Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1001e73a by Salvatore Bonaccorso at 2023-07-12T10:57:36+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,45 +1,45 @@ CVE-2023-3525 (The Getnet Argentina para Woocommerce plugin for WordPress is vulnerab ...) - TODO: check + NOT-FOR-US: Getnet Argentina para Woocommerce plugin for WordPress CVE-2023-3369 (The About Me 3000 widget plugin for WordPress is vulnerable to Stored ...) - TODO: check + NOT-FOR-US: About Me 3000 widget plugin for WordPress CVE-2023-3202 (The MStore API plugin for WordPress is vulnerable to Cross-Site Reques ...) - TODO: check + NOT-FOR-US: MStore API plugin for WordPress CVE-2023-3199 (The MStore API plugin for WordPress is vulnerable to Cross-Site Reques ...) - TODO: check + NOT-FOR-US: MStore API plugin for WordPress CVE-2023-3168 (The WP Reroute Email plugin for WordPress is vulnerable to Stored Cros ...) - TODO: check + NOT-FOR-US: WP Reroute Email plugin for WordPress CVE-2023-3167 (The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site ...) - TODO: check + NOT-FOR-US: Mail Queue plugin for WordPress CVE-2023-3166 (The Lana Email Logger plugin for WordPress is vulnerable to Stored Cro ...) - TODO: check + NOT-FOR-US: Lana Email Logger plugin for WordPress CVE-2023-3158 (The Mail Control plugin for WordPress is vulnerable to Stored Cross-Si ...) - TODO: check + NOT-FOR-US: Mail Control plugin for WordPress CVE-2023-3135 (The Mailtree Log Mail plugin for WordPress is vulnerable to Stored Cro ...) - TODO: check + NOT-FOR-US: Mailtree Log Mail plugin for WordPress CVE-2023-3127 (An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iS ...) TODO: check CVE-2023-3122 (The GD Mail Queue plugin for WordPress is vulnerable to Stored Cross-S ...) - TODO: check + NOT-FOR-US: GD Mail Queue plugin for WordPress CVE-2023-3105 (The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direc ...) - TODO: check + NOT-FOR-US: LearnDash LMS plugin for WordPress CVE-2023-3093 (The YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Sc ...) - TODO: check + NOT-FOR-US: YaySMTP plugin for WordPress CVE-2023-3092 (The SMTP Mail plugin for WordPress is vulnerable to Stored Cross-Site ...) - TODO: check + NOT-FOR-US: SMTP Mail plugin for WordPress CVE-2023-3088 (The WP Mail Log plugin for WordPress is vulnerable to Stored Cross-Sit ...) - TODO: check + NOT-FOR-US: WP Mail Log plugin for WordPress CVE-2023-3087 (The FluentSMTP plugin for WordPress is vulnerable to Stored Cross-Site ...) - TODO: check + NOT-FOR-US: FluentSMTP plugin for WordPress CVE-2023-3082 (The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site ...) - TODO: check + NOT-FOR-US: Post SMTP plugin for WordPress CVE-2023-3081 (The WP Mail Logging plugin for WordPress is vulnerable to Stored Cross ...) - TODO: check + NOT-FOR-US: WP Mail Logging plugin for WordPress CVE-2023-3080 (The WP Mail Catcher plugin for WordPress is vulnerable to Stored Cross ...) - TODO: check + NOT-FOR-US: WP Mail Catcher plugin for WordPress CVE-2023-3023 (The WP EasyCart plugin for WordPress is vulnerable to time-based SQL I ...) - TODO: check + NOT-FOR-US: WP EasyCart plugin for WordPress CVE-2023-3011 (The ARMember plugin for WordPress is vulnerable to Cross-Site Request ...) - TODO: check + NOT-FOR-US: ARMember plugin for WordPress CVE-2023-37767 (GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a seg ...) TODO: check CVE-2023-37766 (GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a seg ...) @@ -61,7 +61,7 @@ CVE-2023-37174 (GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain CVE-2023-32200 (There is insufficient restrictions of called script functions in Apach ...) TODO: check CVE-2023-2869 (The WP-Members Membership plugin for WordPress is vulnerable to unauth ...) - TODO: check + NOT-FOR-US: WP-Members Membership plugin for WordPress CVE-2023-2763 (Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vul ...) TODO: check CVE-2023-2762 (A Use-After-Free vulnerability in SLDPRT file reading procedure exists ...) @@ -71,59 +71,59 @@ CVE-2023-2562 (The Gallery Metabox for WordPress is vulnerable to unauthorized a CVE-2023-2561 (The Gallery Metabox for WordPress is vulnerable to unauthorized modifi ...) TODO: check CVE-2023-2517 (The Metform Elementor Contact Form Builder plugin for WordPress is vul ...) - TODO: check + NOT-FOR-US: Metform Elementor Contact Form Builder plugin for WordPress CVE-2021-4427 (The Vuukle Comments, Reactions, Share