Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a53dd38f by security tracker role at 2025-12-12T08:13:35+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -79,7 +79,7 @@ CVE-2025-54407 (Stored cross-site scripting vulnerability
exists in GroupSession
CVE-2025-53523 (Stored cross-site scripting vulnerabilities exist in
GroupSession Free ...)
TODO: check
CVE-2025-4970 (The BSK PDF Manager plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-34506 (WBCE CMS version 1.6.3 and prior contains an authenticated
remote code ...)
TODO: check
CVE-2025-34504 (KodExplorer 4.52 contains an open redirect vulnerability in
the user l ...)
@@ -93,121 +93,121 @@ CVE-2025-14537 (A weakness has been identified in
code-projects Class and Exam T
CVE-2025-14536 (A security flaw has been discovered in code-projects Class and
Exam Ti ...)
TODO: check
CVE-2025-14467 (The WP Job Portal plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14393 (The Wpik WordPress Basic Ajax Form plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14392 (The Simple Theme Changer plugin for WordPress is vulnerable to
unautho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14391 (The Simple Theme Changer plugin for WordPress is vulnerable to
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14356 (The Ultra Addons for Contact Form 7 plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14354 (The Resource Library for Logged In Users plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14344 (The Multi Uploader for Gravity Forms plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14293 (The WP Job Portal plugin for WordPress is vulnerable to
Arbitrary File ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14170 (The Vimeo SimpleGallery plugin for WordPress is vulnerable to
Missing ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14169 (The FunnelKit - Funnel Builder for WooCommerce Checkout plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14166 (The WPMasterToolKit plugin for WordPress is vulnerable to PHP
Code Inj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14165 (The Kirim.Email WooCommerce Integration plugin for WordPress
is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14162 (The BMLT WordPress Plugin for WordPress is vulnerable to
Cross-Site Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14161 (The Truefy Embed plugin for WordPress is vulnerable to
Cross-Site Requ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14160 (The Upcoming for Calendly plugin for WordPress is vulnerable
to Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14158 (The Coding Blocks plugin for WordPress is vulnerable to
Cross-Site Req ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14143 (The Ayo Shortcodes plugin for WordPress is vulnerable to
Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14138 (The WPLG Default Mail From plugin for WordPress is vulnerable
to Refle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14137 (The Simple AL Slider plugin for WordPress is vulnerable to
Reflected C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14132 (The Category Dropdown List plugin for WordPress is vulnerable
to Refle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14129 (The Like DisLike Voting plugin for WordPress is vulnerable to
Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14125 (The Complag plugin for WordPress is vulnerable to Reflected
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14119 (The App Landing Template Blocks for WPBakery (Visual Composer)
Page Bu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14068 (The WPNakama plugin for WordPress is vulnerable to time-based
SQL Inje ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14064 (The BuddyTask plugin for WordPress is vulnerable to
unauthorized acces ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14062 (The Animated Pixel Marquee Creator plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14049 (The VikRentItems Flexible Rental Management System plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14048 (The SimplyConvert plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14045 (The URL Media Uploader plugin for WordPress is vulnerable to
unauthori ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14044 (The Visitor Logic Lite plugin for WordPress is vulnerable to
PHP Objec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14035 (The DebateMaster plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14032 (The Bold Timeline Lite plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13989 (The WP Dropzone plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13988 (The \u8bc4\u8bba\u5c0f\u79d8\u4e66 plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13987 (The Purchase and Expense Manager plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13975 (The Contact Form 7 with ChatWork plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13972 (The WatchTowerHQ plugin for WordPress is vulnerable to
arbitrary file ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13971 (The TWW Protein Calculator plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13969 (The Reviews Sorted plugin for WordPress is vulnerable to
Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13966 (The Paypal Payment Shortcode plugin for WordPress is
vulnerable to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13963 (The FX Currency Converter plugin for WordPress is vulnerable
to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13962 (The Divelogs Widget plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13961 (The Data Visualizer plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13960 (The GPXpress plugin for WordPress is vulnerable to Stored
Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13906 (The WP Flot plugin for WordPress is vulnerable to Stored
Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13904 (The WPGancio plugin for WordPress is vulnerable to Stored
Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13891 (The Image Gallery \u2013 Photo Grid & Video Gallery plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13889 (The Simple Nivo Slider plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13886 (The LT Unleashed plugin for WordPress is vulnerable to Local
File Incl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13885 (The Zenost Shortcodes plugin for WordPress is vulnerable to
Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13884 (The Hide Email Address plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13866 (The Flow-Flow Social Feed Stream plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13850 (The LS Google Map Router plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13846 (The Easy Map Creator plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13843 (The VigLink SpotLight By ShortCode plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13840 (The BUKAZU Search widget plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13839 (The LJUsers plugin for WordPress is vulnerable to Stored
Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13747 (The NewStatPress plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13670 (The High Level Synthesis Compiler i++ command for Windows is
vulnerabl ...)
TODO: check
CVE-2025-13669 (Uncontrolled Search Path Element vulnerability in Altera High
Level Sy ...)
@@ -221,53 +221,53 @@ CVE-2025-13664 (A potential security vulnerability in
Quartus\xae Prime Standard
CVE-2025-13663 (Under certain circumstances, the Quartus Prime Pro Installer
for Windo ...)
TODO: check
CVE-2025-13660 (The Guest Support plugin for WordPress is vulnerable to User
Email Dis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13440 (The Premmerce Wishlist for WooCommerce plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13408 (The Foxtool All-in-One: Contact chat button, Custom login,
Media optim ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13366 (The Rabbit Hole plugin for WordPress is vulnerable to
Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13363 (The IMAQ Core plugin for WordPress is vulnerable to Cross-Site
Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13334 (The Blaze Demo Importer plugin for WordPress is vulnerable to
unauthor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13320 (The WP User Manager plugin for WordPress is vulnerable to
Arbitrary Fi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13314 (The Product Filtering by Categories, Tags, Price Range for
WooCommerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13053 (When a user configures the NAS to retrieve UPS status or
control the U ...)
- TODO: check
+ NOT-FOR-US: Asustor
CVE-2025-13052 (When the user set the Notification's sender to send emails to
the SMTP ...)
- TODO: check
+ NOT-FOR-US: Asustor
CVE-2025-12968 (The Infility Global plugin for WordPress is vulnerable to
arbitrary fi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12963 (The LazyTasks \u2013 Project & Task Management with
Collaboration, Kan ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12883 (The Campay Woocommerce Payment Gateway plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12834 (The Accept Stripe Payments Using Contact Form 7 plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12830 (The Better Elementor Addons plugin for WordPress is vulnerable
to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12824 (The Player Leaderboard plugin for WordPress is vulnerable to
Local Fil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12783 (The Premmerce Brands for WooCommerce plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12655 (The Hippoo Mobile App for WooCommerce plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12650 (The Simple post listing plugin for WordPress is vulnerable to
Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12570 (The Fancy Product Designer plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11876 (The Mailgun Subscriptions plugin for WordPress is vulnerable
to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10684 (The Construction Light WordPress theme before 1.6.8 does not
have auth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10583 (The WP Fastest Cache plugin for WordPress is vulnerable to
Server-Side ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10451 (Unchecked output buffer may allowed arbitrary code execution
in SMM an ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2024-58313 (xbtitFM 4.1.18 contains an insecure file upload vulnerability
that all ...)
TODO: check
CVE-2024-58312 (xbtitFM 4.1.18 contains a path traversal vulnerability that
allows una ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a53dd38f330d8a850e32823814a2b0c8c32c2301
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a53dd38f330d8a850e32823814a2b0c8c32c2301
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
