Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5543a8a5 by Salvatore Bonaccorso at 2024-12-10T06:08:09+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -91,64 +91,64 @@ CVE-2024-53947 (Improper Neutralization of Special Elements
used in an SQL Comma
CVE-2024-53847 (The Trix rich text editor, prior to versions 2.1.9 and 1.3.3,
is vulne ...)
TODO: check
CVE-2024-53822 (Unrestricted Upload of File with Dangerous Type vulnerability
in Genet ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53819 (Missing Authorization vulnerability in Sprout Invoices Client
Invoicin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53818 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53816 (Missing Authorization vulnerability in Themeum Tutor LMS
Elementor Add ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53814 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53798 (Missing Authorization vulnerability in BAKKBONE Australia
FloristPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53791 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53790 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53785 (Missing Authorization vulnerability in Alexander Volkov
Chatter.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-53450 (RAGFlow 0.13.0 suffers from improper access control in
document-hooks. ...)
- TODO: check
+ NOT-FOR-US: RAGFlow
CVE-2024-53441 (An issue in the index.js decryptCookie function of
cookie-encrypter v1 ...)
TODO: check
CVE-2024-52599 (Tuleap is an open source suite to improve management of
software devel ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2024-52586 (eLabFTW is an open source electronic lab notebook for research
labs. A ...)
- TODO: check
+ NOT-FOR-US: eLabFTW
CVE-2024-52480 (Missing Authorization vulnerability in Astoundify Jobify - Job
Board W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52391 (Missing Authorization vulnerability in Genetech Pie Register
Premium.T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52385 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49603 (Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain
an inco ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-49602 (Dell PowerScale OneFS Versions 8.2.2.x through 9.8.0.x contain
an impr ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-49600 (Dell Power Manager (DPM), versions prior to 3.17, contain an
improper ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-48956 (Serviceware Processes 6.0 through 7.3 allows attackers without
valid a ...)
- TODO: check
+ NOT-FOR-US: Serviceware Processes
CVE-2024-46901 (Insufficient validation of filenames against control
characters in Apa ...)
- subversion 1.14.5-1
NOTE: https://subversion.apache.org/security/CVE-2024-46901-advisory.txt
CVE-2024-46547 (A vulnerability was found in Romain Bourdon Wampserver all
versions (d ...)
- TODO: check
+ NOT-FOR-US: Romain Bourdon Wampserver
CVE-2024-45761 (Dell OpenManage Server Administrator, versions 11.0.1.0 and
prior, con ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-45760 (Dell OpenManage Server Administrator, versions 11.0.1.0 and
prior, con ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-43222 (Missing Authorization vulnerability in Envato Security Team
Sweet Date ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-42426 (Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain
an unco ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-40583 (Pentaminds CuroVMS v2.0.1 was discovered to contain exposed
credential ...)
- TODO: check
+ NOT-FOR-US: Pentaminds CuroVMS
CVE-2024-40582 (Pentaminds CuroVMS v2.0.1 was discovered to contain exposed
sensitive ...)
- TODO: check
+ NOT-FOR-US: Pentaminds CuroVMS
CVE-2024-38485 (Dell ECS, versions prior to 3.8.0, contain(s) a Host Header
Injection ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-12307 (A function-level access control vulnerability in
Unifiedtransform vers ...)
TODO: check
CVE-2024-12306 (Multiple access control vulnerabilities in Unifiedtransform
version 2. ...)
@@ -156,191 +156,191 @@ CVE-2024-12306 (Multiple access control vulnerabilities
in Unifiedtransform vers
CVE-2024-12305 (An object-level access control vulnerability in
Unifiedtransform versi ...)
TODO: check
CVE-2024-12057 (User credentials (login & password) are inserted into log
files when a ...)
- TODO: check
+ NOT-FOR-US: PcVue
CVE-2024-11991 (Motoko's incremental garbage collector is impacted by an
uninitialized ...)
