[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 21 Dec 2025 00:13:57 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
07b82ccb by security tracker role at 2025-12-21T08:13:08+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,53 @@
+CVE-2025-9343 (The ELEX WordPress HelpDesk & Customer Ticketing System plugin 
for Wor ...)
+       TODO: check
+CVE-2025-68644 (Yealink RPS before 2025-06-27 allows unauthorized access to 
informatio ...)
+       TODO: check
+CVE-2025-14994 (A flaw has been found in Tenda FH1201 and FH1206 
1.2.0.14(408)/1.2.0.8 ...)
+       TODO: check
+CVE-2025-14993 (A vulnerability was detected in Tenda AC18 15.03.05.05. This 
affects t ...)
+       TODO: check
+CVE-2025-14992 (A security vulnerability has been detected in Tenda AC18 
15.03.05.05.  ...)
+       TODO: check
+CVE-2025-14991 (A weakness has been identified in Campcodes Complete Online 
Beauty Par ...)
+       TODO: check
+CVE-2025-14990 (A security flaw has been discovered in Campcodes Complete 
Online Beaut ...)
+       TODO: check
+CVE-2025-14989 (A vulnerability was identified in Campcodes Complete Online 
Beauty Par ...)
+       TODO: check
+CVE-2025-14855 (The SureForms plugin for WordPress is vulnerable to Stored 
Cross-Site  ...)
+       TODO: check
+CVE-2025-14800 (The Redirection for Contact Form 7 plugin for WordPress is 
vulnerable  ...)
+       TODO: check
+CVE-2025-14597
+       REJECTED
+CVE-2025-14080 (The Frontend Post Submission Manager Lite plugin for WordPress 
is vuln ...)
+       TODO: check
+CVE-2025-14071 (The Live Composer \u2013 Free WordPress Website Builder plugin 
for Wor ...)
+       TODO: check
+CVE-2025-14054 (The WC Builder \u2013 WooCommerce Page Builder for WPBakery 
plugin for ...)
+       TODO: check
+CVE-2025-14043 (The Tainacan plugin for WordPress is vulnerable to 
unauthorized metada ...)
+       TODO: check
+CVE-2025-13838 (The WishSuite plugin for WordPress is vulnerable to Stored 
Cross-Site  ...)
+       TODO: check
+CVE-2025-13693 (The Image Photo Gallery Final Tiles Grid plugin for WordPress 
is vulne ...)
+       TODO: check
+CVE-2025-13361 (The Web to SugarCRM Lead plugin for WordPress is vulnerable to 
Cross-S ...)
+       TODO: check
+CVE-2025-13220 (The Ultimate Member \u2013 User Profile, Registration, Login, 
Member D ...)
+       TODO: check
+CVE-2025-12980 (The Post Grid Gutenberg Blocks for News, Magazines, Blog 
Websites \u20 ...)
+       TODO: check
+CVE-2025-12700
+       REJECTED
+CVE-2025-12654 (The Migration, Backup, Staging \u2013 WPvivid Backup & 
Migration plugi ...)
+       TODO: check
+CVE-2025-12398 (The Product Table for WooCommerce plugin for WordPress is 
vulnerable t ...)
+       TODO: check
+CVE-2025-11496 (The Five Star Restaurant Reservations \u2013 WordPress Booking 
Plugin  ...)
+       TODO: check
+CVE-2023-47232 (Vulnerability in mojofywp WP Affiliate Disclosure 
wp-affiliate-disclos ...)
+       TODO: check
 CVE-2025-7782 (The WP JobHunt plugin for WordPress, used by the JobCareer 
theme, is v ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-7733 (The WP JobHunt plugin for WordPress, used by the JobCareer 
theme, is v ...)
@@ -273837,10 +273887,10 @@ CVE-2023-25448 (Cross-Site Request Forgery (CSRF) 
vulnerability in Eric Teubert
        NOT-FOR-US: WordPress plugin
 CVE-2023-25447 (Cross-Site Request Forgery (CSRF) vulnerability in 
Inkthemescom ColorW ...)
        NOT-FOR-US: WordPress theme
-CVE-2023-25446
-       RESERVED
-CVE-2023-25445
-       RESERVED
+CVE-2023-25446 (Missing Authorization vulnerability in HappyFiles HappyFiles 
Pro happy ...)
+       TODO: check
+CVE-2023-25445 (Missing Authorization vulnerability in HappyFiles HappyFiles 
Pro allow ...)
+       TODO: check
 CVE-2023-25444 (Unrestricted Upload of File with Dangerous Type vulnerability 
in JS He ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-25443 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company 
Button  ...)
@@ -274787,8 +274837,8 @@ CVE-2013-10016 (A vulnerability was found in fanzila 
WebFinance 0.5 and classifi
        NOT-FOR-US: fanzila WebFinance
 CVE-2013-10015 (A vulnerability has been found in fanzila WebFinance 0.5 and 
classifie ...)
        NOT-FOR-US: fanzila WebFinance
-CVE-2023-25068
-       RESERVED
+CVE-2023-25068 (Missing Authorization vulnerability in Mapro Collins Magazine 
Edge all ...)
+       TODO: check
 CVE-2023-25067 (Missing Authorization vulnerability in Noah Hearle, Design 
Extreme We\ ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-25066 (Cross-Site Request Forgery (CSRF) vulnerability in FolioVision 
FV Flow ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/07b82ccbc76bd52783f61efd90fbbf288e7e7629

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/07b82ccbc76bd52783f61efd90fbbf288e7e7629
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to