Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2bb782b8 by security tracker role at 2025-12-06T08:13:35+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2025-8148 (An Improper Access Control in the SFTP service in Fortra's
GoAnywhere ...)
- TODO: check
+ NOT-FOR-US: Fortra
CVE-2025-66629 (HedgeDoc is an open source, real-time, collaborative, markdown
notes a ...)
TODO: check
CVE-2025-34291 (Langflow versions up to and including 1.6.9 contain a chained
vulnerab ...)
@@ -19,71 +19,71 @@ CVE-2025-14106 (A vulnerability was identified in ZSPACE
Q2C NAS up to 1.1.02100
CVE-2025-14105 (A vulnerability was determined in TOZED ZLT M30S and ZLT M30S
PRO 1.47 ...)
TODO: check
CVE-2025-13922 (The Tag, Category, and Taxonomy Manager \u2013 AI Autotagger
with Open ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13907 (The CSS3 Buttons plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13899 (The TR Timthumb plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13898 (The Ultra Skype Button plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13896 (The Social Feed Gallery Portfolio plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13894 (The CSV Sumotto plugin for WordPress is vulnerable to
Reflected Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13863 (The RevInsite plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13857 (The Yet Another WebClap for WordPress plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13856 (The Extra Post Images plugin for WordPress is vulnerable to
Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13748 (The Fluent Forms \u2013 Customizable Contact Forms, Survey,
Quiz, & Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13666 (The Helloprint plugin for WordPress is vulnerable to Missing
Authoriza ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13656 (The Cute News Ticker plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13629 (The WP Landing Page plugin for WordPress is vulnerable to
Cross-Site R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13626 (The myLCO plugin for WordPress is vulnerable to Reflected
Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13426 (A vulnerability exists in Google Apigee's JavaCallout policy
https:// ...)
TODO: check
CVE-2025-13377 (The 10Web Booster \u2013 Website speed optimization, Cache &
Page Spee ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13358 (The Accessiy By CodeConfig Accessibility plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13309 (The Accessiy By CodeConfig Accessibility \u2013 Easy One-Click
Accessi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13308 (The Application Passwords plugin for WordPress is vulnerable
to Reflec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13292 (A vulnerability in Apigee-X allowed an attacker to gain
unauthorized r ...)
TODO: check
CVE-2025-13137 (The Live Sales Notification for Woocommerce \u2013 Woomotiv
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12721 (The g-FFL Cockpit plugin for WordPress is vulnerable to
Sensitive Info ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12720 (The g-FFL Cockpit plugin for WordPress is vulnerable to
unauthorized m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12717 (The List Attachments Shortcode plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12715 (The Canadian Nutrition Facts Label plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12673 (The Flex QR Code Generator plugin for WordPress is vulnerable
to arbit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12577 (The Listar \u2013 Directory Listing & Classifieds WordPress
Plugin plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12574 (The Listar \u2013 Directory Listing & Classifieds WordPress
Plugin plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12510 (The Widgets for Google Reviews plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12505 (The weDocs plugin for WordPress is vulnerable to unauthorized
access i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12499 (The Rich Shortcodes for Google Reviews plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12091 (The Search, Filters & Merchandising for WooCommerce plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11263 (The Link Whisper Free plugin for WordPress is vulnerable to
Reflected ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6966 (NULL pointer dereference in TagSection.keys() in python-apt on
APT-bas ...)
- python-apt <unfixed>
NOTE: https://bugs.launchpad.net/ubuntu/+source/python-apt/+bug/2091865
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2bb782b8120ca276142cf5e84d079b96ac38f6b3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2bb782b8120ca276142cf5e84d079b96ac38f6b3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
