Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6ea39d14 by security tracker role at 2026-01-23T20:14:25+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,207 +1,207 @@
CVE-2026-24636 (Missing Authorization vulnerability in Syed Balkhi Sugar
Calendar (Lit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24635 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24634 (Authorization Bypass Through User-Controlled Key vulnerability
in Rust ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24633 (Missing Authorization vulnerability in Passionate Brains Add
Expires H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24632 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24631 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24630 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24629 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24627 (Missing Authorization vulnerability in Trusona Trusona for
WordPress t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24626 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24625 (Missing Authorization vulnerability in Imaginate Solutions
File Upload ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24624 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24623 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24622 (Missing Authorization vulnerability in Sergiy Dzysyak
Suggestion Toolk ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24621 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24620 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24619 (Missing Authorization vulnerability in PopCash PopCash.Net
Code Integr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24617 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24616 (Missing Authorization vulnerability in Damian WP Popups
wp-popups-lite ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24615 (Missing Authorization vulnerability in themebeez Cream
Magazine cream- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24614 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24613 (Missing Authorization vulnerability in Ecwid by Lightspeed
Ecommerce S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24612 (Missing Authorization vulnerability in themebeez Orchid Store
orchid-s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24609 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24608 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24607 (Missing Authorization vulnerability in wptravelengine Travel
Monster t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24606 (Missing Authorization vulnerability in Web Impian Bayarcash
WooCommerc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24605 (Missing Authorization vulnerability in pencilwp X Addons for
Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24604 (Missing Authorization vulnerability in themebeez Simple GDPR
Cookie Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24603 (Missing Authorization vulnerability in themebeez Universal
Google Adse ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24602 (Missing Authorization vulnerability in Raptive Raptive Ads
adthrive-ad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24601 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24600 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24599 (Authorization Bypass Through User-Controlled Key vulnerability
in XLPl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24598 (Missing Authorization vulnerability in bestwebsoft
Multilanguage by Be ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24596 (Cross-Site Request Forgery (CSRF) vulnerability in marynixie
Related P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24595 (Missing Authorization vulnerability in zohocrm Zoho CRM Lead
Magnet zo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24594 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24593 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24591 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24589 (Insertion of Sensitive Information Into Sent Data
vulnerability in Car ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24588 (Missing Authorization vulnerability in topdevs Smart Product
Viewer sm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24587 (Missing Authorization vulnerability in kutsy AJAX Hits Counter
+ Popul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24585 (Missing Authorization vulnerability in Hyyan Abo Fakher Hyyan
WooComme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24584 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24583 (Missing Authorization vulnerability in sumup SumUp Payment
Gateway For ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24581 (Missing Authorization vulnerability in WP Swings Points and
Rewards fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24580 (Missing Authorization vulnerability in Ecwid by Lightspeed
Ecommerce S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24579 (Missing Authorization vulnerability in WP Messiah Ai Image Alt
Text Ge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24578 (Missing Authorization vulnerability in Jahid Hasan Admin login
URL Cha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24577 (Missing Authorization vulnerability in Genetech Products Pie
Register ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24576 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24572 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24571 (Missing Authorization vulnerability in boxnow BOX NOW Delivery
box-now ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24570 (Missing Authorization vulnerability in WisdmLabs Edwiser
Bridge edwise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24569 (Missing Authorization vulnerability in Sully Media Library
File Size m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24568 (Missing Authorization vulnerability in WP Travel WP Travel
wp-travel a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24567 (Missing Authorization vulnerability in briarinc Anything Order
by Term ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24566 (Missing Authorization vulnerability in iNET iNET Webkit
inet-webkit al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24565 (Insertion of Sensitive Information Into Sent Data
vulnerability in bPl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24564 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24563 (Missing Authorization vulnerability in Ashan Perera LifePress
lifepres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24562 (Missing Authorization vulnerability in Ryviu Ryviu –
Product Rev ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24561 (Missing Authorization vulnerability in Mahmudul Hasan Arif
FluentBoard ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24560 (Missing Authorization vulnerability in Cloudinary Cloudinary
cloudinar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24559 (Insertion of Sensitive Information Into Sent Data
vulnerability in CRM ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24558 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24557 (Insertion of Sensitive Information Into Sent Data
vulnerability in WEN ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24556 (Missing Authorization vulnerability in wpdive ElementCamp
element-camp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24555 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24553 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24551 (Missing Authorization vulnerability in monetagwp Monetag
Official Plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24550 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24549 (Cross-Site Request Forgery (CSRF) vulnerability in Paolo
GeoDirectory ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24548 (Server-Side Request Forgery (SSRF) vulnerability in Prince
Radio Playe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24544 (Missing Authorization vulnerability in Harmonic Design HD Quiz
hd-quiz ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24543 (Missing Authorization vulnerability in Horea Radu Materialis
Companion ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24542 (Cross-Site Request Forgery (CSRF) vulnerability in John James
Jacoby W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24541 (Missing Authorization vulnerability in mkscripts Download
After Email ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24540 (Missing Authorization vulnerability in Prince Integrate Google
Drive i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24539 (Missing Authorization vulnerability in ABCdatos Protecci\xf3n
de datos ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24538 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24536 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24535 (Missing Authorization vulnerability in webdevstudios Automatic
Feature ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24534 (Missing Authorization vulnerability in uPress Booter
booter-bots-crawl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24532 (Missing Authorization vulnerability in SiteLock SiteLock
Security site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24531 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24530 (Missing Authorization vulnerability in sheepfish WebP
Conversion webp- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24529 (Missing Authorization vulnerability in Alejandro Quick
Restaurant Rese ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24528 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24526 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24525 (Missing Authorization vulnerability in CloudPanel CLP Varnish
Cache cl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24524 (Missing Authorization vulnerability in Essekia Tablesome
tablesome all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24523 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24522 (Missing Authorization vulnerability in MyThemeShop WP
Subscribe wp-sub ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24521 (Cross-Site Request Forgery (CSRF) vulnerability in Timur
Kamaev Kama T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24423 (SmarterTools SmarterMail versions prior to build 9511 contain
an unaut ...)
TODO: check
CVE-2026-22276 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell
ObjectScale versi ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22275 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell
ObjectScale versi ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22274 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell
ObjectScale versi ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22273 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell
ObjectScale versi ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22271 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell
ObjectScale versi ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-21867
REJECTED
CVE-2026-1364 (IAQS and I6 developed by JNC has a Missing Authentication
vulnerabilit ...)
@@ -213,7 +213,7 @@ CVE-2026-1299 (The email module, specifically the
"BytesGenerator" class, didn\
CVE-2026-0994 (A denial-of-service (DoS) vulnerability exists in
google.protobuf.json ...)
TODO: check
CVE-2026-0914 (The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-71177 (LavaLite CMS versions up to and including 10.1.0 contain a
stored cros ...)
TODO: check
CVE-2025-70986 (Incorrect access control in the selectDept function of RuoYi
v4.8.2 al ...)
@@ -245,19 +245,19 @@ CVE-2025-4320 (Authentication Bypass by Primary Weakness,
Weak Password Recovery
CVE-2025-4319 (Improper Restriction of Excessive Authentication Attempts, Weak
Passwo ...)
TODO: check
CVE-2025-46699 (Dell Data Protection Advisor, versions prior to 19.12,
contains an Imp ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-2204 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2025-14947 (The All-in-One Video Gallery plugin for WordPress is
vulnerable to una ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14866 (The Melapress Role Editor plugin for WordPress is vulnerable
to Privil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13921 (The weDocs: AI Powered Knowledge Base, Docs, Documentation,
Wiki & AI ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-47906 (BloofoxCMS 0.5.2.1 contains a stored cross-site scripting
vulnerabilit ...)
TODO: check
CVE-2021-47905 (MyBB Delete Account Plugin 1.4 contains a cross-site scripting
vulnera ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2021-47904 (PhreeBooks 5.2.3 contains an authenticated file upload
vulnerability i ...)
TODO: check
CVE-2021-47903 (LiteSpeed Web Server Enterprise 5.4.11 contains an
authenticated comma ...)
@@ -289,9 +289,9 @@ CVE-2021-47888 (Textpattern versions prior to 4.8.3 contain
an authenticated rem
CVE-2021-47881 (dataSIMS Avionics ARINC 664-1 version 4.5.3 contains a local
buffer ov ...)
TODO: check
CVE-2018-25132 (MyBB Trending Widget Plugin 1.2 contains a cross-site
scripting vulner ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2018-25116 (MyBB Thread Redirect Plugin 0.2.1 contains a cross-site
scripting vuln ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2026-22995 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux <unfixed>
[trixie] - linux <not-affected> (Vulnerable code not present)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ea39d14c1f7d9fcd139cabe893efdf542459cc2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ea39d14c1f7d9fcd139cabe893efdf542459cc2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