TODO: check
CVE-2024-11608 (A maliciously crafted SKP file, when linked or imported into
Autodesk ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-11454 (A maliciously crafted DLL file, when placed in the same
directory as a ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-11268 (A maliciously crafted PDF file, when parsed through Autodesk
Revit, ca ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-7298 (A maliciously crafted FBX file, when parsed through Autodesk
FBX SDK, ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-51362 (Missing Authorization vulnerability in Premio All-in-one
Floating Cont ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51360 (Missing Authorization vulnerability in WPDeveloper Essential
Blocks fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51359 (Missing Authorization vulnerability in WPDeveloper Essential
Blocks fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51357 (Missing Authorization vulnerability in Conversios
Conversios.io allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51355 (Missing Authorization vulnerability in MultiVendorX WC
Marketplace all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51353 (Missing Authorization vulnerability in supsystic.com Popup by
Supsysti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50904 (Missing Authorization vulnerability in Poll Maker Team Poll
Maker allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50903 (Missing Authorization vulnerability in Wpmet Metform Elementor
Contact ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50899 (Missing Authorization vulnerability in MultiVendorX Product
Catalog En ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50887 (Missing Authorization vulnerability in UserFeedback Team User
Feedback ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50884 (Missing Authorization vulnerability in LA-Studio LA-Studio
Element Kit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50882 (Missing Authorization vulnerability in ProfilePress Membership
Team Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50877 (Missing Authorization vulnerability in woobewoo Product Filter
by WBW ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50876 (Missing Authorization vulnerability in Molongui Molongui
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50375 (Missing Authorization vulnerability in Translate AI
Multilingual Solut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50373 (Missing Authorization vulnerability in WPSAAD Alt Manager
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49861 (Missing Authorization vulnerability in socialmediafeather
Social Media ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49859 (Missing Authorization vulnerability in Pixelite Login With
Ajax allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49858 (Missing Authorization vulnerability in Austin Passy Custom
Login allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49857 (Missing Authorization vulnerability in Awesome Support Team
Awesome Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49856 (Missing Authorization vulnerability in RedNao Smart Forms
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49851 (Missing Authorization vulnerability in ILMDESIGNS Square
Thumbnails al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49850 (Missing Authorization vulnerability in Ashish Ajani WP Simple
HTML Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49849 (Missing Authorization vulnerability in Aakash Chakravarthy
Shortcoder ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49848 (Missing Authorization vulnerability in wooproductimporter
Sharkdropshi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49845 (Missing Authorization vulnerability in Loud Dog Redirects
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49835 (Missing Authorization vulnerability in Metaphor Creations Post
Duplica ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49832 (Missing Authorization vulnerability in Paul Ryley Site Reviews
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49831 (Missing Authorization vulnerability in Metagauss User
Registration For ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49818 (Missing Authorization vulnerability in Webflow Webflow Pages
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49817 (Missing Authorization vulnerability in heoLixfy Flexible
Woocommerce C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49758 (Missing Authorization vulnerability in Veribo, Roland Murg WP
Booking ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49757 (Missing Authorization vulnerability in Awesome Support Team
Awesome Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49756 (Missing Authorization vulnerability in Themewinter Eventin
allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49755 (Missing Authorization vulnerability in B.M. Rafiul Alam
Elementor Time ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49754 (Missing Authorization vulnerability in Yogesh Pawar, Clarion
Technolog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49196 (Missing Authorization vulnerability in Pagelayer Team
PageLayer allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49194 (Insertion of Sensitive Information Into Debugging Code
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49193 (Missing Authorization vulnerability in NerdPress Social Pug
allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49192 (Missing Authorization vulnerability in Clever Widgets Enhanced
Text Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49167 (Missing Authorization vulnerability in Code4Life Database for
CF7 allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49158 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49156 (Missing Authorization vulnerability in GoDaddy GoDaddy Email
Marketing ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49154 (Missing Authorization vulnerability in Wow-Company Button
Generator \u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48779 (Missing Authorization vulnerability in 360 Javascript Viewer
360 Javas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48776 (Missing Authorization vulnerability in Thomas Scholl
canvasio3D Light ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48774 (Missing Authorization vulnerability in Martin Gibson IdeaPush
allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48750 (Missing Authorization vulnerability in VOID CODERS Void
Elementor Post ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48740 (Missing Authorization vulnerability in Easy Social Feed Easy
Social Fe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48332 (Missing Authorization vulnerability in Tech Banker Mail Bank -
#1 Mail ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48324 (Missing Authorization vulnerability in Awesome Support Team
Awesome Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48287 (Missing Authorization vulnerability in Matat Technologies
TextMe SMS a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48286 (Missing Authorization vulnerability in Tips and Tricks HQ,
wptipsntric ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48277 (Missing Authorization vulnerability in SuperPWA Super
Progressive Web ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48274 (Missing Authorization vulnerability in Mondial Relay
WooCommerce - WCM ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47871 (Missing Authorization vulnerability in IT Path Solutions
Contact Form ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47869 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47849 (Missing Authorization vulnerability in blossomthemes
BlossomThemes Ema ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47847 (Missing Authorization vulnerability in PayTR \xd6deme ve
Elektronik Pa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47841 (Missing Authorization vulnerability in Analytify Analytify
allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47838 (Missing Authorization vulnerability in Jules Colle Conditional
Fields ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47836 (Missing Authorization vulnerability in Prasad Kirpekar WP Meta
and Dat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47832 (Missing Authorization vulnerability in searchiq SearchIQ
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47830 (Missing Authorization vulnerability in Addons for Contact Form
7 Live ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47826 (Missing Authorization vulnerability in NicheAddons Restaurant
& Cafe A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47823 (Missing Authorization vulnerability in nCrafts FormCraft
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47822 (Missing Authorization vulnerability in Sonaar Music MP3 Audio
Player f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47820 (Missing Authorization vulnerability in CRUDLab WP Like Button
allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47805 (Missing Authorization vulnerability in Themewinter WPCafe
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47793 (Missing Authorization vulnerability in acmethemes Acme Fix
Images allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47780 (Missing Authorization vulnerability in EasyAzon EasyAzon
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47776 (Missing Authorization vulnerability in miniOrange miniorange
otp verif ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47764 (Missing Authorization vulnerability in Metaphor Creations
Ditty allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47763 (Missing Authorization vulnerability in Martin Gibson WP Custom
Admin I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47762 (Missing Authorization vulnerability in WPDeveloper BetterDocs
allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47761 (Missing Authorization vulnerability in WPDeveloper Simple 301
Redirect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47760 (Missing Authorization vulnerability in WPDeveloper Essential
Blocks fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47756 (Missing Authorization vulnerability in David Vongries Welcome
Email Ed ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47698 (Missing Authorization vulnerability in Artisan Workshop
Japanized For ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47694 (Missing Authorization vulnerability in appsbd Mini Cart Drawer
For Woo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-43962 (Cross Site Scripting vulnerability in Xunrui CMS Public
Edition v.4.6. ...)
- TODO: check
+ NOT-FOR-US: Xunrui CMS Public Edition
CVE-2023-41953 (Missing Authorization vulnerability in ProfilePress Membership
Team Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32299 (Missing Authorization vulnerability in anzia Ni WooCommerce
Sales Repo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32293 (Missing Authorization vulnerability in Realwebcare WRC Pricing
Tables ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32126 (Missing Authorization vulnerability in WPoperation SALERT
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32117 (Missing Authorization vulnerability in SoftLab Integrate
Google Drive ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32094 (Missing Authorization vulnerability in Felix Welberg Extended
Post Sta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12224 [RUSTSEC-2024-0421]
- rust-idna <unfixed>
NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0421.html
@@ -1854,7 +1854,7 @@ CVE-2024-29645 (Buffer Overflow vulnerability in radarorg
radare2 v.5.8.8 allows
CVE-2024-12015 (The 'Project Manager' WordPress Plugin is affected by an
authenticated ...)
NOT-FOR-US: WordPress plugin
CVE-2024-10905 (IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2,
IdentityIQ 8.3 ...)
- TODO: check
+ NOT-FOR-US: Sailpoint
CVE-2024-10490 (An \u201cAuthentication Bypass Using an Alternate Path or
Channel\u201 ...)
NOT-FOR-US: B&R Automation
CVE-2024-53124 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
@@ -129542,7 +129542,7 @@ CVE-2023-31216 (Cross-Site Request Forgery (CSRF)
vulnerability in Ultimate Memb
CVE-2023-31215 (Unrestricted Upload of File with Dangerous Type vulnerability
in Amade ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31214 (Missing Authorization vulnerability in Arul Prasad J WP Quick
Post Dup ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31213 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31212 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
@@ -129958,7 +129958,7 @@ CVE-2023-31075 (Cross-Site Request Forgery (CSRF)
vulnerability in Arshid Easy H
CVE-2023-31074 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
hupe13 E ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31073 (Missing Authorization vulnerability in Jose Vega Display
custom fields ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31072 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Praveen ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31071 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Yannick ...)
@@ -130530,13 +130530,13 @@ CVE-2023-30875 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-30874 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Stev ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30873 (Missing Authorization vulnerability in Fahad Mahmood WP Docs
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30872 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30871 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
PT Woo P ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30870 (Missing Authorization vulnerability in wooproductimporter
Sharkdropshi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30869 (Improper Authentication vulnerability in Easy Digital
Downloads plugin ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30868 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Jon Chri ...)
