Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ec91f92c by Salvatore Bonaccorso at 2024-12-13T21:48:55+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,13 +5,13 @@ CVE-2024-9608 (The MyParcel plugin for WordPress is
vulnerable to Reflected Cros
CVE-2024-9290 (The Super Backup & Clone - Migrate for WordPress plugin for
WordPress ...)
NOT-FOR-US: WordPress plugin
CVE-2024-55890 (D-Tale is a visualizer for pandas data structures. Prior to
version 3. ...)
- TODO: check
+ NOT-FOR-US: D-Tale
CVE-2024-55889 (phpMyFAQ is an open source FAQ web application. Prior to
version 3.2.1 ...)
NOT-FOR-US: phpMyFAQ
CVE-2024-55887 (Ucum-java is a FHIR Java library providing UCUM Services. In
versions ...)
NOT-FOR-US: Ucum-java
CVE-2024-55661 (Laravel Pulse is a real-time application performance
monitoring tool a ...)
- TODO: check
+ NOT-FOR-US: Laravel Pulse
CVE-2024-54351 (Cross-Site Request Forgery (CSRF) vulnerability in Tom Landis
Fancy Ro ...)
NOT-FOR-US: WordPress plugin
CVE-2024-54349 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -237,255 +237,255 @@ CVE-2024-48007 (Dell RecoverPoint for Virtual Machines
6.0.x contains use of har
CVE-2024-47984 (Dell RecoverPoint for Virtual Machines 6.0.x contains Denial
of Servic ...)
NOT-FOR-US: Dell
CVE-2024-47892 (Software installed and run as a non-privileged user may
conduct GPU sy ...)
- TODO: check
+ NOT-FOR-US: Imagination GPU Driver
CVE-2024-46971 (Software installed and run as a non-privileged user may
conduct GPU sy ...)
- TODO: check
+ NOT-FOR-US: Imagination GPU Driver
CVE-2024-38488 (Dell RecoverPoint for Virtual Machines 6.0.x contains a
vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28980 (Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use
of a Brok ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-24902 (Dell RecoverPoint for Virtual Machines 6.0.x contains an
Improper acce ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-22461 (Dell RecoverPoint for Virtual Machines 6.0.x contains an OS
Command in ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-21577 (ComfyUI-Ace-Nodes is vulnerable to Code Injection. The
ACE_ExpressionE ...)
- TODO: check
+ NOT-FOR-US: ComfyUI-Ace-Nodes
CVE-2024-21576 (ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue
stems fr ...)
- TODO: check
+ NOT-FOR-US: ComfyUI-Bmad-Nodes
CVE-2024-12465 (The Property Hive Stamp Duty Calculator plugin for WordPress
is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12421 (The The Coupon Affiliates \u2013 Affiliate Plugin for
WooCommerce plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12420 (The The WPMobile.App \u2014 Android and iOS Mobile Application
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12417 (The The Simple Link Directory plugin for WordPress is
vulnerable to ar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12414 (The Themify Store Locator plugin for WordPress is vulnerable
to Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12309 (The Rate My Post \u2013 Star Rating Plugin by FeedbackWP
plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12042 (The MStore API \u2013 Create Native Android & iOS Apps On The
Cloud pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11986 (Improper input handling in the 'Host Header' allows an
unauthenticated ...)
- TODO: check
+ NOT-FOR-US: CrushFTP
CVE-2024-11911 (The WP Crowdfunding plugin for WordPress is vulnerable to
unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11910 (The WP Crowdfunding plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11832 (The Beaver Builder \u2013 WordPress Page Builder plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11827 (The Out of the Block: OpenStreetMap plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11754 (The Booking System Trafft plugin for WordPress is vulnerable
to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11275 (The WP Timetics- AI-powered Appointment Booking Calendar and
Online Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11012 (The The Notibar \u2013 Notification Bar for WordPress plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10783 (The MainWP Child \u2013 Securely Connects to the MainWP
Dashboard to M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44149 (Missing Authorization vulnerability in BeRocket Brands for
WooCommerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44147 (Missing Authorization vulnerability in Apasionados Comment
Blacklist U ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44142 (Missing Authorization vulnerability in Inactive Logout
Inactive Logout ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41952 (Missing Authorization vulnerability in Contact Form -
WPManageNinja LL ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41951 (Missing Authorization vulnerability in rtCamp rtMedia for
WordPress, B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41875 (Missing Authorization vulnerability in wpdirectorykit.com WP
Directory ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41873 (Missing Authorization vulnerability in miniOrange SAML SP
Single Sign ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41870 (Missing Authorization vulnerability in Themeum WP Crowdfunding
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41869 (Missing Authorization vulnerability in Alex Volkov WP
Accessibility He ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41866 (Missing Authorization vulnerability in Team Plugins360
Automatic YouTu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41865 (Missing Authorization vulnerability in bqworks Slider Pro
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41862 (Weak Authentication vulnerability in Guido VS Contact Form
allows Auth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41857 (Missing Authorization vulnerability in ClickToTweet.com Click
To Tweet ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41849 (Missing Authorization vulnerability in WP Happy Coders Posts
Like Disl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41848 (Missing Authorization vulnerability in Majeed Raza Carousel
Slider all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41803 (Missing Authorization vulnerability in BitPay BitPay Checkout
for WooC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41802 (Missing Authorization vulnerability in Team Heateor Super
Socializer a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41695 (Missing Authorization vulnerability in Analytify Analytify
allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41690 (Missing Authorization vulnerability in Wiser Notify
WiserNotify Social ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41689 (Missing Authorization vulnerability in Koen Reus Post to
Google My Bus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41688 (Missing Authorization vulnerability in Mad Fish Digital Bulk
NoIndex & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41686 (Cross-Site Request Forgery (CSRF) vulnerability in ilGhera
Woocommerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41683 (Missing Authorization vulnerability in Pechenki TelSender
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41671 (Missing Authorization vulnerability in Tyche Softwares
Abandoned Cart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41664 (Missing Authorization vulnerability in AlphaBPO Easy
Newsletter Signup ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41649 (Missing Authorization vulnerability in Ovic Team Ovic Product
Bundle a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41133 (Authentication Bypass by Spoofing vulnerability in Michal
Nov\xe1k Sec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41132 (Missing Authorization vulnerability in ShapedPlugin LLC
Category Slide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41130 (Missing Authorization vulnerability in Premmerce Premmerce
User Roles ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40678 (Missing Authorization vulnerability in Lasso Simple URLs
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40670 (Missing Authorization vulnerability in ReviewX Team ReviewX
allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40334 (Missing Authorization vulnerability in realmag777 HUSKY allows
Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40331 (Missing Authorization vulnerability in bqworks Accordion
Slider allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40213 (Missing Authorization vulnerability in Mateusz Czardybon
Justified Gal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40203 (Missing Authorization vulnerability in MailMunch MailChimp
Forms by Ma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40011 (Missing Authorization vulnerability in StylemixThemes Cost
Calculator ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40005 (Missing Authorization vulnerability in Easy Digital Downloads
Easy Dig ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40003 (Missing Authorization vulnerability in weDevs WP Project
Manager allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40001 (Missing Authorization vulnerability in SolidWP iThemes Sync
allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39997 (Missing Authorization vulnerability in supsystic.com Popup by
Supsysti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39996 (Missing Authorization vulnerability in WP OnlineSupport,
Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39995 (Missing Authorization vulnerability in WP OnlineSupport,
Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39920 (Missing Authorization vulnerability in Themeisle Redirection
for Conta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39305 (Missing Authorization vulnerability in
YetAnotherStarsRating.com Yet A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38514 (Missing Authorization vulnerability in social share pro Social
Share I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38483 (Missing Authorization vulnerability in Dylan Blokhuis Instant
CSS allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38480 (Missing Authorization vulnerability in Certain Dev Booster
Elementor A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38479 (Missing Authorization vulnerability in Codents Simple
Googlebot Visit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38477 (Missing Authorization vulnerability in Stanislav Kuznetsov QR
code MeC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38475 (Missing Authorization vulnerability in RedNao Donations Made
Easy \u20 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38385 (Missing Authorization vulnerability in Artbees JupiterX Core
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38383 (Missing Authorization vulnerability in OnTheGoSystems Language
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37989 (Missing Authorization vulnerability in Easyship Easyship
WooCommerce S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37987 (Missing Authorization vulnerability in miniOrange
YourMembership Singl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37984 (Missing Authorization vulnerability in ExpressTech Quiz And
Survey Mas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37971 (Missing Authorization vulnerability in MultiVendorX
WooCommerce Produc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37969 (Missing Authorization vulnerability in The African Boss
Checkout with ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37967 (Missing Authorization vulnerability in Designinvento
DirectoryPress al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37887 (Missing Authorization vulnerability in WPSchoolPress Team
WPSchoolPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36681 (Missing Authorization vulnerability in Cool Plugins
Cryptocurrency Wid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36680 (Missing Authorization vulnerability in Iulia Cazan Image
Regenerate & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36531 (Missing Authorization vulnerability in LiquidPoll LiquidPoll
\u2013 Ad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36528 (Missing Authorization vulnerability in FeedbackWP kk Star
Ratings allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36526 (Missing Authorization vulnerability in Inqsys Technology
Duplicate Pos ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36519 (Missing Authorization vulnerability in wpthemego SW Product
Bundles al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36518 (Missing Authorization vulnerability in Hugh Lashbrooke Post
Hit Counte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36510 (Missing Authorization vulnerability in Reservation Diary ReDi
Restaura ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36509 (Missing Authorization vulnerability in Suresh Chand CHP Ads
Block Dete ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36506 (Missing Authorization vulnerability in YITH YITH WooCommerce
Waiting L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35875 (Missing Authorization vulnerability in Jegstudio Gutenverse
allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35777 (Missing Authorization vulnerability in The Events Calendar The
Events ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35052 (Missing Authorization vulnerability in wpWax - WP Business
Directory P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35051 (Missing Authorization vulnerability in Cimatti Consulting
Contact Form ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35046 (Missing Authorization vulnerability in Dynamic.ooo Dynamic
Visibility ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35037 (Missing Authorization vulnerability in Surfer Surfer allows
Exploiting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34387 (Missing Authorization vulnerability in Constant Contact
Constant Conta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34381 (Missing Authorization vulnerability in Gesundheit Bewegt GmbH
Zippy al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34376 (Missing Authorization vulnerability in Rextheme Change
WooCommerce Add ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34019 (Missing Authorization vulnerability in Uncanny Owl Uncanny
Toolkit for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34014 (Missing Authorization vulnerability in G5Theme Grid Plus
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34009 (Missing Authorization vulnerability in Inisev Social Media &
Share Ico ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33998 (Missing Authorization vulnerability in cybernetikz Easy Social
Icons a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33996 (Missing Authorization vulnerability in \u0421leanTalk -
Anti-Spam Prot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33995 (Missing Authorization vulnerability in Photo Gallery Team
Photo Galler ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33994 (Missing Authorization vulnerability in Jason Crouse,
VeronaLabs Slimst ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33928 (Missing Authorization vulnerability in WebToffee WordPress
Backup & Mi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33324 (Missing Authorization vulnerability in wppal Easy Captcha
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33215 (Missing Authorization vulnerability in Tagbox Taggbox allows
Exploitin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32963 (Missing Authorization vulnerability in a3rev Software
WooCommerce Pred ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32798 (Missing Authorization vulnerability in 10up Simple Page
Ordering allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32601 (Missing Authorization vulnerability in Booking Ultra Pro
Booking Ultra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32599 (Missing Authorization vulnerability in Bill Minozzi reCAPTCHA
for all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32593 (Missing Authorization vulnerability in GS Plugins GS Pins for
Pinteres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32586 (Missing Authorization vulnerability in Thomas Michalak
Soundcloud Is G ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32585 (Missing Authorization vulnerability in Total-Soft Portfolio
Gallery \u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32581 (Missing Authorization vulnerability in MobileMonkey WP-Chatbot
for Mes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32574 (Missing Authorization vulnerability in Fahad Mahmood Injection
Guard a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32520 (Missing Authorization vulnerability in Webcodin WCP Contact
Form allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32519 (Missing Authorization vulnerability in Webcodin WCP Contact
Form allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32507 (Missing Authorization vulnerability in wp3sixty Woo Custom
Emails allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32506 (Missing Authorization vulnerability in Link Whisper Link
Whisper Free ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9508 (Horner Automation Cscape contains a memory corruption
vulnerability, w ...)
NOT-FOR-US: Horner Automation Cscape
CVE-2024-55918 (An issue was discovered in the Graphics::ColorNames package
before 3.2 ...)
@@ -134141,7 +134141,7 @@ CVE-2023-30492 (Auth. (contributor+) Stored
Cross-Site Scripting (XSS) vulnerabi
CVE-2023-30491 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
CodeBard ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30490 (Missing Authorization vulnerability in Matthew Ruddy Easing
Slider al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30489 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
I Thirte ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30488 (Missing Authorization vulnerability in WP OnlineSupport,
Essential Plu ...)
@@ -138346,7 +138346,7 @@ CVE-2023-28992 (Unauth. Reflected Cross-Site
Scripting (XSS) vulnerability in El
CVE-2023-28991 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in PI W ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28990 (Missing Authorization vulnerability in HashThemes Viral Mag
allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28989 (Cross-Site Request Forgery (CSRF) vulnerability in weDevs
Happy Addons ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28988 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in PI W ...)
@@ -143743,7 +143743,7 @@ CVE-2023-27458 (Cross-Site Request Forgery (CSRF)
vulnerability in wpstream WpSt
CVE-2023-27457 (Cross-Site Request Forgery (CSRF) vulnerability in Passionate
Brains A ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27456 (Missing Authorization vulnerability in HashThemes Total allows
Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27455 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Maui Mar ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27454 (Missing Authorization vulnerability in Apollo13Themes Rife
Elementor E ...)
@@ -147711,7 +147711,7 @@ CVE-2023-25990 (Improper Neutralization of Special
Elements used in an SQL Comma
CVE-2023-25989 (Cross-Site Request Forgery (CSRF) vulnerability in Meks Video
Importer ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25988 (Missing Authorization vulnerability in Video Gallery by
Total-Soft Vid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25987 (Cross-Site Request Forgery (CSRF) vulnerability in Aleksandar
Uro\u016 ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25986 (Cross-Site Request Forgery (CSRF) vulnerability in WattIsIt
PayGreen \ ...)
@@ -158191,7 +158191,7 @@ CVE-2023-22699 (Missing Authorization vulnerability
in MainWP MainWP Wordfence E
CVE-2023-22698 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Jason ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22697 (Missing Authorization vulnerability in Survey Maker team
Survey Maker ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22696 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22695 (Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki
Miyashita C ...)
@@ -161468,7 +161468,7 @@ CVE-2022-47596 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2022-47595 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47594 (Missing Authorization vulnerability in WPDeveloper Essential
Blocks fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47593 (Auth. (subscriber+) SQL Injection (SQLi) vulnerability in
RapidLoad Ra ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47592 (Reflected Cross-Site Scripting (XSS) vulnerability in
Dmytriy.Cooperma ...)
@@ -163249,7 +163249,7 @@ CVE-2022-47431 (Reflected Cross-Site Scripting (XSS)
vulnerability in Tussendoor
CVE-2022-47430 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47429 (Missing Authorization vulnerability in 8Degree Themes Coming
Soon Land ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47428 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47427 (Cross-Site Request Forgery (CSRF) vulnerability in Joseph C
Dolson My ...)
@@ -164137,7 +164137,7 @@ CVE-2022-47184 (Exposure of Sensitive Information to
an Unauthorized Actor vulne
CVE-2022-47183 (Cross-Site Request Forgery (CSRF) vulnerability in StylistWP
Extra Blo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47182 (Missing Authorization vulnerability in Wpexpertsio APIExperts
Square f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47181 (Cross-Site Request Forgery (CSRF) vulnerability in wpexpertsio
Email T ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47180 (Cross-Site Request Forgery (CSRF) vulnerability in Kopa Theme
Kopa Fra ...)
@@ -164149,7 +164149,7 @@ CVE-2022-47178 (Cross-Site Request Forgery (CSRF)
vulnerability in Simple Share
CVE-2022-47177 (Cross-Site Request Forgery (CSRF) vulnerability in WP Easy Pay
WP Easy ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47176 (Missing Authorization vulnerability in Depicter Slider and
Popup by Av ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47175 (Cross-Site Request Forgery (CSRF) vulnerability in P Royal
Royal Eleme ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47174 (Cross-Site Request Forgery (CSRF) vulnerability in WordPress
Performan ...)
@@ -164165,7 +164165,7 @@ CVE-2022-47170 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2022-47169 (Cross-Site Request Forgery (CSRF) vulnerability in StaxWP
Visibility L ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47168 (Missing Authorization vulnerability in Printful Printful
Integration f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47167 (Cross-Site Request Forgery (CSRF) vulnerability in Aram
Kocharyan Cray ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47166 (Cross-Site Request Forgery (CSRF) vulnerability in voidCoders
Void Con ...)
@@ -165075,7 +165075,7 @@ CVE-2022-46848 (Auth. (contributor+) Stored
Cross-Site Scripting (XSS) vulnerabi
CVE-2022-46847
RESERVED
CVE-2022-46846 (Missing Authorization vulnerability in WP OnlineSupport,
Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46845
RESERVED
CVE-2022-46844 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -165087,11 +165087,11 @@ CVE-2022-46842 (Cross-Site Request Forgery (CSRF)
vulnerability inJS Help Desk p
CVE-2022-46841 (Cross-Site Request Forgery (CSRF) vulnerability in Soflyy
Oxygen Build ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46840 (Missing Authorization vulnerability in JS Help Desk JS Help
Desk \u201 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46839 (Unrestricted Upload of File with Dangerous Type vulnerability
in JS He ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46838 (Missing Authorization vulnerability in JS Help Desk JS Help
Desk \u201 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4391 (The Vision Interactive For WordPress plugin through 1.5.3 does
not san ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4390 (A network misconfiguration is present in versions prior to
1.0.9.90 of ...)
@@ -165208,7 +165208,7 @@ CVE-2022-46813 (Cross-Site Request Forgery (CSRF)
vulnerability in Younes JFR. A
CVE-2022-46812 (Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme
Thank Yo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46811 (Missing Authorization vulnerability in
VillaTheme(villatheme.com) ALD ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46810 (Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme
Thank Yo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46809 (Improper Neutralization of Formula Elements in a CSV File
vulnerabilit ...)
@@ -165216,7 +165216,7 @@ CVE-2022-46809 (Improper Neutralization of Formula
Elements in a CSV File vulner
CVE-2022-46808 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46807 (Missing Authorization vulnerability in Lauri Karisola / WP
Trio Stock ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46806 (Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme
Cart All ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46805 (Cross-Site Request Forgery (CSRF) vulnerability in Lauri
Karisola / WP ...)
@@ -165238,9 +165238,9 @@ CVE-2022-46798 (Cross-Site Request Forgery (CSRF)
vulnerability in HasThemes Sho
CVE-2022-46797 (Cross-Site Request Forgery (CSRF) vulnerability in Conversios
All-in-o ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46796 (Missing Authorization vulnerability in VillaTheme CURCY allows
Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46795 (Missing Authorization vulnerability in Tyche Softwares Print
Invoice & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46794 (Cross-Site Request Forgery (CSRF) vulnerability in
weightbasedshipping ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46793 (Cross-Site Request Forgery (CSRF) vulnerability in AdTribes.Io
Product ...)
@@ -168315,9 +168315,9 @@ CVE-2022-45843 (Auth. (contributor+) Stored
Cross-Site Scripting vulnerability i
CVE-2022-45842 (Unauth. Race Condition vulnerability inWP ULike Plugin <=
4.6.4 onWord ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45841 (Missing Authorization vulnerability in RoboSoft Robo Gallery
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45840 (Missing Authorization vulnerability in Lucian Apostol Auto
Affiliate L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45839 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45838 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in
Repute Info ...)
@@ -168345,7 +168345,7 @@ CVE-2022-45828 (Cross-Site Request Forgery (CSRF)
vulnerability in NooTheme Noo
CVE-2022-45827 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Gall ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45826 (Missing Authorization vulnerability in WP Sunshine Sunshine
Photo Cart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45825 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
iThemes ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45824 (Cross-Site Request Forgery (CSRF) vulnerability inAdvanced
Booking Cal ...)
@@ -168359,7 +168359,7 @@ CVE-2022-45821 (Auth. (contributor+) Stored
Cross-Site Scripting (XSS) vulnerabi
CVE-2022-45820 (SQL Injection (SQLi) vulnerability inLearnPress \u2013
WordPress LMS P ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45819 (Missing Authorization vulnerability in Popup Maker Popup Maker
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45818 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45817 (Cross-Site Scripting (XSS) vulnerability in Erin Garscadden GC
Testimo ...)
@@ -168385,7 +168385,7 @@ CVE-2022-45808 (SQL Injection vulnerability
inLearnPress \u2013 WordPress LMS Pl
CVE-2022-45807 (Cross-Site Request Forgery (CSRF) inWPVibes WP Mail Log plugin
<= 1.0. ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45806 (Missing Authorization vulnerability in Strategy11 Form Builder
Team Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45805 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45804 (Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft
Photo Gall ...)
@@ -173252,7 +173252,7 @@ CVE-2022-44580 (SQL Injection (SQLi) vulnerability in
RichPlugins Plugin for Goo
CVE-2022-44579
RESERVED
CVE-2022-44578 (Missing Authorization vulnerability in Pierre JEHAN Owl
Carousel allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-44577
REJECTED
CVE-2022-44576 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Agen ...)
@@ -177787,7 +177787,7 @@ CVE-2022-43479 (Open redirect vulnerability in
SHIRASAGI v1.14.4 to v1.15.0 allo
CVE-2022-43476
RESERVED
CVE-2022-43472 (Missing Authorization vulnerability in StylemixThemes eRoom
\u2013 Zoo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-43471
RESERVED
CVE-2022-43469 (Cross-Site Request Forgery (CSRF) vulnerability in
Orchestrated Corona ...)
@@ -282254,7 +282254,7 @@ CVE-2021-32009 (Cross-site Scripting (XSS)
vulnerability in firmware section of
CVE-2021-32008 (This issue affects: Secomea GateManager Version 9.6.621421014
and all ...)
NOT-FOR-US: Secomea GateManager
CVE-2021-32007 (This issue affects: Secomea GateManager Version 9.5 and all
prior vers ...)
- TODO: check
+ NOT-FOR-US: Secomea GateManager
CVE-2021-32006 (This issue affects: Secomea GateManager Version 9.6.621421014
and all ...)
NOT-FOR-US: Secomea GateManager
CVE-2021-32005 (Cross-site Scripting (XSS) vulnerability in log view of
Secomea SiteMa ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec91f92ca6100cdd70560bb4cc287bd013e3b985
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec91f92ca6100cdd70560bb4cc287bd013e3b985
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
