Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
81e48f63 by security tracker role at 2025-05-16T08:13:03+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,45 +1,45 @@
CVE-2025-4759 (Versions of the package lockfile-lint-api before 5.9.2 are
vulnerable ...)
TODO: check
CVE-2025-4757 (A vulnerability was found in PHPGurukul Beauty Parlour
Management Syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4756 (A vulnerability was found in D-Link DI-7003GV2 24.04.18D1
R(68125). It ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4755 (A vulnerability was found in D-Link DI-7003GV2 24.04.18D1
R(68125). It ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4753 (A vulnerability was found in D-Link DI-7003GV2 24.04.18D1
R(68125) and ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4752 (A vulnerability has been found in D-Link DI-7003GV2 24.04.18D1
R(68125 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4751 (A vulnerability, which was classified as problematic, was found
in D-L ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4750 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4749 (A vulnerability classified as critical was found in D-Link
DI-7003GV2 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4747 (A vulnerability was found in Bohua NetDragon Firewall 1.0 and
classifi ...)
TODO: check
CVE-2025-4746 (A vulnerability has been found in Campcodes Sales and Inventory
System ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4745 (A vulnerability, which was classified as problematic, was found
in cod ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4744 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4743 (A vulnerability classified as critical was found in
code-projects Empl ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4742 (A vulnerability classified as problematic has been found in
XU-YIJIE g ...)
TODO: check
CVE-2025-4741 (A vulnerability was found in Campcodes Sales and Inventory
System 1.0. ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4740 (A vulnerability was found in BeamCtrl Airiana up to 11.0. It
has been ...)
TODO: check
CVE-2025-4739 (A vulnerability was found in projectworlds Hospital Database
Managemen ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-4736 (A vulnerability was found in PHPGurukul Daily Expense Tracker
1.1 and ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4735 (A vulnerability has been found in Campcodes Sales and Inventory
System ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4734 (A vulnerability, which was classified as critical, was found in
Campco ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4733 (A vulnerability, which was classified as critical, has been
found in T ...)
TODO: check
CVE-2025-4732 (A vulnerability classified as critical was found in TOTOLINK
A3002R an ...)
@@ -51,31 +51,31 @@ CVE-2025-4730 (A vulnerability was found in TOTOLINK A3002R
and A3002RU 3.0.0-B2
CVE-2025-4729 (A vulnerability was found in TOTOLINK A3002R and A3002RU
3.0.0-B202308 ...)
TODO: check
CVE-2025-4728 (A vulnerability was found in SourceCodester Best Online News
Portal 1. ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4727 (A vulnerability was found in Meteor up to 3.2.1 and classified
as prob ...)
TODO: check
CVE-2025-4726 (A vulnerability has been found in itsourcecode Placement
Management Sy ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4725 (A vulnerability, which was classified as critical, was found in
itsour ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4724 (A vulnerability, which was classified as critical, has been
found in i ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4723 (A vulnerability classified as critical was found in
itsourcecode Place ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4722 (A vulnerability classified as critical has been found in
itsourcecode ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4721 (A vulnerability was found in itsourcecode Placement Management
System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4720 (A vulnerability was found in SourceCodester Student Result
Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4719 (A vulnerability was found in Campcodes Sales and Inventory
System 1.0 ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4718 (A vulnerability has been found in Campcodes Sales and Inventory
System ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4209
REJECTED
CVE-2025-4169 (The Posts per Cat [Unmaintained plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48175 (In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has
integer o ...)
TODO: check
CVE-2025-48174 (In libavif before 1.3.0, makeRoom in stream.c has an integer
overflow ...)
@@ -93,429 +93,429 @@ CVE-2025-47287 (Tornado is a Python web framework and
asynchronous networking li
CVE-2025-47275 (Auth0-PHP provides the PHP SDK for Auth0 Authentication and
Management ...)