@@ -130907,7 +130907,7 @@ CVE-2023-30785 (Unauth. Reflected Cross-Site
Scripting (XSS) vulnerability in I
CVE-2023-30784 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30783 (Missing Authorization vulnerability in YummyWP Smart
WooCommerce Searc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30782 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Andy Moy ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30781 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Theme Bl ...)
@@ -131118,7 +131118,7 @@ CVE-2023-30750 (Improper Neutralization of Special
Elements used in an SQL Comma
CVE-2023-30749 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in ihom ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30748 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30747 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
WPGem Wo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30746 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Booq ...)
@@ -132041,11 +132041,11 @@ CVE-2023-30490
CVE-2023-30489 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
I Thirte ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30488 (Missing Authorization vulnerability in WP OnlineSupport,
Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30487 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
ThimPres ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30486 (Missing Authorization vulnerability in HashThemes Square
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30485 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Solwin I ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30484 (Cross-Site Request Forgery (CSRF) vulnerability in uPress
Enable Acces ...)
@@ -132059,13 +132059,13 @@ CVE-2023-30481 (Unauth. Reflected Cross-Site
Scripting (XSS) vulnerability in Al
CVE-2023-30480 (Missing Authorization vulnerability in Sparkle WP
Educenter.This issue ...)
NOT-FOR-US: WordPress theme
CVE-2023-30479 (Missing Authorization vulnerability in Stamped.io Stamped.io
Product R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30478 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant
Newslette ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30477 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Essi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30476 (Missing Authorization vulnerability in Sparkle Themes Blogger
Buzz all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30475 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Elliot S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30474 (Cross-Site Request Forgery (CSRF) vulnerability in Kilian
Evang Ultima ...)
@@ -134632,15 +134632,15 @@ CVE-2023-29435 (Auth. (contributor+) Stored
Cross-Site Scripting (XSS) vulnerabi
CVE-2023-29434 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Fanc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29433 (Missing Authorization vulnerability in \u817e\u8baf\u4e91
tencentcloud ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29432 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29431 (Missing Authorization vulnerability in OntheGoSystems
qTranslate X Cle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29430 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
CTHtheme ...)
NOT-FOR-US: WordPress theme
CVE-2023-29429 (Missing Authorization vulnerability in WPEverest User
Registration all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29428 (Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins
Superb So ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29427 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
TMS Book ...)
@@ -134654,7 +134654,7 @@ CVE-2023-29424 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-29423 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in PI W ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29422 (Missing Authorization vulnerability in AlexaCRM Dynamics 365
Integrati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1916 (A flaw was found in tiffcrop, a program distributed by the
libtiff pac ...)
- tiff <unfixed> (unimportant)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/536
@@ -135383,11 +135383,11 @@ CVE-2023-29247 (Task instance details page in the
UI is vulnerable to a stored X
CVE-2023-29246 (An attacker who has gained access to an admin account can
perform RCE ...)
NOT-FOR-US: Apache OpenMeetings
CVE-2023-29239 (Missing Authorization vulnerability in LuckyWP LuckyWP Scripts
Control ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29238 (Cross-Site Request Forgery (CSRF) vulnerability in Whydonate
Whydonate ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29237 (Missing Authorization vulnerability in Muhammad Rehman Remove
Duplicat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Cththeme ...)
NOT-FOR-US: WordPress theme
CVE-2023-29235 (Cross-Site Request Forgery (CSRF) vulnerability in Fugu
Maintenance Sw ...)
@@ -135639,7 +135639,7 @@ CVE-2023-29175 (An improper certificate validation
vulnerability [CWE-295] in Fo
CVE-2023-29174 (Missing Authorization vulnerability in NervyThemes SKU Label
Changer F ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29173 (Missing Authorization vulnerability in AWESOME TOGI Product
Category T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29172 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Property ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29171 (Unauth. Reflected Cross-site Scripting (XSS) vulnerability in
Magic Po ...)
@@ -137393,9 +137393,9 @@ CVE-2023-28691
CVE-2023-28690 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Marc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28689 (Missing Authorization vulnerability in JoomSky JS Job Manager
allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28688 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeHunk
TH Variat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28687 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2023-1551
@@ -137936,7 +137936,7 @@ CVE-2023-28538 (Memory corruption in WIN Product
while invoking WinAcpi update d
CVE-2023-28537 (Memory corruption while allocating memory in COmxApeDec module
in Audi ...)
NOT-FOR-US: Qualcomm
CVE-2023-28536 (Missing Authorization vulnerability in Acato Branded Social
Images all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28535 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Paytm Pa ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28534 (Auth. (subscriber+) Stored Cross-Site Scripting (XSS)
vulnerability in ...)
@@ -137944,7 +137944,7 @@ CVE-2023-28534 (Auth. (subscriber+) Stored Cross-Site
Scripting (XSS) vulnerabil
CVE-2023-28533 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in M Wi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28532 (Missing Authorization vulnerability in wpdirectorykit.com Real
Estate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28531 (ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent
without ...)
- openssh 1:9.3p1-1 (bug #1033166)
[bookworm] - openssh 1:9.2p1-2+deb12u2
@@ -138398,9 +138398,9 @@ CVE-2023-28419 (Cross-Site Request Forgery (CSRF)
vulnerability in Stranger Stud
CVE-2023-28418 (Auth. (subscriber+) Reflected Cross-Site Scripting (XSS)
vulnerability ...)
NOT-FOR-US: WordPress theme
CVE-2023-28417 (Missing Authorization vulnerability in AlexaCRM Dynamics 365
Integrati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28416 (Missing Authorization vulnerability in Sparkle Themes Chankhe
allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28415 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Xoot ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28414 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Apex ...)
@@ -139248,13 +139248,13 @@ CVE-2023-28170 (Unrestricted Upload of File with
Dangerous Type vulnerability in
CVE-2023-28169 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Core ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28168 (Missing Authorization vulnerability in Jerod Santo WordPress
Console a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28167 (Cross-Site Request Forgery (CSRF) vulnerability in Vsourz
Digital CF7 ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28166 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Aakif Ka ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28165 (Missing Authorization vulnerability in Tech Banker Backup
Bank: WordPr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28164 (Dragging a URL from a cross-origin iframe that was removed
during the ...)
{DSA-5375-1 DSA-5374-1 DLA-3365-1 DLA-3364-1}
- firefox 111.0-1
@@ -141069,9 +141069,9 @@ CVE-2023-27628 (Auth. (contributor+) Stored
Cross-Site Scripting (XSS) vulnerabi
CVE-2023-27627 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
eggemplo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27626 (Missing Authorization vulnerability in Aleksandar
Uro\u0161evi\u0107 S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27625 (Missing Authorization vulnerability in Paul Ryley Site Reviews
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27624 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Marc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27623 (Cross-Site Request Forgery (CSRF) vulnerability in Jens
T\xf6rnell WP ...)
@@ -141644,7 +141644,7 @@ CVE-2023-27456
CVE-2023-27455 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Maui Mar ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27454 (Missing Authorization vulnerability in Apollo13Themes Rife
Elementor E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27453 (Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS
Tools plugi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27452 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Wow- ...)
@@ -141654,7 +141654,7 @@ CVE-2023-27451 (Server-Side Request Forgery (SSRF)
vulnerability in Darren Coone
CVE-2023-27450 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in
Teplitsa of ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27449 (Missing Authorization vulnerability in TotalSuite Total Poll
Lite allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27448 (Cross-Site Request Forgery (CSRF) vulnerability in MakeStories
Team Ma ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27447 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
@@ -141696,7 +141696,7 @@ CVE-2023-27430 (Cross-Site Request Forgery (CSRF)
vulnerability in Ramon Fincken
CVE-2023-27429 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Auto ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27428 (Missing Authorization vulnerability in Damir Calusic WP users
media al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27427 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in NTZA ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27426 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Noti ...)
@@ -143972,11 +143972,11 @@ CVE-2023-26524 (Cross-Site Request Forgery (CSRF)
vulnerability in ExpressTech Q
CVE-2023-26523 (Missing Authorization vulnerability in CodePeople Calculated
Fields Fo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26522 (Missing Authorization vulnerability in OneWebsite WP Repost
allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26521 (Missing Authorization vulnerability in CodePeople Search in
Place allo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26520 (Missing Authorization vulnerability in Max Chirkov Advanced
Text Widge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26519 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Alex ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26518 (Cross-Site Request Forgery (CSRF) vulnerability in AccessPress
Themes ...)
@@ -145597,7 +145597,7 @@ CVE-2023-25995
CVE-2023-25994 (Cross-Site Request Forgery (CSRF) vulnerability in Alex
Benfica Publis ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25993 (Missing Authorization vulnerability in WebberZone Top 10
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25992 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Crea ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25991 (Cross-Site Request Forgery (CSRF) vulnerability in
RegistrationMagic p ...)
@@ -145651,7 +145651,7 @@ CVE-2023-25968 (Cross-Site Request Forgery (CSRF)
vulnerability in Cozmoslabs, M
CVE-2023-25967 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo
Community by ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25966 (Missing Authorization vulnerability in Ninja Team Filebird
allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25965 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25964 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Noah ...)
@@ -145665,7 +145665,7 @@ CVE-2023-25961 (Unauth. Reflected Cross-Site
Scripting (XSS) vulnerability in Ca
CVE-2023-25960 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25959 (Missing Authorization vulnerability in Apollo13Themes Apollo13
Framewo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25958 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Just ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25957 (A vulnerability has been identified in Mendix SAML (Mendix 7
compatibl ...)
@@ -146132,7 +146132,7 @@ CVE-2023-25793 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-25792 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Xiao ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25791 (Missing Authorization vulnerability in Cadus Pro Fontiran
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25790 (Improper Authentication, Improper Neutralization of Input
During Web P ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25789 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Tapf ...)
@@ -146505,7 +146505,7 @@ CVE-2023-25716 (Auth (admin+) Stored Cross-Site
Scripting (XSS) vulnerability in
CVE-2023-25715 (Missing Authorization vulnerability in GamiPress GamiPress
\u2013 The ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25714 (Missing Authorization vulnerability in Fullworks Quick Paypal
Payments ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25713 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in
Fullworks Q ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25712 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in WP-B ...)
@@ -146527,7 +146527,7 @@ CVE-2023-25705 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-25704 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mehj ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25703 (Missing Authorization vulnerability in WP OnlineSupport,
Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25702 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability
in Full ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25701 (Improper Privilege Management vulnerability in WhatArmy
WatchTowerHQ a ...)
@@ -147557,7 +147557,7 @@ CVE-2023-25488 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-25487 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade
PixTypes ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25486 (Missing Authorization vulnerability in Migrate Clone allows
Exploiting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25485 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Bern ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25484 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Oliv ...)
@@ -147591,7 +147591,7 @@ CVE-2023-25471 (Unauth. Reflected Cross-Site
Scripting (XSS) vulnerability in We
CVE-2023-25470 (Cross-Site Request Forgery (CSRF) vulnerability in Anton
Skorobogatov ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25469 (Missing Authorization vulnerability in Magazine3 Easy Table of
Content ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25468 (Cross-Site Request Forgery (CSRF) vulnerability in
Reservation.Studio ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25467 (Cross-Site Request Forgery (CSRF) vulnerability in Daniel
Mores, A. Hu ...)
@@ -147619,9 +147619,9 @@ CVE-2023-25457 (Missing Authorization vulnerability
in Richteam Slider Carousel
CVE-2023-25456 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Klav ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25455 (Missing Authorization vulnerability in miniOrange WordPress
Social Log ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25454 (Missing Authorization vulnerability in Nate Reist Protected
Posts Logo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25453 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Ian Sado ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25452 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mich ...)
@@ -148590,7 +148590,7 @@ CVE-2013-10015 (A vulnerability has been found in
fanzila WebFinance 0.5 and cla
CVE-2023-25068
RESERVED
CVE-2023-25067 (Missing Authorization vulnerability in Noah Hearle, Design
Extreme We\ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25066 (Cross-Site Request Forgery (CSRF) vulnerability in FolioVision
FV Flow ...)
NOT-FOR-US: FolioVision
CVE-2023-25065 (Cross-Site Request Forgery (CSRF) vulnerability in
ShapedPlugin WP Tab ...)
@@ -148604,7 +148604,7 @@ CVE-2023-25062 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-25061 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25060 (Missing Authorization vulnerability in WP OnlineSupport,
Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25059 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in aval ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25058 (Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm
Force Sc ...)
@@ -148628,7 +148628,7 @@ CVE-2023-25050 (Improper Limitation of a Pathname to
a Restricted Directory ('Pa
CVE-2023-25049 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in impl ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25048 (Missing Authorization vulnerability in Fantastic Plugins
Fantastic Con ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25047 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25046 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Podl ...)
@@ -148650,11 +148650,11 @@ CVE-2023-25039 (Missing Authorization vulnerability
in CodePeople Google Maps CP
CVE-2023-25038 (Cross-Site Request Forgery (CSRF) vulnerability in 984.Ru For
the visu ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25037 (Missing Authorization vulnerability in CodePeople Booking
Calendar Con ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25036 (Cross-Site Request Forgery (CSRF) vulnerability in
akhlesh-nagar, a.An ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25035 (Missing Authorization vulnerability in Fullworks Quick Contact
Form a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25034 (Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP
Clean U ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25033 (Cross-Site Request Forgery (CSRF) vulnerability in Sumo Social
Share B ...)
@@ -148672,7 +148672,7 @@ CVE-2023-25028 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-25027 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Kibo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25026 (Missing Authorization vulnerability in PayPal PayPal Brasil
para WooCo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25025 (Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole
WP-Copy ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25024 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Iceg ...)
@@ -150749,7 +150749,7 @@ CVE-2023-24409 (Unauth. Reflected Cross-Site
Scripting (XSS) vulnerability in I
CVE-2023-24408 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24407 (Missing Authorization vulnerability in WpDevArt Booking
calendar, Appo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24406 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mune ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24405 (Cross-Site Request Forgery (CSRF) vulnerability in Scott
Paterson Cont ...)
@@ -150813,7 +150813,7 @@ CVE-2023-24377 (Cross-Site Request Forgery (CSRF)
vulnerability in Ecwid Ecommer
CVE-2023-24376 (Auth. (admin+) Stored Cross-Site Scripting (XSS)
vulnerabilityin Nico ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24375 (Missing Authorization vulnerability in miniOrange WordPress
Social Log ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24374 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24373 (External Control of Assumed-Immutable Web Parameter
vulnerability in W ...)
@@ -151757,7 +151757,7 @@ CVE-2023-23988 (Missing Authorization vulnerability
in Joseph C Dolson My Ticket
CVE-2023-23987 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in WPEv ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23986 (Missing Authorization vulnerability in Noah Hearle, Design
Extreme Rev ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23985 (Missing Authorization vulnerability in Quiz Maker team Quiz
Maker.This ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23984 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Bubble ...)
@@ -151779,7 +151779,7 @@ CVE-2023-23977 (Auth. (contributor+) Stored
Cross-Site Scripting (XSS) vulnerabi
CVE-2023-23976 (Incorrect Default Permissions vulnerability in Metagauss
RegistrationM ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23975 (Missing Authorization vulnerability in Fullworks Quick Event
Manager a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23974 (Cross-Site Request Forgery (CSRF) vulnerability in Fullworks
Quick Eve ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23973 (Cross-Site Request Forgery (CSRF) vulnerability in a3rev
Software Cont ...)
@@ -152048,11 +152048,11 @@ CVE-2023-23897 (Cross-Site Request Forgery (CSRF)
vulnerability in Ozette Plugin
CVE-2023-23896 (Missing Authorization vulnerability in MyThemeShop URL
Shortener by My ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23895 (Missing Authorization vulnerability in CodePeople WP Time
Slots Bookin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23894 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23893 (Missing Authorization vulnerability in Igor Benic Simple
Giveaways all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23892 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23891 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -152064,9 +152064,9 @@ CVE-2023-23889 (Auth. (contributor+) Stored
Cross-Site Scripting (XSS) vulnerabi
CVE-2023-23888 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23887 (Missing Authorization vulnerability in Shaon Easy Google
Analytics for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23886 (Missing Authorization vulnerability in mg12 WP-RecentComments
allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23885 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23884 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Kanb ...)
@@ -152102,7 +152102,7 @@ CVE-2023-23870 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-23869 (Cross-Site Request Forgery (CSRF) vulnerability in Amit
Agarwal Google ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23868 (Missing Authorization vulnerability in WPFactory Cost of Goods
for Woo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23867 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23866 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -152228,7 +152228,7 @@ CVE-2015-10071 (A vulnerability was found in
gitter-badger ezpublish-modern-lega
CVE-2023-23835 (A vulnerability has been identified in Mendix Applications
using Mendi ...)
NOT-FOR-US: Siemens
CVE-2023-23834 (Missing Authorization vulnerability in Brainstorm Force
Spectra allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23833 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Steve ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23832 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in TC Ul ...)
@@ -152246,11 +152246,11 @@ CVE-2023-23827 (Auth. (contributor+) Cross-Site
Scripting (XSS) vulnerability in
CVE-2023-23826 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23825 (Missing Authorization vulnerability in Brainstorm Force
Spectra allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23824 (Auth. SQL Injection (SQLi) vulnerability inWP-TopBar<= 5.36
versions.)
NOT-FOR-US: WordPress plugin
CVE-2023-23823 (Missing Authorization vulnerability in Clever Widgets Enhanced
Text Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23822 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Ludw ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23821 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Marc ...)
@@ -152268,7 +152268,7 @@ CVE-2023-23816 (Auth. (admin+) Cross-Site Scripting
(XSS) vulnerability in Tward
CVE-2023-23815 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23814 (Missing Authorization vulnerability in CodePeople CP Multi
View Event ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23813 (Cross-Site Request Forgery (CSRF) vulnerability in Joseph C
Dolson My ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23812 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Joos ...)
@@ -152600,9 +152600,9 @@ CVE-2023-23728 (Auth. (contributor+) Cross-Site
Scripting (XSS) vulnerability in
CVE-2023-23727 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Form ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23726 (Cross-Site Request Forgery (CSRF) vulnerability in Tickera.com
Tickera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23725 (Missing Authorization vulnerability in Chris Baldelomar
Shortcodes all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23724 (Cross-Site Request Forgery (CSRF) vulnerability in Winwar
Media WP Ema ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23723 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Winw ...)
@@ -152620,9 +152620,9 @@ CVE-2023-23718 (Auth. (admin+) Cross-Site Scripting
(XSS) vulnerability in Essta
CVE-2023-23717 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Georg ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23716 (Missing Authorization vulnerability in Zendesk Zendesk Support
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23715 (Missing Authorization vulnerability in JobBoardWP JobBoardWP
\u2013 Jo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23714 (Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl
Uncanny ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23713 (Cross-Site Request Forgery (CSRF) vulnerability in Manoj
Thulasidas Th ...)
@@ -156065,7 +156065,7 @@ CVE-2023-22710 (Unauth. Reflected Cross-Site
Scripting (XSS) vulnerability in ch
CVE-2023-22709 (Cross-Site Request Forgery (CSRF) vulnerability in Atif N SRS
Simple H ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22708 (Missing Authorization vulnerability in Karim Salman Kraken.io
Image Op ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22707 (Auth. (author+) Cross-Site Scripting (XSS) vulnerability in
Wpsoul Gre ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22706 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Property ...)
@@ -156079,7 +156079,7 @@ CVE-2023-22703 (Unauth. Reflected Cross-Site
Scripting (XSS) vulnerability in We
CVE-2023-22702 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in WPMob ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22701 (Missing Authorization vulnerability in Shopfiles Ltd Ebook
Store allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22700 (Cross-Site Request Forgery (CSRF) vulnerability in
PixelYourSite Pixel ...)
NOT-FOR-US: PixelYourSite
CVE-2023-22699 (Missing Authorization vulnerability in MainWP MainWP Wordfence
Extensi ...)
@@ -188052,9 +188052,9 @@ CVE-2022-38949
CVE-2022-38948
RESERVED
CVE-2022-38947 (SQL Injection vulnerability in Flipkart-Clone-PHP version 1.0
in entry ...)
- TODO: check
+ NOT-FOR-US: Flipkart-Clone-PHP
CVE-2022-38946 (Arbitrary File Upload vulnerability in Doctor-Appointment
version 1.0 ...)
- TODO: check
+ NOT-FOR-US: Doctor-Appointment
CVE-2022-38945
RESERVED
CVE-2022-38944
@@ -213510,7 +213510,7 @@ CVE-2022-29976 (An Authenticated Reflected Cross-site
scripting at BCC Parameter
CVE-2022-29975 (An Authenticated Reflected Cross-site scripting at CC
Parameter was di ...)
NOT-FOR-US: MDaemon
CVE-2022-29974 (AMI (aka American Megatrends) NTFS driver 1.0.0 (fixed in late
2021 or ...)
- TODO: check
+ NOT-FOR-US: AMI (aka American Megatrends) NTFS driver
CVE-2022-29973 (relan exFAT 1.3.0 allows local users to obtain sensitive
information ( ...)
[experimental] - fuse-exfat 1.4.0-1
- fuse-exfat 1.4.0-2 (bug #1014538)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5543a8a5dc9ce4f0e498f1f7a5aaa01c91c3e27a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5543a8a5dc9ce4f0e498f1f7a5aaa01c91c3e27a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
