CVE-2021-24789 (The Flat Preloader WordPress plugin before 1.5.5 does not 
escape some  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24788
        RESERVED
 CVE-2021-24787
@@ -46103,7 +46103,7 @@ CVE-2021-24783
 CVE-2021-24782
        RESERVED
 CVE-2021-24781 (The Image Source Control WordPress plugin before 2.3.1 allows 
users wi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24780
        RESERVED
 CVE-2021-24779 (The WP Debugging WordPress plugin before 2.11.0 has its 
update_setting ...)
@@ -46119,13 +46119,13 @@ CVE-2021-24775
 CVE-2021-24774 (The Check &amp; Log Email WordPress plugin before 1.0.3 does 
not valid ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24773 (The WordPress Download Manager WordPress plugin before 3.2.16 
does not ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24772
        RESERVED
 CVE-2021-24771
        RESERVED
 CVE-2021-24770 (The Stylish Price List WordPress plugin before 6.9.1 does not 
perform  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24769 (The Permalink Manager Lite WordPress plugin before 2.2.13.1 
does not v ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24768
@@ -46151,7 +46151,7 @@ CVE-2021-24759
 CVE-2021-24758
        RESERVED
 CVE-2021-24757 (The Stylish Price List WordPress plugin before 6.9.0 does not 
perform  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24756
        RESERVED
 CVE-2021-24755
@@ -46181,7 +46181,7 @@ CVE-2021-24744 (The WordPress Contact Forms by Cimatti 
WordPress plugin before 1
 CVE-2021-24743 (The Podcast Subscribe Buttons WordPress plugin before 1.4.2 
allows use ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24742 (The Logo Slider and Showcase WordPress plugin before 1.3.37 
allows Edi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24741 (The Support Board WordPress plugin before 3.3.4 does not 
escape multip ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24740 (The Tutor LMS WordPress plugin before 1.9.9 does not escape 
some of it ...)
@@ -46219,9 +46219,9 @@ CVE-2021-24725 (The Comment Link Remove and Other 
Comment Tools WordPress plugin
 CVE-2021-24724 (The Timetable and Event Schedule by MotoPress WordPress plugin 
before  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24723 (The WP Reactions Lite WordPress plugin before 1.3.6 does not 
properly  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24722 (The Restaurant Menu by MotoPress WordPress plugin through 
2.4.0 does n ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24721
        RESERVED
 CVE-2021-24720 (The GeoDirectory Business Directory WordPress plugin before 
2.1.1.3 wa ...)
@@ -46231,11 +46231,11 @@ CVE-2021-24719 (The Enfold Enfold WordPress theme 
before 4.8.4 was vulnerable to
 CVE-2021-24718
        RESERVED
 CVE-2021-24717 (The AutomatorWP WordPress plugin before 1.7.6 does not perform 
capabil ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24716 (The Modern Events Calendar Lite WordPress plugin before 5.22.3 
does no ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24715 (The WP Sitemap Page WordPress plugin before 1.7.0 does not 
properly sa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24714
        RESERVED
 CVE-2021-24713
@@ -46295,13 +46295,13 @@ CVE-2021-24687 (The Modern Events Calendar Lite 
WordPress plugin before 5.22.2 d
 CVE-2021-24686
        RESERVED
 CVE-2021-24685 (The Flat Preloader WordPress plugin before 1.5.4 does not 
enforce nonc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24684 (The WordPress PDF Light Viewer Plugin WordPress plugin before 
1.4.12 a ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24683 (The Weather Effect WordPress plugin before 1.3.4 does not have 
any CSR ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24682 (The Cool Tag Cloud WordPress plugin before 2.26 does not 
escape the st ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24681 (The Duplicate Page WordPress plugin through 4.4.2 does not 
sanitise or ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24680
@@ -46417,7 +46417,7 @@ CVE-2021-24626
 CVE-2021-24625
        RESERVED
 CVE-2021-24624 (The MP3 Audio Player for Music, Radio &amp; Podcast by Sonaar 
WordPres ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24623 (The WordPress Advanced Ticket System, Elite Support Helpdesk 
WordPress ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24622 (The Customer Service Software &amp; Support Ticket System 
WordPress pl ...)
@@ -46521,11 +46521,11 @@ CVE-2021-24574 (The Simple Banner WordPress plugin 
before 2.10.4 does not saniti
 CVE-2021-24573
        RESERVED
 CVE-2021-24572 (The Accept Donations with PayPal WordPress plugin before 1.3.1 
provide ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24571 (The HD Quiz WordPress plugin before 1.8.4 does not escape some 
of its  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24570 (The Accept Donations with PayPal WordPress plugin before 1.3.1 
offers  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24569 (The Cookie Notice &amp; Compliance for GDPR / CCPA WordPress 
plugin be ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24568 (The AddToAny Share Buttons WordPress plugin before 1.7.46 does 
not san ...)
@@ -46587,7 +46587,7 @@ CVE-2021-24541 (The Wonder PDF Embed WordPress plugin 
before 1.7 does not escape
 CVE-2021-24540 (The Wonder Video Embed WordPress plugin before 1.8 does not 
escape par ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24539 (The Coming Soon, Under Construction &amp; Maintenance Mode By 
Dazzler  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24538 (The Current Book WordPress plugin through 1.0.1 does not 
sanitize user ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24537
@@ -64300,7 +64300,7 @@ CVE-2020-28704
 CVE-2020-28703
        RESERVED
 CVE-2020-28702 (A SQL injection vulnerability in TopicMapper.xml of PybbsCMS 
v5.2.1 al ...)
-       TODO: check
+       NOT-FOR-US: PybbsCMS
 CVE-2020-28701
        RESERVED
 CVE-2020-28700



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7440c49cb6280cfec3e871b96c512810df82f542

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7440c49cb6280cfec3e871b96c512810df82f542
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process more NFUs

Reply via email to