Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 44259065 by Salvatore Bonaccorso at 2022-02-01T21:27:46+01:00 Process several NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -2103,7 +2103,7 @@ CVE-2022-0322 [DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c] CVE-2022-0321 RESERVED CVE-2022-0320 (The Essential Addons for Elementor WordPress plugin before 5.0.5 does ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0319 (Out-of-bounds Read in vim/vim prior to 8.2. ...) - vim <unfixed> [bullseye] - vim <no-dsa> (Minor issue) @@ -3887,7 +3887,7 @@ CVE-2022-0222 CVE-2022-0221 RESERVED CVE-2022-0220 (The check_privacy_settings AJAX action of the WordPress GDPR WordPress ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0219 (Improper Restriction of XML External Entity Reference in GitHub reposi ...) NOT-FOR-US: jadx CVE-2022-0218 @@ -64683,7 +64683,7 @@ CVE-2021-25099 CVE-2021-25098 RESERVED CVE-2021-25097 (The LabTools WordPress plugin through 1.0 does not have proper authori ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-25096 RESERVED CVE-2021-25095 @@ -64691,15 +64691,15 @@ CVE-2021-25095 CVE-2021-25094 RESERVED CVE-2021-25093 (The Link Library WordPress plugin before 7.2.8 does not have authorisa ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-25092 (The Link Library WordPress plugin before 7.2.8 does not have CSRF chec ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-25091 (The Link Library WordPress plugin before 7.2.9 does not sanitise and e ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-25090 RESERVED CVE-2021-25089 (The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.6 ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-25088 RESERVED CVE-2021-25087 @@ -64707,7 +64707,7 @@ CVE-2021-25087 CVE-2021-25086 RESERVED CVE-2021-25085 (The WOOF WordPress plugin before 1.2.6.3 does not sanitise and escape ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-25084 RESERVED CVE-2021-25083 (The Registrations for the Events Calendar WordPress plugin before 2.7. ...) @@ -64733,7 +64733,7 @@ CVE-2021-25074 (The WebP Converter for Media WordPress plugin before 4.0.3 conta CVE-2021-25073 (The WP125 WordPress plugin before 1.5.5 does not have CSRF checks in v ...) NOT-FOR-US: WordPress plugin CVE-2021-25072 (The NextScripts: Social Networks Auto-Poster WordPress plugin before 4 ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-25071 RESERVED CVE-2021-25070 @@ -64751,7 +64751,7 @@ CVE-2021-25065 (The Smash Balloon Social Post Feed WordPress plugin before 4.1.1 CVE-2021-25064 RESERVED CVE-2021-25063 (The Contact Form 7 Skins WordPress plugin through 2.5.0 does not sanit ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-25062 (The Orders Tracking for WooCommerce WordPress plugin before 1.1.10 doe ...) NOT-FOR-US: WordPress plugin CVE-2021-25061 (The WP Booking System WordPress plugin before 2.0.15 was affected by a ...) @@ -64911,7 +64911,7 @@ CVE-2021-24985 (The Easy Forms for Mailchimp WordPress plugin before 6.8.6 does CVE-2021-24984 (The WPFront User Role Editor WordPress plugin before 3.2.1.11184 does ...) NOT-FOR-US: WordPress plugin CVE-2021-24983 (The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24982 RESERVED CVE-2021-24981 (The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cros ...) @@ -64927,7 +64927,7 @@ CVE-2021-24977 CVE-2021-24976 (The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and ...) NOT-FOR-US: WordPress plugin CVE-2021-24975 (The NextScripts: Social Networks Auto-Poster WordPress plugin before 4 ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24974 (The Product Feed PRO for WooCommerce WordPress plugin before 11.0.7 do ...) NOT-FOR-US: WordPress plugin CVE-2021-24973 (The Site Reviews WordPress plugin before 5.17.3 does not sanitise and ...) @@ -64989,7 +64989,7 @@ CVE-2021-24946 (The Modern Events Calendar Lite WordPress plugin before 6.1.5 do CVE-2021-24945 (The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 ...) NOT-FOR-US: WordPress plugin CVE-2021-24944 (The Custom Dashboard & Login Page WordPress plugin before 7.0 does ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24943 (The Registrations for the Events Calendar WordPress plugin before 2.7. ...) NOT-FOR-US: WordPress plugin CVE-2021-24942 @@ -65003,13 +65003,13 @@ CVE-2021-24939 (The LoginWP (Formerly Peter's Login Redirect) WordPress plugin b CVE-2021-24938 (The WOOCS WordPress plugin before 1.3.7.1 does not sanitise and escape ...) NOT-FOR-US: WordPress plugin CVE-2021-24937 (The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24936 (The WP Extra File Types WordPress plugin before 0.5.1 does not have CS ...) NOT-FOR-US: WordPress plugin CVE-2021-24935 (The WP Google Fonts WordPress plugin before 3.1.5 does not escape the ...) NOT-FOR-US: WordPress plugin CVE-2021-24934 (The Visual CSS Style Editor WordPress plugin before 7.5.4 does not san ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24933 RESERVED CVE-2021-24932 (The Auto Featured Image (Auto Post Thumbnail) WordPress plugin before ...) @@ -65025,7 +65025,7 @@ CVE-2021-24928 CVE-2021-24927 (The My Calendar WordPress plugin before 3.2.18 does not sanitise and e ...) NOT-FOR-US: WordPress plugin CVE-2021-24926 (The Domain Check