TODO: check
CVE-2025-3624 (Missing Authorization vulnerability in Hitachi Ops Center
Analyzer (Hi ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2025-3516 (The Simple Lightbox WordPress plugin before 2.9.4 does not
validate an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3201 (The Contact Form builder with drag & drop for WordPress
WordPress plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-2248 (The WP-PManager WordPress plugin through 1.2 does not sanitize
and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-2247 (The WP-PManager WordPress plugin through 1.2 does not have CSRF
check ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-2203 (The FunnelKit WordPress plugin before 3.10.2 does not sanitize
and es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1531 (Authentication credentials leakage vulnerability in Hitachi
Ops Cente ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2025-1454 (The Ninja Pages WordPress plugin through 1.4.2 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1303 (The Plugin Oficial WordPress plugin through 1.7.3 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1289 (The Plugin Oficial WordPress plugin through 1.7.3 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1288 (The WOOEXIM WordPress plugin through 5.0.0 does not have CSRF
check i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1286 (The Download HTML TinyMCE Button WordPress plugin through 1.2
does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1245 (Bypass Connection Restriction vulnerability in Hitachi
Infrastructure ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2025-1138 (IBM InfoSphere Information Server 11.7 could disclose sensitive
inform ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1033 (The Badgearoo WordPress plugin through 1.0.14 does not sanitise
and es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0921 (Execution with Unnecessary Privileges vulnerability in the
Pager agent ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2025-0688 (The Spiritual Gifts Survey (and optional S.H.A.P.E survey)
WordPress p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0687 (The Spiritual Gifts Survey (and optional S.H.A.P.E survey)
WordPress p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0329 (The AI ChatBot for WordPress WordPress plugin before 6.2.4
does not s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9882 (The Salon Booking System, Appointment Scheduling for Salons,
Spas & Sm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9879 (The Melapress File Monitor WordPress plugin before 2.1.1 does
not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9838 (The Auto Affiliate Links WordPress plugin before 6.4.7 does not
saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9831 (The Taskbuilder WordPress plugin before 3.0.9 does not
sanitize and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9765 (The EKC Tournament Manager WordPress plugin before 2.2.2 allows
a logg ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9711 (The EKC Tournament Manager WordPress plugin before 2.2.2 does
not have ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9709 (The EKC Tournament Manager WordPress plugin before 2.2.2 does
not have ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9663 (The CYAN Backup WordPress plugin before 2.5.3 does not sanitise
and es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9662 (The CYAN Backup WordPress plugin before 2.5.3 does not sanitise
and es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9645 (The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post
Masonry ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9599 (The Popup Box WordPress plugin before 4.7.8 does not sanitise
and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9450 (The Free Booking Plugin for Hotels, Restaurants and Car Rentals
WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9390 (The RegistrationMagic WordPress plugin before 6.0.2.1 does not
saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9238 (The AVIF Uploader WordPress plugin before 1.1.1 does not
sanitise uplo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9236 (The Team WordPress plugin before 4.4.2 does not sanitise and
escape s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9233 (The Logo Slider WordPress plugin before 3.7.1 does not have
CSRF chec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9227 (The PowerPress Podcasting plugin by Blubrry WordPress plugin
before 11 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9182 (The Maspik WordPress plugin before 2.1.3 does not sanitise and
escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8854 (The Polls CP WordPress plugin before 1.0.77 does not sanitise
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8851 (The Polls CP WordPress plugin before 1.0.77 does not sanitise
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8759 (The Nested Pages WordPress plugin before 3.2.9 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8703 (The Z-Downloads WordPress plugin before 1.11.6 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8702 (The Backup Database WordPress plugin through 4.9 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8701 (The events-calendar WordPress plugin through 1.0.4 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8700 (The Event Calendar WordPress plugin through 1.0.4 does not
check for a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8699 (The Z-Downloads WordPress plugin before 1.11.5 does not
properly valid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8673 (The Z-Downloads WordPress plugin before 1.11.7 does not
properly valid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8670 (The Photo Gallery by 10Web WordPress plugin before 1.8.29 does
not sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8620 (The MapPress Maps for WordPress plugin before 2.93 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8619 (The Ajax Search Lite WordPress plugin before 4.12.3 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8618 (The Page Builder: Pagelayer WordPress plugin before 1.9.0 does
not sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8617 (The Quiz Maker WordPress plugin before 6.5.9.9 does not
sanitize and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8542 (The Everest Forms WordPress plugin before 3.0.3.1 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8493 (The Events Calendar WordPress plugin before 6.6.4 does not
sanitise an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8492 (The Hustle WordPress plugin through 7.8.5 does not sanitise
and escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8426 (The Page Builder: Pagelayer WordPress plugin before 1.8.8 does
not sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8398 (The Simple Nav Archives WordPress plugin through 2.1.3 does not
have C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8397 (The webtoffee-gdpr-cookie-consent WordPress plugin before 2.6.1
does n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8286 (The webtoffee-gdpr-cookie-consent WordPress plugin before 2.6.1
does n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8284 (The Download Manager WordPress plugin before 3.2.99 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8245 (The GamiPress WordPress plugin before 1.0.1 does not have CSRF
check ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8201 (Cross-Site WebSocket Hijackingvulnerability in Hitachi Ops
Center Anal ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-8187 (The Smart Post Show WordPress plugin before 3.0.1 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8095 (The BabelZ WordPress plugin through 1.1.5 does not have CSRF
check in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8094 (The Ntz Antispam WordPress plugin through 2.0e does not have
CSRF chec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8090 (The JavaScript Logic WordPress plugin through 0.1 does not have
CSRF c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8085 (The PeoplePond WordPress plugin through 1.1.9 does not have
CSRF check ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8082 (The Widgets Reset WordPress plugin through 0.1 does not have
CSRF chec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8050 (The Custom Author Base WordPress plugin through 1.1.1 does not
have CS ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8032 (The Smooth Gallery Replacement WordPress plugin through 1.0
does not h ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8031 (The Secure Downloads WordPress plugin before 1.2.3 is
vulnerable does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8009 (The Sensei LMS WordPress plugin before 4.20.0 disclose all
users of t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-7984 (The Joy Of Text Lite WordPress plugin through 2.3.1 does not
have CSR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-7769 (The ClickSold IDX WordPress plugin through 1.90 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-7762 (The Simple Job Board WordPress plugin before 2.12.6 does not
prevent u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-7761 (In the process of testing the Simple Job Board WordPress plugin
before ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-7759 (The PWA for WP WordPress plugin before 1.7.72 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-7758 (The Stylish Price List WordPress plugin before 7.1.8 does not
sanitis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-7556 (The Simple Share WordPress plugin through 0.5.3 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6809 (The Simple Video Directory WordPress plugin before 1.4.3 does
not prop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6798 (The DL Verification WordPress plugin through 1.2 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6797 (The DL Robots.txt WordPress plugin through 1.2 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6719 (The Offload Videos WordPress plugin before 1.0.1 does not have
CSRF c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6718 (The PVN Auth Popup WordPress plugin through 1.0.0 does not
validate an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6713 (The PVN Auth Popup WordPress plugin through 1.0.0 does not
sanitise an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6712 (The MapFig Studio WordPress plugin through 0.2.1 does not have
CSRF ch ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6711 (The Event Tickets with Ticket Scanner WordPress plugin before
2.3.8 do ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6708 (The User Profile Builder WordPress plugin before 3.12.2 does
not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6693 (The wccp-pro WordPress plugin before 15.3 does not sanitise and
escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6690 (The wccp-pro WordPress plugin before 15.3 contains an
open-redirect fl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6668 (The ProfilePro WordPress plugin through 1.3 does not sanitise
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6667 (The KBucket: Your Curated Content in WordPress plugin before
4.1.5 doe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6665 (The KBucket: Your Curated Content in WordPress plugin before
4.1.6 doe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6584 (The 'wp_ajax_boost_proxy_ig' action allows administrators to
make GET ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6486 (The ImageMagick Engine ImageMagick Engine WordPress plugin
before 1.7. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6478 (The CTT Expresso para WooCommerce WordPress plugin before
3.2.13 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6462 (The DL Yandex Metrika WordPress plugin through 1.2 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6335 (The Tracking Code Manager WordPress plugin before 2.3.0 does
not sanit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6159 (The Push Notification for Post and BuddyPress WordPress plugin
before ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5440 (The If-So Dynamic Content Personalization WordPress plugin
before 1.8. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5026 (The CM Tooltip Glossary WordPress plugin before 4.3.4 does not
sanitis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53827 (Ericsson Packet Core Controller (PCC) contains a vulnerability
where a ...)
TODO: check
CVE-2024-51475 (IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable
to HTML ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-4665 (The EventPrime WordPress plugin before 3.5.0 does not properly
valida ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4091 (The Responsive Gallery Grid WordPress plugin before 2.3.15 does
not sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4004 (The Advanced Cron Manager WordPress plugin before 2.5.7 does
not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4002 (The Carousel, Slider, Gallery by WP Carousel WordPress plugin
before ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3996 (The Smart Post Show WordPress plugin before 2.4.28 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3901 (The Genesis Blocks WordPress plugin through 3.1.3 does not
properly es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3062 (The Save as Image Plugin by Pdfcrowd WordPress plugin before
3.2.2 doe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2869 (The Easy Property Listings WordPress plugin before 3.5.4 does
not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2643 (The Floating Notification Bar, Sticky Menu on Scroll,
Announcement Ban ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1663 (The Ultimate Noindex Nofollow Tool II WordPress plugin before
1.3.6 do ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13865 (The S3Player WordPress plugin through 4.2.1 does not sanitise
and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13828 (The Badgearoo WordPress plugin through 1.0.14 does not
sanitise and es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13823 (The 360 Product Rotation WordPress plugin through 1.5.8 does
not sanit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13730 (The Podlove Podcast Publisher WordPress plugin before 4.2.1
does not s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13729 (The Podlove Podcast Publisher WordPress plugin before 4.1.24
does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13727 (The MemberSpace WordPress plugin before 2.1.14 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13621 (The GDPR Framework By Data443 WordPress plugin before 2.2.0
does not s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13619 (The LifterLMS WordPress plugin before 8.0.1 does not sanitise
and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13616 (The VikBooking Hotel Booking Engine & PMS WordPress plugin
before 1.7. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13486 (The Icegram Engage WordPress plugin before 3.1.32 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13482 (The Icegram Engage WordPress plugin before 3.1.32 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13384 (The Photo Gallery, Images, Slider in Rbs Image Gallery
WordPress plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13383 (The HD Quiz WordPress plugin before 2.0.0 does not sanitise
and escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13382 (The Calculated Fields Form WordPress plugin before 5.2.64 does
not san ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13357 (The Ditty WordPress plugin before 3.1.52 does not sanitise
and escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13313 (The AWeber WordPress plugin through 7.3.20 does not sanitise
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13128 (The LearnPress WordPress plugin before 4.2.7.5.1 does not
sanitise an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13127 (The LearnPress WordPress plugin before 4.2.7.5.1 does not
sanitise an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13053 (The Form Maker by 10Web WordPress plugin before 1.15.33 does
not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12874 (The Top Comments WordPress plugin through 1.0 does not
sanitise and es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12873 (The Custom Field Manager WordPress plugin through 1.0 does not
sanitis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12812 (The WP ERP | Complete HR solution with recruitment & job
listings | Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12808 (The WP ERP | Complete HR solution with recruitment & job
listings | Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12800 (The IP Based Login WordPress plugin before 2.4.1 does not
sanitise val ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12770 (The WP ULike WordPress plugin before 4.7.6 does not sanitise
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12767 (The buddyboss-platform WordPress plugin before 2.7.60 lacks
proper acc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12750 (The Competition Form WordPress plugin through 2.0 does not
have CSRF c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12743 (The MailPoet WordPress plugin before 5.5.2 does not sanitise
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12739 (The Mobile Contact Bar WordPress plugin before 3.0.5 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12735 (The Advance Post Prefix WordPress plugin through 1.1.1 does
not saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12734 (The Advance Post Prefix WordPress plugin through 1.1.1,
Advance Post P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12733 (The AffiliateImporterEb WordPress plugin through 1.0.6 does
not saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12732 (The AffiliateImporterEb WordPress plugin through 1.0.6 does
not saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12726 (The ClipArt WordPress plugin through 0.2 does not sanitise and
escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12725 (The Clasify Classified Listing WordPress plugin through 1.0.7
does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12724 (The WP DeskLite WordPress plugin through 1.0.0 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12722 (The Twitter Bootstrap Collapse aka Accordian Shortcode
WordPress plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12716 (The Simple Basic Contact Form WordPress plugin before 20250114
does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12680 (The Prisna GWT WordPress plugin before 1.4.14 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12679 (The Prisna GWT WordPress plugin before 1.4.14 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12301 (The JSP Store Locator WordPress plugin through 1.0 does not
have CSRF ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12282 (The WordPress\u8fde\u63a5\u5fae\u535a WordPress plugin through
2.5.6 d ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11843 (The Panorama WordPress plugin through 1.5.1 does not sanitise
and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11719 (The tarteaucitron-wp WordPress plugin before 0.3.0 does not
have CSRF ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11718 (The tarteaucitron-wp WordPress plugin before 0.3.0 allows
author level ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11502 (The Planning Center Online Giving WordPress plugin through
1.0.0 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11373 (The Connexion Logs WordPress plugin through 3.0.2 does not
have CSRF c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11372 (The Connexion Logs WordPress plugin through 3.0.2 does not
sanitize an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11269 (The AHAthat Plugin WordPress plugin through 1.6 does not
sanitize and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11267 (The JSP Store Locator WordPress plugin through 1.0 does not
sanitize a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11266 (The Geocache Stat Bar Widget WordPress plugin through 0.911
does not s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11221 (The Full Screen (Page) Background Image Slideshow WordPress
plugin thr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11190 (The jwp-a11y WordPress plugin through 4.1.7 does not sanitise
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11189 (The Social Share And Social Locker WordPress plugin before
1.4.2 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11141 (The Sailthru Triggermail WordPress plugin through 1.1 does not
sanitis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11140 (The Real WP Shop Lite Ajax eCommerce Shopping Cart WordPress
plugin th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11109 (The WP Google Review Slider WordPress plugin before 15.6 does
not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10818 (The JSFiddle Shortcode WordPress plugin before 1.1.3 does not
validate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10677 (The BTEV WordPress plugin through 2.0.2 does not have CSRF
check in pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10639 (The Auto Prune Posts WordPress plugin before 3.0.0 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10634 (The Nokaut Offers Box WordPress plugin through 1.4.0 does not
have CSR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10632 (The Nokaut Offers Box WordPress plugin through 1.4.0 does not
sanitize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10631 (The Countdown Timer for WordPress Block Editor WordPress
plugin throug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10504 (The Contact Form, Survey, Quiz & Popup Form Builder WordPress
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10475 (The Responsive Contact Form Builder & Lead Generation Plugin
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10362 (The Social Media Share Buttons & Social Sharing Icons
WordPress plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10149 (The Social Slider Feed WordPress plugin before 2.2.9 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10145 (The Hubbub Lite WordPress plugin before 1.34.4 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10144 (The Photo Gallery, Images, Slider in Rbs Image Gallery
WordPress plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10143 (The MB Custom Post Types & Custom Taxonomies WordPress plugin
before 2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10107 (The Giveaways and Contests by RafflePress WordPress plugin
before 1.1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10098 (The ApplyOnline WordPress plugin before 2.6.3 does not
protect upload ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10076 (The Jetpack WordPress plugin before 13.8, Jetpack Boost
WordPress pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10075 (The Jetpack WordPress plugin before 13.8 does not ensure that
the pos ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10054 (The Happyforms WordPress plugin before 1.26.3 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10009 (The Melapress File Monitor WordPress plugin before 2.1.0 does
not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0970 (This User Activity Tracking and Log WordPress plugin before
4.1.4 retr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0852 (The coreActivity: Activity Logging for WordPress plugin before
1.8.1 d ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0249 (The Advanced Schedule Posts WordPress plugin through 2.1.8 does
not sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7297 (The TwitterPosts WordPress plugin through 1.0.2 does not have
CSRF che ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7239 (The WP Dashboard Notes WordPress plugin before 1.0.11 does not
validat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7231 (The illi Link Party! WordPress plugin through 1.0 lacks proper
access ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7230 (The illi Link Party! WordPress plugin through 1.0 does not
sanitize an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7229 (The illi Link Party! WordPress plugin through 1.0 does not have
CSRF c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7228 (The illi Link Party! WordPress plugin through 1.0 does not
sanitise an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7197 (The Marketing Twitter Bot WordPress plugin through 1.11 does
not have ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7196 (The Ultimate Noindex Nofollow Tool WordPress plugin through
1.1.2 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7195 (The WP-Reply Notify WordPress plugin through 1.1 does not have
a CSRF ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7174 (The aBitGone CommentSafe WordPress plugin through 1.0.0 does
not have ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7168 (The Better Follow Button for Jetpack WordPress plugin through
8.0 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7088 (The Add SVG Support for Media Uploader | inventivo WordPress
plugin th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7086 (The SVG Uploads Support WordPress plugin through 2.1.1 does not
saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6786 (The Payment Gateway for Telcell WordPress plugin through 2.0.1
does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6783 (The WolfNet IDX for WordPress plugin through 1.19.1 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6541 (The Allow SVG WordPress plugin before 1.2.0 does not sanitize
uploaded ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6030 (The LogDash Activity Log WordPress plugin before 1.1.4 hooks
the wp_lo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5934 (The Travelpayouts: All Travel Brands in One Place WordPress
plugin bef ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5932 (The Travelpayouts: All Travel Brands in One Place WordPress
plugin bef ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5529 (The Advanced Page Visit Counter WordPress plugin before 8.0.6
does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2334 (The edd-google-sheet-connector-pro WordPress plugin before 1.4,
Easy D ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4476 [libsoup: Null pointer dereference in libsoup may lead to Denial
Of Service]
NOTE: Looks like a dupe of CVE-2025-32910
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2366513
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81e48f636548c237c38713eb230da6b5d06e6ed6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81e48f636548c237c38713eb230da6b5d06e6ed6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
