[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Sat, 17 Jan 2026 00:14:54 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6384c463 by security tracker role at 2026-01-17T08:13:49+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2026-23800 (Incorrect Privilege Assignment vulnerability in Modular DS 
modular-con ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-23745 (node-tar is a Tar for Node.js. The node-tar library (<= 7.5.2) 
fails t ...)
        TODO: check
 CVE-2026-23744 (MCPJam inspector is the local-first development platform for 
MCP serve ...)
@@ -15,25 +15,25 @@ CVE-2026-22865 (Gradle is a build automation tool, and its 
native-platform tool
 CVE-2026-22816 (Gradle is a build automation tool, and its native-platform 
tool provid ...)
        TODO: check
 CVE-2026-21223 (Microsoft Edge Elevation Service exposes a privileged COM 
interface th ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-20960 (Improper authorization in Microsoft Power Apps allows an 
authorized at ...)
        TODO: check
 CVE-2026-0833 (The Team Section Block plugin for WordPress is vulnerable to 
Stored Cr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0820 (The RepairBuddy \u2013 Repair Shop CRM & Booking Plugin for 
WordPress  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0808 (The Spin Wheel plugin for WordPress is vulnerable to 
client-side prize ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0691 (The CM E-Mail Blacklist \u2013 Simple email filtering for safer 
regist ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0682 (The Church Admin plugin for WordPress is vulnerable to 
Server-Side Req ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0519 (In Secure Access 12.70 and prior to 14.20, the logging  
subsystem may  ...)
-       TODO: check
+       NOT-FOR-US: Absolute Software
 CVE-2026-0518 (CVE-2026-0518 is a cross-site scripting vulnerability in 
versions of   ...)
-       TODO: check
+       NOT-FOR-US: Absolute Software
 CVE-2026-0517 (CVE-2026-0517 is a denial-of-service vulnerability in versions 
of Secu ...)
-       TODO: check
+       NOT-FOR-US: Absolute Software
 CVE-2025-5489
        REJECTED
 CVE-2025-5102
@@ -45,33 +45,33 @@ CVE-2025-15529 (A vulnerability was found in Open5GS up to 
2.7.6. Affected by th
 CVE-2025-15528 (A vulnerability has been found in Open5GS up to 2.7.6. 
Affected by thi ...)
        TODO: check
 CVE-2025-15403 (The RegistrationMagic plugin for WordPress is vulnerable to 
Privilege  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14632 (The Filr \u2013 Secure document library plugin for WordPress 
is vulner ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14478 (The Demo Importer Plus plugin for WordPress is vulnerable to 
XML Exter ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14463 (The Payment Button for PayPal plugin for WordPress is 
vulnerable to un ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14450 (The Wallet System for WooCommerce plugin for WordPress is 
vulnerable t ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14075 (The WP Hotel Booking plugin for WordPress is vulnerable to 
Sensitive I ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14029 (The Community Events plugin for WordPress is vulnerable to 
unauthorize ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13725 (The Gutenberg Thim Blocks \u2013 Page Builder, Gutenberg 
Blocks for th ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12984 (The Advanced Ads \u2013Ad Manager & AdSense plugin for 
WordPress is vu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12825 (The User Registration Using Contact Form 7 plugin for 
WordPress is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12718 (The Quick Contact Form plugin for WordPress is vulnerable to 
Open Mail ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12168 (The Phrase TMS Integration for WordPress plugin for WordPress 
is vulne ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12129 (The CubeWP \u2013 All-in-One Dynamic Content Framework plugin 
for Word ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12002 (The Feeds for YouTube Pro plugin for WordPress is vulnerable 
to arbitr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-8506
        REJECTED
 CVE-2024-8491



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6384c4634ec4e3b97f3619a44b818bb5471cdca4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6384c4634ec4e3b97f3619a44b818bb5471cdca4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to