WordPress plugin before 1.0.17 does not sanitise and ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24925 (The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not ...) NOT-FOR-US: WordPress plugin CVE-2021-24924 (The Email Log WordPress plugin before 2.4.8 does not escape the d para ...) @@ -65039,7 +65039,7 @@ CVE-2021-24921 CVE-2021-24920 RESERVED CVE-2021-24919 (The Wicked Folders WordPress plugin before 2.8.10 does not sanitise an ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24918 (The Smash Balloon Social Post Feed WordPress plugin before 4.0.1 did n ...) NOT-FOR-US: WordPress plugin CVE-2021-24917 (The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allow ...) @@ -65077,7 +65077,7 @@ CVE-2021-24902 (The Typebot | Build beautiful conversational forms WordPress plu CVE-2021-24901 RESERVED CVE-2021-24900 (The Ninja Tables WordPress plugin before 4.1.8 does not sanitise and e ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24899 (The Media-Tags WordPress plugin through 3.2.0.2 does not sanitise and ...) NOT-FOR-US: WordPress plugin CVE-2021-24898 @@ -65141,7 +65141,7 @@ CVE-2021-24870 CVE-2021-24869 RESERVED CVE-2021-24868 (The Document Embedder WordPress plugin before 1.7.9 contains a AJAX ac ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24867 RESERVED CVE-2021-24866 (The WP Data Access WordPress plugin before 5.0.0 does not properly san ...) @@ -65249,7 +65249,7 @@ CVE-2021-24816 (The Phoenix Media Rename WordPress plugin before 3.4.4 does not CVE-2021-24815 (The Accept Donations with PayPal WordPress plugin before 1.3.2 does no ...) NOT-FOR-US: WordPress plugin CVE-2021-24814 (The check_privacy_settings AJAX action of the WordPress GDPR WordPress ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24813 (The Events Made Easy WordPress plugin before 2.2.24 does not sanitise ...) NOT-FOR-US: WordPress plugin CVE-2021-24812 (The BetterLinks WordPress plugin before 1.2.6 does not sanitise and es ...) @@ -65327,7 +65327,7 @@ CVE-2021-24777 CVE-2021-24776 (The WP Performance Score Booster WordPress plugin before 2.1 does not ...) NOT-FOR-US: WordPress plugin CVE-2021-24775 (The Document Embedder WordPress plugin before 1.7.5 contains a REST en ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24774 (The Check & Log Email WordPress plugin before 1.0.3 does not valid ...) NOT-FOR-US: WordPress plugin CVE-2021-24773 (The WordPress Download Manager WordPress plugin before 3.2.16 does not ...) @@ -65347,15 +65347,15 @@ CVE-2021-24767 (The Redirect 404 Error Page to Homepage or Custom Page with Logs CVE-2021-24766 (The 404 to 301 – Redirect, Log and Notify 404 Errors WordPress p ...) NOT-FOR-US: WordPress plugin CVE-2021-24765 (The Perfect Survey WordPress plugin through 1.5.2 does not validate an ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24764 (The Perfect Survey WordPress plugin before 1.5.2 does not sanitise and ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24763 (The Perfect Survey WordPress plugin before 1.5.2 does not have proper ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24762 (The Perfect Survey WordPress plugin before 1.5.2 does not validate and ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24761 (The Error Log Viewer WordPress plugin through 1.1.1 does not perform n ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24760 (The Gutenberg PDF Viewer Block WordPress plugin before 1.0.1 does not ...) NOT-FOR-US: WordPress plugin CVE-2021-24759 (The PDF.js Viewer WordPress plugin before 2.0.2 does not escape some o ...) @@ -65463,7 +65463,7 @@ CVE-2021-24709 (The Weather Effect WordPress plugin before 1.3.6 does not proper CVE-2021-24708 (The Export any WordPress data to XML/CSV WordPress plugin before 1.3.1 ...) NOT-FOR-US: WordPress plugin CVE-2021-24707 (The Learning Courses WordPress plugin before 5.0 does not sanitise and ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24706 (The Qwizcards – online quizzes and flashcards WordPress plugin b ...) NOT-FOR-US: WordPress plugin CVE-2021-24705 (The NEX-Forms WordPress plugin through 7.9.4 does not escape some of i ...) @@ -65505,7 +65505,7 @@ CVE-2021-24688 CVE-2021-24687 (The Modern Events Calendar Lite WordPress plugin before 5.22.2 does no ...) NOT-FOR-US: WordPress plugin CVE-2021-24686 (The SVG Support WordPress plugin before 2.3.20 does not escape the "CS ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24685 (The Flat Preloader WordPress plugin before 1.5.4 does not enforce nonc ...) NOT-FOR-US: WordPress plugin CVE-2021-24684 (The WordPress PDF Light Viewer Plugin WordPress plugin before 1.4.12 a ...) @@ -65581,7 +65581,7 @@ CVE-2021-24650 CVE-2021-24649 RESERVED CVE-2021-24648 (The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitis ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24647 (The Registration Forms – User profile, Content Restriction, Spam ...) NOT-FOR-US: WordPress plugin CVE-2021-24646 (The Booking.com Banner Creator WordPress plugin before 1.4.3 does not ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44259065e71cfb3a14d487c70400b6143a020d6c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44259065e71cfb3a14d487c70400b6143a020d6c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits