Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e5dd4f7c by security tracker role at 2026-01-22T20:14:00+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,53 +1,53 @@
CVE-2026-24390 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24389 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24388 (Missing Authorization vulnerability in Ludwig You
WPMasterToolKit wpma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24387 (Missing Authorization vulnerability in Arul Prasad J WP Quick
Post Dup ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24386 (Missing Authorization vulnerability in Element Invader Element
Invader ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24384 (Cross-Site Request Forgery (CSRF) vulnerability in
launchinteractive M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24383 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24381 (Server-Side Request Forgery (SSRF) vulnerability in ThemeGoods
PhotoMe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24380 (Missing Authorization vulnerability in Metagauss EventPrime
eventprime ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24379 (Authorization Bypass Through User-Controlled Key vulnerability
in wpjo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24377 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24374 (Cross-Site Request Forgery (CSRF) vulnerability in Metagauss
Registrat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24371 (Missing Authorization vulnerability in bookingalgorithms BA
Book Every ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24368 (Missing Authorization vulnerability in Theme-one The Grid
the-grid all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24367 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24366 (Missing Authorization vulnerability in YITHEMES YITH
WooCommerce Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24365 (Cross-Site Request Forgery (CSRF) vulnerability in storeapps
Stock Man ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24361 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24360 (Server-Side Request Forgery (SSRF) vulnerability in Craig
Hewitt Serio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24358 (Missing Authorization vulnerability in ExpressTech Systems
Quiz And Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24357 (Missing Authorization vulnerability in Brecht WP Recipe Maker
wp-recip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24356 (Missing Authorization vulnerability in Roxnor GetGenie
getgenie allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24355 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24354 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24353 (Missing Authorization vulnerability in wpeverest User
Registration use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24332 (Discord through 2026-01-16 allows gathering information about
whether ...)
TODO: check
CVE-2026-24055 (Langfuse is an open source large language model engineering
platform. ...)
@@ -95,13 +95,13 @@ CVE-2026-23990 (The Flux Operator is a Kubernetes CRD
controller that manages th
CVE-2026-23986 (Copier is a library and CLI app for rendering project
templates. Prior ...)
TODO: check
CVE-2026-23978 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23976 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23975 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23974 (Missing Authorization vulnerability in uxper Golo golo allows
Exploiti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23968 (Copier is a library and CLI app for rendering project
templates. Prior ...)
TODO: check
CVE-2026-23967 (sm-crypto provides JavaScript implementations of the Chinese
cryptogra ...)
@@ -123,7 +123,7 @@ CVE-2026-23960 (Argo Workflows is an open source
container-native workflow engin
CVE-2026-23959 (CoreShop is a Pimcore enhanced eCommerce solution. An
error-based SQL ...)
TODO: check
CVE-2026-23958 (Dataease is an open source data visualization analysis tool.
Prior to ...)
- TODO: check
+ NOT-FOR-US: DataEase
CVE-2026-23957 (seroval facilitates JS value stringification, including
complex struct ...)
TODO: check
CVE-2026-23956 (seroval facilitates JS value stringification, including
complex struct ...)
@@ -183,93 +183,93 @@ CVE-2026-22792 (5ire is a cross-platform desktop
artificial intelligence assista
CVE-2026-22598 (ManageIQ is an open-source management platform. A flaw was
found in th ...)
TODO: check
CVE-2026-22483 (Cross-Site Request Forgery (CSRF) vulnerability in winkm89
teachPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22482 (Server-Side Request Forgery (SSRF) vulnerability in wbolt.com
IMGspide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22481 (Missing Authorization vulnerability in Rasedul Haque Rumi BD
Courier O ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22472 (Missing Authorization vulnerability in hassantafreshi Easy
Form Builde ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22470 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22469 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22468 (Missing Authorization vulnerability in AbsolutePlugins
Absolute Addons ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22466 (Missing Authorization vulnerability in Chandni Patel WP MapIt
wp-mapit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22464 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22463 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22462 (Cross-Site Request Forgery (CSRF) vulnerability in
richardevcom Add Po ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22461 (Missing Authorization vulnerability in WebAppick CTX Feed
webappick-pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22458 (Missing Authorization vulnerability in Mikado-Themes
Wanderland wander ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22450 (Missing Authorization vulnerability in Select-Themes Don Peppe
donpepp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22447 (Missing Authorization vulnerability in Select-Themes Prowess
prowess a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22445 (Missing Authorization vulnerability in Proptech Plugin Apimo
Connector ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22430 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22426 (Authorization Bypass Through User-Controlled Key vulnerability
in Elat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22411 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22409 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22407 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22406 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22404 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22402 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22401 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22400 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22398 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22396 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22393 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22391 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22388 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22382 (Cross-Site Request Forgery (CSRF) vulnerability in
Mikado-Themes PawFr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22360 (Cross-Site Request Forgery (CSRF) vulnerability in AA-Team
SearchAzon ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22359 (Cross-Site Request Forgery (CSRF) vulnerability in AA-Team
Wordpress M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22358 (Server-Side Request Forgery (SSRF) vulnerability in
SmartDataSoft Elec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22355 (Cross-Site Request Forgery (CSRF) vulnerability in gregmolnar
Simple X ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22353 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22349 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22348 (Missing Authorization vulnerability in Tasos Fel Civic Cookie
Control ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22347 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22281 (Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5,
versions 9.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22280 (Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5,
versions 9.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22279 (Dell PowerScale OneFS, versions prior 9.13.0.0, contains an
insufficie ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22278 (Dell PowerScale OneFS versions prior to 9.13.0.0 contains an
improper ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-21852 (Claude Code is an agentic coding tool. Prior to version
2.0.65, vulner ...)
TODO: check
CVE-2026-1332 (MeetingHub developed by HAMASTAR Technology has a Missing
Authenticati ...)
@@ -279,13 +279,13 @@ CVE-2026-1331 (MeetingHub developed by HAMASTAR
Technology has an Arbitrary File
CVE-2026-1330 (MeetingHub developed by HAMASTAR Technology has an Arbitrary
File Read ...)
TODO: check
CVE-2026-1329 (A flaw has been found in Tenda AX1803 1.0.0.1. The affected
element is ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-1328 (A vulnerability was detected in Totolink NR1800X
9.1.0u.6279_B20210910 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-1327 (A security vulnerability has been detected in Totolink NR1800X
9.1.0u. ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-1326 (A weakness has been identified in Totolink NR1800X
9.1.0u.6279_B202109 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-1325 (A security flaw has been discovered in Sangfor Operation and
Maintenan ...)
TODO: check
CVE-2026-1324 (A vulnerability was identified in Sangfor Operation and
Maintenance Ma ...)
@@ -295,19 +295,19 @@ CVE-2026-1260 (Invalid memory access in Sentencepiece
versions less than 0.2.1 w
CVE-2026-1225 (ACE vulnerability in configuration file processing by QOS.CH
logback- ...)
TODO: check
CVE-2026-1036 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0920 (The LA-Studio Element Kit for Elementor plugin for WordPress is
vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0535 (A maliciously crafted HTML payload, stored in a
component\u2019s descr ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2026-0534 (A maliciously crafted HTML payload, stored in a part\u2019s
attribute ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2026-0533 (A maliciously crafted HTML payload in a design name, when
displayed du ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2025-71176 (pytest through 9.0.2 on UNIX relies on directories with the
/tmp/pytes ...)
TODO: check
CVE-2025-70899 (PHPgurukul Online Course Registration v3.1 lacks Cross-Site
Request Fo ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-69828 (File Upload vulnerability in TMS Global Software TMS
Management Consol ...)
TODO: check
CVE-2025-69822 (An issue in Atomberg Atomberg Erica Smart Fan Firmware
Version: V1.0.3 ...)
@@ -317,517 +317,517 @@ CVE-2025-69821 (An issue in Beat XP VEGA Smartwatch
(Firmware Version - RB303ATV
CVE-2025-69820 (Directory Traversal vulnerability in Beam beta9 v.0.1.552
allows a rem ...)
TODO: check
CVE-2025-69764 (Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer
overflow ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-69612 (A path traversal vulnerability exists in TMS Management
Console (versi ...)
TODO: check
CVE-2025-69321 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69320 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69319 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69318 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69317 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69316 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69315 (Missing Authorization vulnerability in NSquared Simply
Schedule Appoin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69314 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69313 (Missing Authorization vulnerability in WPXPO PostX
ultimate-post allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69312 (Unrestricted Upload of File with Dangerous Type vulnerability
in Xpro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69311 (Missing Authorization vulnerability in Broadstreet Broadstreet
Ads bro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69300 (Missing Authorization vulnerability in Leap13 Premium Addons
for Eleme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69293 (Incorrect Privilege Assignment vulnerability in e-plugins
Final User f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69292 (Incorrect Privilege Assignment vulnerability in e-plugins WP
Membershi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69285 (SQLBot is an intelligent data query system based on a large
language m ...)
TODO: check
CVE-2025-69193 (Missing Authorization vulnerability in e-plugins WP Membership
wp-memb ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69192 (Missing Authorization vulnerability in e-plugins Real Estate
Pro real- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69191 (Missing Authorization vulnerability in e-plugins ListingHub
listinghub ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69190 (Missing Authorization vulnerability in e-plugins Listihub
listihub all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69188 (Missing Authorization vulnerability in e-plugins
fitness-trainer fitne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69187 (Missing Authorization vulnerability in e-plugins Final User
final-user ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69186 (Missing Authorization vulnerability in e-plugins Hospital
Doctor Direc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69185 (Missing Authorization vulnerability in e-plugins Hotel Listing
hotel-l ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69184 (Missing Authorization vulnerability in e-plugins Institutions
Director ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69183 (Incorrect Privilege Assignment vulnerability in e-plugins
Hospital Doc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69182 (Incorrect Privilege Assignment vulnerability in e-plugins
Institutions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69181 (Missing Authorization vulnerability in e-plugins Lawyer
Directory lawy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69180 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69102 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69101 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69100 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69099 (Deserialization of Untrusted Data vulnerability in fuelthemes
North no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69098 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69097 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69095 (Missing Authorization vulnerability in designthemes
Reservation Plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69079 (Deserialization of Untrusted Data vulnerability in ThemeREX
Sound | Mu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69078 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69077 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69076 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69075 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69074 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69073 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69072 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69071 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69070 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69068 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69067 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69066 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69065 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69064 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69062 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69061 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69060 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69059 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69058 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69057 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69056 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69055 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69054 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69053 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69052 (Missing Authorization vulnerability in FmeAddons Registration
& Login ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69051 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69050 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69049 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69048 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69047 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69046 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69045 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69044 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69043 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69042 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69041 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69040 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69039 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69038 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69037 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69036 (Deserialization of Untrusted Data vulnerability in
strongholdthemes Te ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69035 (Deserialization of Untrusted Data vulnerability in
strongholdthemes De ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69005 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69004 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69003 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69002 (Deserialization of Untrusted Data vulnerability in
designthemes OneLif ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69001 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68999 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68986 (Unrestricted Upload of File with Dangerous Type vulnerability
in zozot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68913 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68912 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68911 (Missing Authorization vulnerability in solacewp Solace solace
allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68910 (Unrestricted Upload of File with Dangerous Type vulnerability
in blaze ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68909 (Unrestricted Upload of File with Dangerous Type vulnerability
in blaze ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68908 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68907 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68906 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68905 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68904 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68903 (Deserialization of Untrusted Data vulnerability in AivahThemes
Anona a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68902 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68901 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68900 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68899 (Deserialization of Untrusted Data vulnerability in
designthemes Vivagh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68898 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68896 (Missing Authorization vulnerability in vrpr WDV One Page Docs
wdv-one- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68894 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68884 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68883 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68882 (Missing Authorization vulnerability in Scalenut Scalenut
scalenut allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68881 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68871 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68869 (Incorrect Privilege Assignment vulnerability in LazyCoders LLC
LazyTas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68866 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68864 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68859 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68858 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68857 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68849 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68839 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68838 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68835 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68609 (A vulnerability in Palantir's Aries service allowed
unauthenticated ac ...)
- TODO: check
+ NOT-FOR-US: Palantir
CVE-2025-68558 (Missing Authorization vulnerability in averta Depicter Slider
depicter ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68538 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68520 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68518 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68510 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68507 (Missing Authorization vulnerability in Icegram Icegram icegram
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68073 (Missing Authorization vulnerability in Ninja Team GDPR CCPA
Compliance ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68072 (Missing Authorization vulnerability in Merv Barrett Easy
Property List ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68059 (Missing Authorization vulnerability in e-plugins Hotel Listing
hotel-l ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68058 (Missing Authorization vulnerability in e-plugins Institutions
Director ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68057 (Missing Authorization vulnerability in e-plugins Hospital
Doctor Direc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68047 (Deserialization of Untrusted Data vulnerability in Arraytics
Eventin w ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68046 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68041 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68039 (Missing Authorization vulnerability in Chris Simmons WP
BackItUp wp-ba ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68035 (Insertion of Sensitive Information Into Sent Data
vulnerability in tab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68034 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68030 (Server-Side Request Forgery (SSRF) vulnerability in WP Messiah
Frontis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68027 (Incorrect Privilege Assignment vulnerability in Themefic Hydra
Booking ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68020 (Missing Authorization vulnerability in WANotifier WANotifier
notifier ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68019 (Missing Authorization vulnerability in cleverplugins SEO
Booster seo-b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68018 (Missing Authorization vulnerability in ilmosys Order Listener
for WooC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68017 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68016 (Missing Authorization vulnerability in Onepay Sri Lanka onepay
Payment ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68015 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68013 (Missing Authorization vulnerability in cardpaysolutions
Payment Gatewa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68012 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68011 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68010 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68009 (Missing Authorization vulnerability in Codeless Slider
Templates slide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68008 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68007 (Missing Authorization vulnerability in Event Espresso Event
Espresso 4 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68006 (Insertion of Sensitive Information Into Sent Data
vulnerability in Dee ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68004 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68003 (Missing Authorization vulnerability in renatoatshown Shown
Connector s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68001 (Unrestricted Upload of File with Dangerous Type vulnerability
in garid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67968 (Unrestricted Upload of File with Dangerous Type vulnerability
in Inspi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67967 (Missing Authorization vulnerability in e-plugins Lawyer
Directory lawy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67966 (Incorrect Privilege Assignment vulnerability in e-plugins
Lawyer Direc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67964 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67963 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67961 (Server-Side Request Forgery (SSRF) vulnerability in Marco van
Wieren W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67960 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67959 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67958 (Missing Authorization vulnerability in Taxcloud TaxCloud for
WooCommer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67957 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67956 (Missing Authorization vulnerability in wpeverest User
Registration use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67955 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67954 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67953 (Incorrect Privilege Assignment vulnerability in Booking
Activities Tea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67952 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67949 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67947 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67946 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67945 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67944 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67943 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67942 (Missing Authorization vulnerability in peachpayments Peach
Payments Ga ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67941 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67940 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67939 (Missing Authorization vulnerability in Tickera Tickera
tickera-event-t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67938 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67923 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67684 (Quick.Cart is vulnerable to Local File Inclusion and Path
Traversal is ...)
TODO: check
CVE-2025-67683 (Quick.Cart is vulnerable to reflected XSS via the sSort
parameter. An ...)
TODO: check
CVE-2025-67626 (Cross-Site Request Forgery (CSRF) vulnerability in Angel Costa
WP SEO ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67620 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67619 (Deserialization of Untrusted Data vulnerability in
designthemes Kids H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67617 (Deserialization of Untrusted Data vulnerability in themeton
Consult Ai ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67616 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67615 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67614 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67221 (The orjson.dumps function in orjson thru 3.11.4 does not limit
recursi ...)
TODO: check
CVE-2025-66428 (An issue with WordPress directory names in WebPros WordPress
Toolkit b ...)
TODO: check
CVE-2025-66143 (Missing Authorization vulnerability in merkulove Crumber
crumber-eleme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66142 (Missing Authorization vulnerability in merkulove Comparimager
for Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66141 (Missing Authorization vulnerability in merkulove Scroller
scroller all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66140 (Missing Authorization vulnerability in merkulove Uper for
Elementor up ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66139 (Missing Authorization vulnerability in merkulove Audier For
Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66138 (Missing Authorization vulnerability in merkulove Motionger for
Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66137 (Missing Authorization vulnerability in merkulove Searcher for
Elemento ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66136 (Missing Authorization vulnerability in merkulove Carter for
Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66135 (Missing Authorization vulnerability in merkulove Imager for
Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-65098 (Typebot is an open-source chatbot builder. In versions prior
to 3.13.2 ...)
TODO: check
CVE-2025-64252 (Server-Side Request Forgery (SSRF) vulnerability in Marco
Milesi ANAC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64097 (NervesHub is a web service that allows users to manage
over-the-air (O ...)
TODO: check
CVE-2025-63051 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63026 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63019 (Insertion of Sensitive Information Into Sent Data
vulnerability in Joh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63018 (Missing Authorization vulnerability in wproyal Bard bard
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63017 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62754 (Missing Authorization vulnerability in Kapil Paul Payment
Gateway bKas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62741 (Server-Side Request Forgery (SSRF) vulnerability in
SmartDataSoft Pool ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62106 (Missing Authorization vulnerability in Mario Peshev WP-CRM
System wp-c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62077 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62056 (Unrestricted Upload of File with Dangerous Type vulnerability
in blaze ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62050 (Unrestricted Upload of File with Dangerous Type vulnerability
in blaze ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-5805 (Missing Authorization vulnerability in Ninetheme Electron
electron all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-56590 (An issue was discovered in the InsertFromURL() function of the
Apryse ...)
TODO: check
CVE-2025-56589 (A Local File Inclusion (LFI) and a Server-Side Request Forgery
(SSRF) ...)
TODO: check
CVE-2025-54003 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54002 (Missing Authorization vulnerability in Jthemes xSmart xsmart
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53240 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52762 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52746 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50007 (Incorrect Privilege Assignment vulnerability in Jthemes xSmart
xsmart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50006 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50005 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50004 (Deserialization of Untrusted Data vulnerability in artbees
JupiterX Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50003 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50002 (Unrestricted Upload of File with Dangerous Type vulnerability
in Faros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-4764 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-4763 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2025-49994 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49375 (Missing Authorization vulnerability in cozythemes HomeLancer
homelance ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49336 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49249 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49066 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49055 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49050 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49049 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49046 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49045 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49043 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48094 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47666 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47600 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47555 (Authorization Bypass Through User-Controlled Key vulnerability
in Them ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47500 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47474 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-36588 (Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s)
an Improp ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-32123 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32057 (The Infotainment ECU manufactured by Bosch which is installed
in Nissa ...)
TODO: check
CVE-2025-32056 (The anti-theft protection mechanism can be bypassed by
attackers due t ...)
TODO: check
CVE-2025-31413 (Cross-Site Request Forgery (CSRF) vulnerability in bdthemes
Element Pa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27380 (HTML injection in Project Release in Altium Enterprise Server
(AES) 7. ...)
TODO: check
CVE-2025-27379 (A stored cross-site scripting (XSS) vulnerability in the BOM
Viewer in ...)
@@ -837,11 +837,11 @@ CVE-2025-27378 (AES contains a SQL injection
vulnerability due to an inactive co
CVE-2025-27377 (Altium Designer version 24.9.0 does not validate self-signed
server ce ...)
TODO: check
CVE-2025-27005 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-15523 (MacOS version of Inkscape bundles a Python interpreter that
inherits t ...)
TODO: check
CVE-2025-14295 (Storing Passwords in a Recoverable Format vulnerability in
Automated L ...)
- TODO: check
+ NOT-FOR-US: Carrier Global
CVE-2025-12738 (Neo4j Enterprise edition versions prior to 2025.11.2 and
5.26.17 are v ...)
TODO: check
CVE-2025-10856 (Unrestricted Upload of File with Dangerous Type vulnerability
in Solve ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5dd4f7c5d159cb7cd13f3308d6c47f7afd947f8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5dd4f7c5d159cb7cd13f3308d6c47f7afd947f8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