Bar, Revenue plugin for WordPres ...) - TODO: check + NOT-FOR-US: Vuukle Comments, Reactions, Share Bar, Revenue plugin for WordPress CVE-2021-4426 (The Absolute Reviews plugin for WordPress is vulnerable to Cross-Site ...) - TODO: check + NOT-FOR-US: Absolute Reviews plugin for WordPress CVE-2021-4425 (The Defender Security plugin for WordPress is vulnerable to Cross-Site ...) - TODO: check + NOT-FOR-US: Defender Security plugin for WordPress CVE-2021-4424 (The Slider Hero plugin for WordPress is vulnerable to Cross-Site Reque ...) - TODO: check + NOT-FOR-US: Slider Hero plugin for WordPress CVE-2021-4423 (The RAYS Grid plugin for WordPress is vulnerable to Cross-Site Request ...) - TODO: check + NOT-FOR-US: RAYS Grid plugin for WordPress CVE-2021-4422 (The POST SMTP Mailer plugin for WordPress is vulnerable to Cross-Site ...) - TODO: check + NOT-FOR-US: POST SMTP Mailer plugin for WordPress CVE-2021-4421 (The Advanced Popups plugin for WordPress is vulnerable to Cross-Site R ...) - TODO: check + NOT-FOR-US: Advanced Popups plugin for WordPress CVE-2021-4420 (The Sell Media plugin for WordPress is vulnerable to Cross-Site Reques ...) - TODO: check + NOT-FOR-US: Sell Media plugin for WordPress CVE-2021-4419 (The WP-Backgrounds Lite plugin for WordPress is vulnerable to Cross-Si ...) - TODO: check + NOT-FOR-US: WP-Backgrounds Lite plugin for WordPress CVE-2021-4417 (The Forminator \u2013 Contact Form, Payment Form & Custom Form Builder ...) - TODO: check + NOT-FOR-US: Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress CVE-2021-4416 (The wp-mpdf plugin for WordPress is vulnerable to Cross-Site Request F ...) - TODO: check + NOT-FOR-US: wp-mpdf plugin for WordPress CVE-2021-4415 (The Sunshine Photo Cart plugin for WordPress is vulnerable to Cross-Si ...) - TODO: check + NOT-FOR-US: Sunshine Photo Cart plugin for WordPress CVE-2021-4414 (The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulner ...) - TODO: check + NOT-FOR-US: Abandoned Cart Lite for WooCommerce plugin for WordPress CVE-2021-4413 (The Process Steps Template Designer plugin for WordPress is vulnerable ...) - TODO: check + NOT-FOR-US: Process Steps Template Designer plugin for WordPress CVE-2021-4412 (The WP Prayer plugin for WordPress is vulnerable to Cross-Site Request ...) - TODO: check + NOT-FOR-US: WP Prayer plugin for WordPress CVE-2021-4411 (The WP EasyPay \u2013 Square for WordPress plugin for WordPress is vul ...) - TODO: check + NOT-FOR-US: WP EasyPay – Square for WordPress plugin for WordPress CVE-2021-4410 (The Qtranslate Slug plugin for WordPress is vulnerable to Cross-Site R ...) - TODO: check + NOT-FOR-US: Qtranslate Slug plugin for WordPress CVE-2021-4409 (The WooCommerce Etsy Integration plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: WooCommerce Etsy Integration plugin for WordPress CVE-2021-4408 (The DW Question & Answer plugin for WordPress is vulnerable to Cross-S ...) - TODO: check + NOT-FOR-US: DW Question & Answer plugin for WordPress CVE-2021-4407 (The Custom Banners plugin for WordPress is vulnerable to Cross-Site Re ...) - TODO: check + NOT-FOR-US: Custom Banners plugin for WordPress CVE-2020-36761 (The Top 10 plugin for WordPress is vulnerable to Cross-Site Request Fo ...) - TODO: check + NOT-FOR-US: Top 10 plugin for WordPress CVE-2020-36760 (The Ocean Extra plugin for WordPress is vulnerable to Cross-Site Reque ...) - TODO: check + NOT-FOR-US: Ocean Extra plugin for WordPress CVE-2020-36757 (The WP Hotel Booking plugin for WordPress is vulnerable to Cross-Site ...) - TODO: check + NOT-FOR-US: WP Hotel Booking plugin for WordPress CVE-2020-36756 (The 10WebAnalytics plugin for WordPress is vulnerable to Cross-Site Re ...) - TODO: check + NOT-FOR-US: 10WebAnalytics plugin for WordPress CVE-2020-36752 (The Coming Soon & Maintenance Mode Page plugin for WordPress is vulner ...) - TODO: check + NOT-FOR-US: Coming Soon & Maintenance Mode Page plugin for WordPress CVE-2020-36750 (The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-S ...) - TODO: check + NOT-FOR-US: EWWW Image Optimizer plugin for WordPress CVE-2023-37579 NOT-FOR-US: Apache Pulsar CVE-2023-3627 (Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/su ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1001e73ab172b58f840c6f53899c7e5a280e5779 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1001e73ab172b58f840c6f53899c7e5a280e5779 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits