Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dc448bde by Salvatore Bonaccorso at 2025-01-24T21:39:37+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,213 +1,213 @@
CVE-2025-24756 (Cross-Site Request Forgery (CSRF) vulnerability in mgplugin
Roi Calcul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24755 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24753 (Missing Authorization vulnerability in Kadence WP Gutenberg
Blocks by ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24751 (Missing Authorization vulnerability in GoDaddy CoBlocks allows
Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24750 (Missing Authorization vulnerability in ExactMetrics
ExactMetrics allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24746 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24739 (Cross-Site Request Forgery (CSRF) vulnerability in FluentSMTP
& WPMana ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24738 (Cross-Site Request Forgery (CSRF) vulnerability in
NowButtons.com Call ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24736 (Missing Authorization vulnerability in Metaphor Creations Post
Duplica ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24733 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24732 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24731 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24730 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24729 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24728 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24727 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24726 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24725 (Missing Authorization vulnerability in ThimPress Thim
Elementor Kit al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24724 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Side Me ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24723 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24722 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24721 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24720 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Sticky ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24719 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24717 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Modal W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24716 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Herd Ef ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24715 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Counter ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24714 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Bubble ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24713 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Button ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24712 (Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme
Radius ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24711 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Popup B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24709 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24706 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24705 (Missing Authorization vulnerability in Arshid WooCommerce
Quick View a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24704 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24703 (Server-Side Request Forgery (SSRF) vulnerability in DLX
Plugins Commen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24702 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24701 (Server-Side Request Forgery (SSRF) vulnerability in Kiboko
Labs Chaine ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24698 (Cross-Site Request Forgery (CSRF) vulnerability in G5Theme
Essential R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24696 (Cross-Site Request Forgery (CSRF) vulnerability in WP Attire
Attire Bl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24695 (Server-Side Request Forgery (SSRF) vulnerability in HasThemes
Extensio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24693 (Missing Authorization vulnerability in Yehi Advanced
Notifications all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24691 (Missing Authorization vulnerability in Gagan Sandhu , Enej
Bajgoric , ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24687 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24683 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24682 (Missing Authorization vulnerability in mikemmx Super Block
Slider allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24681 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24679 (Missing Authorization vulnerability in webraketen Internal
Links Manag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24678 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24675 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24674 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24673 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24672 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24669 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24668 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24666 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24663 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24659 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24658 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24657 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24652 (Missing Authorization vulnerability in Revmakx WP Duplicate
\u2013 Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24650 (Unrestricted Upload of File with Dangerous Type vulnerability
in Theme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24649 (Missing Authorization vulnerability in wpase.com Admin and
Site Enhanc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24647 (Cross-Site Request Forgery (CSRF) vulnerability in
datafeedr.com WooCo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24644 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24638 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24636 (Cross-Site Request Forgery (CSRF) vulnerability in Laymance
Technologi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24634 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24633 (Missing Authorization vulnerability in silverplugins217 Build
Private ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24627 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24625 (Missing Authorization vulnerability in Marco Almeida |
Webdados Taxono ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24623 (Cross-Site Request Forgery (CSRF) vulnerability in Really
Simple Secur ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24622 (Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins
Job Boa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24618 (Missing Authorization vulnerability in ElementInvader
ElementInvader A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24613 (Missing Authorization vulnerability in Foliovision FV
Thoughtful Comme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24611 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24610 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24604 (Missing Authorization vulnerability in Vikas Ratudi VForm
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24596 (Missing Authorization vulnerability in WC Product Table
WooCommerce Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24595 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24594 (Missing Authorization vulnerability in Speedcomp Linet
ERP-Woocommerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24591 (Missing Authorization vulnerability in NinjaTeam GDPR CCPA
Compliance ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24589 (Missing Authorization vulnerability in JS Morisset JSM Show
Post Metad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24588 (Missing Authorization vulnerability in Patreon Patreon
WordPress allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24587 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24585 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24582 (Insertion of Sensitive Information Into Sent Data
vulnerability in Cod ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24580 (Missing Authorization vulnerability in Code for Recovery 12
Step Meeti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24579 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24578 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24575 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24573 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24572 (Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool
WP Fast ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24571 (Missing Authorization vulnerability in Epsiloncool WP Fast
Total Searc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24570 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24568 (Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm
Force St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24562 (Cross-Site Request Forgery (CSRF) vulnerability in Optimal
Access Inc. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24561 (Cross-Site Request Forgery (CSRF) vulnerability in ReviewsTap
ReviewsT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24555 (Cross-Site Request Forgery (CSRF) vulnerability in
SubscriptionDNA.com ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24552 (Generation of Error Message Containing Sensitive Information
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24547 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24546 (Cross-Site Request Forgery (CSRF) vulnerability in RSTheme
Ultimate Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24543 (Cross-Site Request Forgery (CSRF) vulnerability in RSTheme
Ultimate Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24542 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24363 (The HL7 FHIR IG publisher is a tool to take a set of inputs
and create ...)
- TODO: check
+ NOT-FOR-US: HL7 FHIR IG publisher
CVE-2025-24362 (In some circumstances, debug artifacts uploaded by the CodeQL
Action a ...)
TODO: check
CVE-2025-24359 (ASTEVAL is an evaluator of Python expressions and statements.
Prior to ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc448bdee5fd1f304ec179785bb4b65eee8c87db
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc448bdee5fd1f304ec179785bb4b65eee8c87db
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
