[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1a061213 by security tracker role at 2025-11-19T08:14:08+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2025-6251 (The Royal Elementor Addons and Templates plugin for WordPress 
is vulne ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-65941
        REJECTED
 CVE-2025-65940
@@ -45,59 +45,59 @@ CVE-2025-63215 (The Sound4 IMPACT web-based management 
interface is vulnerable t
 CVE-2025-62406 (Piwigo is a full featured open source photo gallery 
application for th ...)
        TODO: check
 CVE-2025-54990 (XWiki AdminTools integrates administrative tools for managing 
a runnin ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2025-13225 (Tanium addressed an arbitrary file deletion vulnerability in 
TanOS.)
        TODO: check
 CVE-2025-13206 (The GiveWP \u2013 Donation Plugin and Fundraising Platform 
plugin for  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13145 (The WP Import \u2013 Ultimate CSV XML Importer for WordPress 
plugin fo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13085 (The SiteSEO \u2013 SEO Simplified plugin for WordPress is 
vulnerable t ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13054 (The User Profile Builder \u2013 Beautiful User Registration 
Forms, Use ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13051 (When the service of ABP and AES is installed in a directory 
writable b ...)
-       TODO: check
+       NOT-FOR-US: Asustor
 CVE-2025-13035 (The Code Snippets plugin for WordPress is vulnerable to PHP 
Code Injec ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12878 (The FunnelKit \u2013 Funnel Builder for WooCommerce Checkout 
plugin fo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12852 (DLL Loading vulnerability in NEC Corporation RakurakuMusen 
Start EX Al ...)
        TODO: check
 CVE-2025-12842 (The Booking Plugin for WordPress Appointments \u2013 Time Slot 
plugin  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12822 (The WP Login and Register using JWT plugin for WordPress is 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12814 (The SiteSEO \u2013 SEO Simplified plugin for WordPress is 
vulnerable t ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12777 (The YITH WooCommerce Wishlist plugin for WordPress is 
vulnerable to au ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12770 (The New User Approve plugin for WordPress is vulnerable to 
unauthorize ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12751 (The WSChat \u2013 WordPress Live Chat plugin for WordPress is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12710 (The Pet-Manager \u2013 Petfinder plugin for WordPress is 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12646 (The Community Events plugin for WordPress is vulnerable to SQL 
Injecti ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12535 (The SureForms plugin for WordPress is vulnerable to Cross-Site 
Request ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12484 (The Giveaways and Contests by RafflePress \u2013 Get More 
Website Traf ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12427 (The YITH WooCommerce Wishlist plugin for WordPress is 
vulnerable to In ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12426 (The Quiz Maker plugin for WordPress is vulnerable to Sensitive 
Informa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12359 (The Responsive Lightbox & Gallery plugin for WordPress is 
vulnerable t ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12349 (The Icegram Express - Email Subscribers, Newsletters and 
Marketing Aut ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12174 (The Directorist: AI-Powered Business Directory Plugin with 
Classified  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12119 (A mongoc_bulk_operation_t may read invalid memory if large 
options are ...)
        TODO: check
 CVE-2025-12057 (The WavePlayer WordPress plugin before 3.8.0 does not have 
authorizati ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12056 (Out-of-bounds Read in Shelly Pro 3EM(before v1.4.4) allows 
Overread Bu ...)
        TODO: check
 CVE-2025-11243 (Allocation of Resources Without Limits or Throttling 
vulnerability in  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a061213f11bc7c1f41f41a77fe19dab40cf075e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a061213f11bc7c1f41f41a77fe19dab40cf075e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits