Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9697d787 by Salvatore Bonaccorso at 2024-10-26T11:57:18+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
CVE-2024-9933 (The WatchTowerHQ plugin for WordPress is vulnerable to
authentication ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9932 (The Wux Blog Editor plugin for WordPress is vulnerable to
arbitrary fi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9931 (The Wux Blog Editor plugin for WordPress is vulnerable to
authenticati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9930 (The Extensions by HocWP Team plugin for WordPress is vulnerable
to aut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9890 (The User Toolkit plugin for WordPress is vulnerable to
authentication ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9626 (The Editorial Assistant by Sovrn plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9613 (The FormFacade \u2013 WordPress plugin for Google Forms plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9475 (The Poll Maker \u2013 Versus Polls, Anonymous Polls, Image
Polls plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9462 (The Poll Maker \u2013 Versus Polls, Anonymous Polls, Image
Polls plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9456 (The WP Awesome Login plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9454 (The PriPre plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8870 (The Forms for Mailchimp by Optin Cat \u2013 Grow Your MailChimp
List p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-48396 (AIML Chatbot 1.0 (fixed in 2.0) is vulnerable to Cross Site
Scripting ...)
- TODO: check
+ NOT-FOR-US: AIML Chatbot
CVE-2024-48239 (An issue was discovered in WTCMS 1.0. In the plupload method
in \Asset ...)
- TODO: check
+ NOT-FOR-US: WTCMS
CVE-2024-48238 (WTCMS 1.0 is vulnerable to SQL Injection in the edit_post
method of /A ...)
- TODO: check
+ NOT-FOR-US: WTCMS
CVE-2024-48237 (WTCMS 1.0 is vulnerable to Incorrect Access Control in
\Common\Control ...)
- TODO: check
+ NOT-FOR-US: WTCMS
CVE-2024-48236 (An issue in ofcms 1.1.2 allows a remote attacker to execute
arbitrary ...)
- TODO: check
+ NOT-FOR-US: ofcms
CVE-2024-48235 (An issue in ofcms 1.1.2 allows a remote attacker to execute
arbitrary ...)
- TODO: check
+ NOT-FOR-US: ofcms
CVE-2024-48234 (An issue was discovered in mipjz 5.0.5. In the push method of
app\tag\ ...)
TODO: check
CVE-2024-48233 (mipjz 5.0.5 is vulnerable to Cross Site Scripting (XSS) in
\app\settin ...)
@@ -41,25 +41,25 @@ CVE-2024-48233 (mipjz 5.0.5 is vulnerable to Cross Site
Scripting (XSS) in \app\
CVE-2024-48232 (An issue was found in mipjz 5.0.5. In the mipPost method of
\app\setti ...)
TODO: check
CVE-2024-48230 (funadmin 5.0.2 is vulnerable to SQL Injection via the
parentField para ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48229 (funadmin 5.0.2 has a SQL injection vulnerability in the Curd
one click ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48228 (An issue was found in funadmin 5.0.2. The selectfiles method
in \backe ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48227 (Funadmin 5.0.2 has a logical flaw in the Curd one click
command deleti ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48226 (Funadmin 5.0.2 is vulnerable to SQL Injection in
curd/table/savefield.)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48225 (Funadmin v5.0.2 has an arbitrary file deletion vulnerability
in /curd/ ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48224 (Funadmin v5.0.2 has an arbitrary file read vulnerability in
/curd/inde ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48223 (Funadmin v5.0.2 has a SQL injection vulnerability in
/curd/table/field ...)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48222 (Funadmin v5.0.2 has a SQL injection vulnerability in
/curd/table/edit.)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-48218 (Funadmin v5.0.2 has a SQL injection vulnerability in
/curd/table/list.)
- TODO: check
+ NOT-FOR-US: funadmin
CVE-2024-47821 (pyLoad is a free and open-source Download Manager. The folder
`/.pyloa ...)
TODO: check
CVE-2024-10092 (The Download Monitor plugin for WordPress is vulnerable to
unauthorize ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9697d787ba8058c38addb41ef2cfb994d726212e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9697d787ba8058c38addb41ef2cfb994d726212e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
