Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: c1716b84 by Moritz Muehlenhoff at 2023-06-07T12:46:50+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -5,23 +5,23 @@ CVE-2023-3125 (The B2BKing plugin for WordPress is vulnerable to unauthorized mo CVE-2023-3124 (The Elementor Pro plugin for WordPress is vulnerable to unauthorized d ...) NOT-FOR-US: Elementor Pro plugin for WordPress CVE-2023-33782 (D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection ...) - TODO: check + NOT-FOR-US: D-Link CVE-2023-33781 (An issue in D-Link DIR-842V2 v1.0.3 allows attackers to execute arbitr ...) - TODO: check + NOT-FOR-US: D-Link CVE-2023-33604 (Imperial CMS v7.5 was discovered to contain an arbitrary file deletion ...) - TODO: check + NOT-FOR-US: Imperial CMS CVE-2023-33601 (An arbitrary file upload vulnerability in /admin.php?c=upload of phpok ...) - TODO: check + NOT-FOR-US: phpok CVE-2023-33538 (TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was dis ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2023-33537 (TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was dis ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2023-33536 (TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was dis ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2023-2541 (The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthen ...) - TODO: check + NOT-FOR-US: KNIME Business Hub CVE-2022-4950 (Several WordPress plugins developed by Cool Plugins are vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-4949 (The AdSanity plugin for WordPress is vulnerable to arbitrary file uplo ...) NOT-FOR-US: AdSanity plugin for WordPress CVE-2022-4948 (The FlyingPress plugin for WordPress is vulnerable to authorization by ...) @@ -41,7 +41,7 @@ CVE-2021-4376 (The WooCommerce Multi Currency plugin for WordPress is vulnerable CVE-2021-4375 (The Welcart e-Commerce plugin for WordPress is vulnerable to authoriza ...) NOT-FOR-US: Welcart e-Commerce plugin for WordPress CVE-2021-4374 (The WordPress Automatic Plugin for WordPress is vulnerable to arbitrar ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-4373 (The Better Search plugin for WordPress is vulnerable to Cross-Site Req ...) NOT-FOR-US: Better Search plugin for WordPress CVE-2021-4372 (The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is ...) @@ -81,7 +81,7 @@ CVE-2021-4356 (The Frontend File Manager plugin for WordPress is vulnerable to U CVE-2021-4355 (The Welcart e-Commerce plugin for WordPress is vulnerable to authoriza ...) NOT-FOR-US: Welcart e-Commerce plugin for WordPress CVE-2021-4354 (The PWA for WP & AMP for WordPress is vulnerable to arbitrary file upl ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-4352 (The JobSearch WP Job Board plugin for WordPress is vulnerable to autho ...) NOT-FOR-US: JobSearch WP Job Board plugin for WordPress CVE-2021-4351 (The Frontend File Manager plugin for WordPress is vulnerable to Unauth ...) @@ -93,7 +93,7 @@ CVE-2021-4349 (The Process Steps Template Designer plugin for WordPress is vulne CVE-2021-4348 (The Ultimate GDPR & CCPA plugin for WordPress is vulnerable to unauthe ...) NOT-FOR-US: Ultimate GDPR & CCPA plugin for WordPress CVE-2021-4347 (The function update_shipment_status_email_status_fun in the plugin Adv ...) - TODO: check + NOT-FOR-US: WooCommerce plugin CVE-2021-4346 (The uListing plugin for WordPress is vulnerable to Unauthenticated Arb ...) NOT-FOR-US: uListing plugin for WordPress CVE-2021-4345 (The uListing plugin for WordPress is vulnerable to authorization bypas ...) @@ -103,7 +103,7 @@ CVE-2021-4344 (The Frontend File Manager plugin for WordPress is vulnerable to P CVE-2021-4343 (The Unauthenticated Account Creation plugin for WordPress is vulnerabl ...) NOT-FOR-US: Unauthenticated Account Creation plugin for WordPress CVE-2021-4342 (Over 70 plugins and themes were vulnerable to Cross-Site Request Forge ...) - TODO: check + NOT-FOR-US: WordPress plugins CVE-2021-4341 (The uListing plugin for WordPress is vulnerable to authorization bypas ...) NOT-FOR-US: uListing plugin for WordPress CVE-2021-4340 (The uListing plugin for WordPress is vulnerable to generic SQL Injecti ...) @@ -115,27 +115,27 @@ CVE-2021-4338 (The 404 to 301 plugin for WordPress is vulnerable to authorizatio CVE-2020-36731 (The Flexible Checkout Fields for WooCommerce plugin for WordPress is ...) NOT-FOR-US: Flexible Checkout Fields for WooCommerce plugin for WordPress CVE-2020-36730 (The CMP for WordPress is vulnerable to authorization bypass due to a m ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2020-36729 (The 2J-SlideShow Plugin for WordPress is vulnerable to authorization b ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2020-36727 (The Newsletter Manager plugin for WordPress is vulnerable to insecure ...) NOT-FOR-US: Newsletter Manager plugin for WordPress CVE-2020-36726 (The Ultimate Reviews plugin for WordPress is vulnerable to PHP Object ...) NOT-FOR-US: Ultimate Reviews plugin for WordPress CVE-2020-36725 (The TI WooCommerce Wishlist and TI WooCommerce Wishlist Pro plugins fo ...) - TODO: check + NOT-FOR-US: WooCommerce plugin CVE-2020-36724 (The Wordable plugin for WordPress is vulnerable to authentication bypa ...) NOT-FOR-US: Wordable plugin for WordPress CVE-2020-36723 (The ListingPro - WordPress Directory & Listing Theme for WordPress is ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2020-36722 (The Visual Composer plugin for WordPress is vulnerable to Cross-Site S ...) NOT-FOR-US: Visual Composer plugin for WordPress CVE-2020-36721 (The Brilliance <= 1.2.7, Activello <= 1.4.0, and Newspaper X <= 1.3.1 ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2020-36720 (The Kali Forms plugin for WordPress is vulnerable to Authenticated Opt ...) NOT-FOR-US: Kali Forms plugin for WordPress CVE-2020-36719 (The ListingPro - WordPress Directory & Listing Theme for WordPress is ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2020-36718 (The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to ...) NOT-FOR-US: GDPR CCPA Compliance Support plugin for WordPress CVE-2020-36717 (The Kali Forms plugin for WordPress is vulnerable to Cross-Site Reques ...) @@ -155,11 +155,11 @@ CVE-2020-36710 (The WPS Hide Login plugin for WordPress is vulnerable to login p CVE-2020-36709 (The Page Builder: KingComposer plugin for WordPress is vulnerable to S ...) NOT-FOR-US: Page Builder: KingComposer plugin for WordPress CVE-2020-36708 (The following themes for WordPress are vulnerable to Function Injectio ...) - TODO: check + NOT-FOR-US: WordPress theme CVE-2020-36707 (The Coming Soon & Maintenance Mode Page plugin for WordPress is vulner ...) NOT-FOR-US: Coming Soon & Maintenance Mode Page plugin for WordPress CVE-2020-36704 (The Fruitful Theme for WordPress is vulnerable to Stored Cross-Site Sc ...) - TODO: check + NOT-FOR-US: WordPress theme CVE-2020-36703 (The Elementor Website Builder plugin for WordPress is vulnerable to St ...) NOT-FOR-US: Elementor Website Builder plugin for WordPress CVE-2020-36702 (The Ultimate Addons for Gutenberg plugin for WordPress is vulnerable t ...) @@ -169,7 +169,7 @@ CVE-2020-36701 (The Page Builder: KingComposer plugin for WordPress is vulnerabl CVE-2020-36700 (The Page Builder: KingComposer plugin for WordPress is vulnerable to a ...) NOT-FOR-US: Page Builder: KingComposer plugin for WordPress CVE-2020-36699 (The Quick Page/Post Redirect Plugin for WordPress is vulnerable to aut ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2020-36697 (The WP GDPR plugin for WordPress is vulnerable to authorization bypass ...) NOT-FOR-US: WP GDPR plugin for WordPress CVE-2020-36696 (The Product Input Fields for WooCommerce plugin for WordPress is vulne ...) @@ -193,7 +193,7 @@ CVE-2019-25144 (The WP HTML Mail plugin for WordPress is vulnerable to HTML inje CVE-2019-25143 (The GDPR Cookie Compliance plugin for WordPress is vulnerable to autho ...) NOT-FOR-US: GDPR Cookie Compliance plugin for WordPress CVE-2019-25142 (The Mesmerize & Materialis themes for WordPress are vulnerable to auth ...) - TODO: check + NOT-FOR-US: WordPress themes CVE-2019-25141 (The Easy WP SMTP plugin for WordPress is vulnerable to authorization b ...) NOT-FOR-US: Easy WP SMTP plugin for WordPress CVE-2019-25140 (The WordPress Coming Soon Page & Maintenance Mode plugin for WordPress ...) @@ -4467,7 +4467,7 @@ CVE-2023-2185 CVE-2023-2184 RESERVED CVE-2023-2183 (Grafana is an open-source platform for monitoring and observability. ...) - TODO: check + - grafana <removed> CVE-2023-2182 (An issue has been discovered in GitLab EE affecting all versions start ...) - gitlab <not-affected> (Specific to EE) CVE-2023-2181 (An issue has been discovered in GitLab affecting all versions before 1 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1716b84046f9c4b2fa6dd386e22d4e9f3644e58 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1716b84046f9c4b2fa6dd386e22d4e9f3644e58 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits