Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e906cd73 by Salvatore Bonaccorso at 2021-09-20T22:55:39+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4683,7 +4683,7 @@ CVE-2021-39404
CVE-2021-39403
RESERVED
CVE-2021-39402 (MaianAffiliate v.1.0 is suffers from code injection by adding
a new pr ...)
- TODO: check
+ NOT-FOR-US: MaianAffiliate
CVE-2021-39401
RESERVED
CVE-2021-39400
@@ -21492,7 +21492,7 @@ CVE-2021-32267
CVE-2021-32266
RESERVED
CVE-2021-32265 (An issue was discovered in Bento4 through v1.6.0-637. A
global-buffer- ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2021-32264
RESERVED
CVE-2021-32263 (ok-file-formats through 2021-04-29 has a heap-based buffer
overflow in ...)
@@ -40493,7 +40493,7 @@ CVE-2021-24743
CVE-2021-24742
RESERVED
CVE-2021-24741 (The Support Board WordPress plugin before 3.3.4 does not
escape multip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24740
RESERVED
CVE-2021-24739
@@ -40649,7 +40649,7 @@ CVE-2021-24665 (The WP Video Lightbox WordPress plugin
before 1.9.3 does not esc
CVE-2021-24664
RESERVED
CVE-2021-24663 (The Simple Schools Staff Directory WordPress plugin through
1.1 does n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24662
RESERVED
CVE-2021-24661
@@ -40661,7 +40661,7 @@ CVE-2021-24659
CVE-2021-24658 (The Erident Custom Login and Dashboard WordPress plugin before
3.5.9 d ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24657 (The Limit Login Attempts WordPress plugin before 4.0.50 does
not escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24656
RESERVED
CVE-2021-24655
@@ -40695,17 +40695,17 @@ CVE-2021-24642
CVE-2021-24641
RESERVED
CVE-2021-24640 (The WordPress Slider Block Gutenslider plugin before 5.2.0
does not es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24639 (The OMGF WordPress plugin before 4.5.4 does not enforce path
validatio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24638 (The OMGF WordPress plugin before 4.5.4 does not escape or
validate the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24637 (The Google Fonts Typography WordPress plugin before 3.0.3 does
not esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24636 (The Print My Blog WordPress Plugin before 3.4.2 does not
enforce nonce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24635 (The Visual Link Preview WordPress plugin before 2.2.3 does not
enforce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24634
RESERVED
CVE-2021-24633
@@ -40739,7 +40739,7 @@ CVE-2021-24620 (The WordPress Simple Ecommerce Shopping
Cart Plugin- Sell produc
CVE-2021-24619 (The Per page add to head WordPress plugin through 1.4.4 does
not prope ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24618 (The Donate With QRCode WordPress plugin before 1.4.5 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24617
RESERVED
CVE-2021-24616
@@ -40749,7 +40749,7 @@ CVE-2021-24615
CVE-2021-24614 (The Book appointment online WordPress plugin before 1.39 does
not sani ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24613 (The Post Views Counter WordPress plugin before 1.3.5 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24612
RESERVED
CVE-2021-24611 (The Keyword Meta WordPress plugin through 3.0 does not
sanitise of esc ...)
@@ -40757,17 +40757,17 @@ CVE-2021-24611 (The Keyword Meta WordPress plugin
through 3.0 does not sanitise
CVE-2021-24610
RESERVED
CVE-2021-24609 (The WP Mapa Politico Espana WordPress plugin before 3.7.0 does
not san ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24608
RESERVED
CVE-2021-24607
RESERVED
CVE-2021-24606 (The Availability Calendar WordPress plugin before 1.2.1 does
not escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24605 (The create_post_page AJAX action of the Custom Post View
Generator Wor ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24604 (The Availability Calendar WordPress plugin before 1.2.2 does
not sanit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24603 (The Site Reviews WordPress plugin before 5.13.1 does not
sanitise some ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24602 (The HM Multiple Roles WordPress plugin before 1.3 does not
have any ac ...)
@@ -40775,15 +40775,15 @@ CVE-2021-24602 (The HM Multiple Roles WordPress
plugin before 1.3 does not have
CVE-2021-24601 (The WPFront Notification Bar WordPress plugin before
2.1.0.08087 does ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24600 (The WP Dialog WordPress plugin through 1.2.5.5 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24599 (The Email Encoder – Protect Email Addresses WordPress
plugin bef ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24598
RESERVED
CVE-2021-24597 (The You Shang WordPress plugin through 1.0.1 does not escape
its qrcod ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24596 (The youForms for WordPress plugin through 1.0.5 does not
sanitise esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24595
RESERVED
CVE-2021-24594
@@ -40801,17 +40801,17 @@ CVE-2021-24589
CVE-2021-24588 (The SMS Alert Order Notifications WordPress plugin before
3.4.7 is aff ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24587 (The Splash Header WordPress plugin before 1.20.8 doesn't
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24586 (The Per page add to head WordPress plugin before 1.4.4 is
lacking any ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24585 (The Timetable and Event Schedule WordPress plugin before 2.4.0
outputs ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24584 (The Timetable and Event Schedule WordPress plugin before 2.4.2
does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24583 (The Timetable and Event Schedule WordPress plugin before 2.4.2
does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24582 (The ThinkTwit WordPress plugin before 1.7.1 did not sanitise
or escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24581 (The Blue Admin WordPress plugin through 21.06.01 does not
sanitise or ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24580 (The Side Menu Lite WordPress plugin before 2.2.6 does not
sanitise use ...)
@@ -40915,7 +40915,7 @@ CVE-2021-24532
CVE-2021-24531 (The Charitable – Donation Plugin WordPress plugin before
1.6.51 ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24530 (The Alojapro Widget WordPress plugin through 1.1.15 doesn't
properly s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24529 (The Grid Gallery – Photo Image Grid Gallery WordPress
plugin bef ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24528 (The FluentSMTP WordPress plugin before 2.0.1 does not sanitize
paramet ...)
@@ -40925,7 +40925,7 @@ CVE-2021-24527 (The User Registration & User
Profile – Profile Builder
CVE-2021-24526 (The Form Maker by 10Web – Mobile-Friendly Drag &
Drop Contac ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24525 (The Shortcodes Ultimate WordPress plugin before 5.10.2 allows
users wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24524 (The GiveWP – Donation Plugin and Fundraising Platform
WordPress ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24523 (The Daily Prayer Time WordPress plugin before 2021.08.10 does
not sani ...)
@@ -40953,7 +40953,7 @@ CVE-2021-24513 (The Form Builder | Create Responsive
Contact Forms WordPress plu
CVE-2021-24512 (The Video Posts Webcam Recorder WordPress plugin before 3.2.4
has an a ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24511 (The fetch_product_ajax functionality in the Product Feed on
WooCommerc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24510 (The MF Gig Calendar WordPress plugin through 1.1 does not
sanitise or ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24509 (The Page View Count WordPress plugin before 2.4.9 does not
escape the ...)
@@ -41167,23 +41167,23 @@ CVE-2021-24406 (The wpForo Forum WordPress plugin
before 1.9.7 did not validate
CVE-2021-24405 (The Easy Cookies Policy WordPress plugin through 1.6.2 is
lacking any ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24404 (The options.php file of the WP-Board WordPress plugin through
1.1 beta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24403 (The Orders functionality in the WordPress Page Contact plugin
through ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24402 (The Orders functionality in the WP iCommerce WordPress plugin
through ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24401 (The Edit domain functionality in the WP Domain Redirect
WordPress plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24400 (The Edit Role functionality in the Display Users WordPress
plugin thro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24399 (The check_order function of The Sorter WordPress plugin
through 1.0 us ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24398 (The Add new scene functionality in the Responsive 3D Slider
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24397 (The edit functionality in the MicroCopy WordPress plugin
through 1.1.0 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24396 (A pageid GET parameter of the GSEOR – WordPress SEO
Plugin WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24395 (The editid GET parameter of the Embed Youtube Video WordPress
plugin t ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24394 (An id GET parameter of the Easy Testimonial Manager WordPress
plugin t ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e906cd73f9067ebf435163c86d859abf71db04b0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e906cd73f9067ebf435163c86d859abf71db04b0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
