[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 05 Mar 2025 12:18:23 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
95e8315d by Salvatore Bonaccorso at 2025-03-05T21:17:50+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33,27 +33,27 @@ CVE-2025-20206 (A vulnerability in the interprocess 
communication (IPC) channel
 CVE-2025-1714 (Lack of Rate Limiting in Sign-up workflow in Perforce Gliffy 
prior to  ...)
        TODO: check
 CVE-2025-1702 (The Ultimate Member \u2013 User Profile, Registration, Login, 
Member D ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-1515 (The WP Real Estate Manager plugin for WordPress is vulnerable 
to Authe ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-1463 (The Spreadsheet Integration plugin for WordPress is vulnerable 
to Cros ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-1435 (The bbPress plugin for WordPress is vulnerable to Cross-Site 
Request F ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-1393 (An unauthenticated remote attacker can use hard-coded 
credentials to g ...)
        TODO: check
 CVE-2025-1008 (The Recently Purchased Products For Woo plugin for WordPress is 
vulner ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-0990 (The I Am Gloria plugin for WordPress is vulnerable to 
Cross-Site Reque ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-0956 (The WooCommerce Recover Abandoned Cart plugin for WordPress is 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-0954 (The WP Online Contract plugin for WordPress is vulnerable to 
unauthori ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-8682 (The JNews - WordPress Newspaper Magazine Blog AMP Theme theme 
for Word ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5667 (Multiple plugins for WordPress are vulnerable to Stored 
Cross-Site Scr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-53458 (Sysax Multi Server 6.99 is vulnerable to a denial of service 
(DoS) con ...)
        TODO: check
 CVE-2024-51144 (Cross Site Request Forgery (CSRF) vulnerability exists in the 
'pvmsg.p ...)
@@ -63,61 +63,61 @@ CVE-2024-48246 (Vehicle Management System 1.0 contains a 
Stored Cross-Site Scrip
 CVE-2024-31525 (Peppermint Ticket Management 0.4.6 is vulnerable to Incorrect 
Access C ...)
        TODO: check
 CVE-2024-13866 (The Simple Notification plugin for WordPress is vulnerable to 
Stored C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13839 (The Staff Directory Plugin: Company Directory plugin for 
WordPress is  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13827 (The Razorpay Subscription Button Elementor Plugin plugin for 
WordPress ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13815 (The The Listingo theme for WordPress is vulnerable to 
arbitrary shortc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13811 (The Lafka - Multi Store Burger - Pizza & Food Delivery 
WooCommerce The ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13810 (The Zass - WooCommerce Theme for Handmade Artists and Artisans 
theme f ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13809 (The Hero Slider - WordPress Slider Plugin plugin for WordPress 
is vuln ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13787 (The VEDA - MultiPurpose WordPress Theme theme for WordPress is 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13780 (The Hero Mega Menu - Responsive WordPress Menu Plugin plugin 
for WordP ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13779 (The Hero Mega Menu - Responsive WordPress Menu Plugin plugin 
for WordP ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13778 (The Hero Mega Menu - Responsive WordPress Menu Plugin plugin 
for WordP ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13777 (The ZoomSounds - WordPress Wave Audio Player with Playlist 
plugin for  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13757 (The Master Slider \u2013 Responsive Touch Slider plugin for 
WordPress  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13747 (The WooMail - WooCommerce Email Customizer plugin for 
WordPress is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13471 (The DesignThemes Core Features plugin for WordPress is 
vulnerable to u ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13423 (The Sparkling theme for WordPress is vulnerable to 
unauthorized plugin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13350 (The SearchIQ \u2013 The Search Solution plugin for WordPress 
is vulner ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13232 (The WordPress Awesome Import & Export Plugin - Import & Export 
WordPre ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13147 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        TODO: check
 CVE-2024-12815 (The Point Maker plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12799 (Insufficiently Protected Credentials vulnerability in OpenText 
Identit ...)
        TODO: check
 CVE-2024-12650 (An attacker with low privileges can manipulate the requested 
memory si ...)
        TODO: check
 CVE-2024-12281 (The Homey theme for WordPress is vulnerable to privilege 
escalation in ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12097 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        TODO: check
 CVE-2024-11951 (The Homey Login Register plugin for WordPress is vulnerable to 
privile ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11731 (The Master Slider \u2013 Responsive Touch Slider plugin for 
WordPress  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11216 (Authorization Bypass Through User-Controlled Key, Exposure of 
Private  ...)
        TODO: check
 CVE-2024-11153 (The Content Control \u2013 The Ultimate Content Restriction 
Plugin! Re ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11035 (Carbon Black Cloud Windows Sensor, prior to 4.0.3, may be 
susceptible  ...)
        TODO: check
 CVE-2023-38693 (Lucee Server (or simply Lucee) is a dynamic, Java based, tag 
and scrip ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95e8315d15aea7a3d9ce9115d165cfa65c738895

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95e8315d15aea7a3d9ce9115d165cfa65c738895
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to