Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
962fa141 by Salvatore Bonaccorso at 2025-01-27T21:20:19+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,71 +1,71 @@
CVE-2025-24783 (** UNSUPPORTED WHEN ASSIGNED ** Incorrect Usage of Seeds in
Pseudo-Ran ...)
TODO: check
CVE-2025-24782 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24754 (Missing Authorization vulnerability in Houzez.co Houzez. This
issue af ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24747 (Missing Authorization vulnerability in Houzez.co Houzez. This
issue af ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24744 (Missing Authorization vulnerability in NotFound Bridge Core.
This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24743 (Missing Authorization vulnerability in Rometheme RomethemeKit
For Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24742 (Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps
(formerl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24741 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in K ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24740 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24734 (Missing Authorization vulnerability in CodeSolz Better Find
and Replac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24708 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24689 (Insertion of Sensitive Information into Externally-Accessible
File or ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24685 (Path Traversal vulnerability in MORKVA Morkva UA Shipping
allows PHP L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24680 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24671 (Deserialization of Untrusted Data vulnerability in Pdfcrowd
Save as PD ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24667 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24665 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24664 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24662 (Missing Authorization vulnerability in NotFound LearnDash LMS
allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24653 (Missing Authorization vulnerability in NotFound Admin and Site
Enhance ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24628 (Authentication Bypass by Spoofing vulnerability in BestWebSoft
Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24626 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24612 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24606 (Missing Authorization vulnerability in Sprout Invoices Client
Invoicin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24603 (Missing Authorization vulnerability in UkrSolution Print
Barcode Label ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24601 (Deserialization of Untrusted Data vulnerability in ThimPress
FundPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24600 (Missing Authorization vulnerability in David F. Carr
RSVPMarker . This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24593 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24590 (Missing Authorization vulnerability in Haptiq picu \u2013
Online Photo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24584 (Missing Authorization vulnerability in BdThemes Ultimate Store
Kit Ele ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24540 (Cross-Site Request Forgery (CSRF) vulnerability in SeedProd
Coming Soo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24538 (Cross-Site Request Forgery (CSRF) vulnerability in slaFFik
BuddyPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24537 (Cross-Site Request Forgery (CSRF) vulnerability in The Events
Calendar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24533 (Cross-Site Request Forgery (CSRF) vulnerability in MetaSlider
Responsi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24368 (Cacti is an open source performance and fault management
framework. So ...)
TODO: check
CVE-2025-24367 (Cacti is an open source performance and fault management
framework. An ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/962fa1418d37f07c4c74f503147f14f12546abc6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/962fa1418d37f07c4c74f503147f14f12546abc6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
