[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Sat, 14 Feb 2026 00:14:27 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8cfd3dd8 by security tracker role at 2026-02-14T08:14:07+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2026-2469 (Versions of the package directorytree/imapengine before 1.22.3 
are vul ...)
        TODO: check
 CVE-2026-2144 (The Magic Login Mail or QR Code plugin for WordPress is 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-2027 (The AMP Enhancer \u2013 Compatibility Layer for Official AMP 
Plugin fo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-2024 (The PhotoStack Gallery plugin for WordPress is vulnerable to 
SQL Injec ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-2022 (The Smart Forms plugin for WordPress is vulnerable to 
unauthorized acc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-26335 (Calero VeraSMART versions prior to2022 R1 use static 
ASP.NET/IIS machi ...)
        TODO: check
 CVE-2026-26334 (Calero VeraSMART versions prior to2026 R1 contain hardcoded 
static AES ...)
@@ -37,77 +37,77 @@ CVE-2026-26273 (Known is a social publishing platform. 
Prior to 1.6.3, a Critica
 CVE-2026-24853 (Caido is a web security auditing toolkit. Prior to 0.55.0, 
Caido block ...)
        TODO: check
 CVE-2026-1988 (The Flexi Product Slider and Grid for WooCommerce plugin for 
WordPress ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1987 (The Scheduler Widget plugin for WordPress is vulnerable to 
Insecure Di ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1985 (The Press3D plugin for WordPress is vulnerable to Stored 
Cross-Site Sc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1983 (The SEATT: Simple Event Attendance plugin for WordPress is 
vulnerable  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1944 (The CallbackKiller service widget plugin for WordPress is 
vulnerable t ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1939 (The Percent to Infograph plugin for WordPress is vulnerable to 
Stored  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1932 (The Appointment Booking Calendar Plugin \u2013 Bookr plugin for 
WordPr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1915 (The Simple Plyr plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1912 (The Citations tools plugin for WordPress is vulnerable to 
Stored Cross ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1910 (The UpMenu \u2013 Online ordering for restaurants plugin for 
WordPress ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1905 (The Sphere Manager plugin for WordPress is vulnerable to Stored 
Cross- ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1904 (The Simple Wp colorfull Accordion plugin for WordPress is 
vulnerable t ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1903 (The Ravelry Designs Widget plugin for WordPress is vulnerable 
to Store ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1901 (The QuestionPro Surveys plugin for WordPress is vulnerable to 
Stored C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1844 (The PixelYourSite PRO plugin for WordPress is vulnerable to 
Stored Cro ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1841 (The PixelYourSite \u2013 Your smart PIXEL (TAG) & API Manager 
plugin f ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1796 (The StyleBidet plugin for WordPress is vulnerable to Reflected 
Cross-S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1795 (The Address Bar Ads plugin for WordPress is vulnerable to 
Reflected Cr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1792 (The Geo Widget plugin for WordPress is vulnerable to Stored 
Cross-Site ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1754 (The personal-authors-category plugin for WordPress is 
vulnerable to Re ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1394 (The WP Quick Contact Us plugin for WordPress is vulnerable to 
Cross-Si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1306 (The midi-Synth plugin for WordPress is vulnerable to arbitrary 
file up ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1303 (The MailChimp Campaigns plugin for WordPress is vulnerable to 
Missing  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1187 (The ZoomifyWP Free plugin for WordPress is vulnerable to Stored 
Cross- ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1164 (The Easy Voice Mail plugin for WordPress is vulnerable to 
Stored Cross ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1096 (The Best-wp-google-map plugin for WordPress is vulnerable to 
Stored Cr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0753 (The Super Simple Contact Form plugin for WordPress is 
vulnerable to Re ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0751 (The Payment Page | Payment Form for Stripe plugin for WordPress 
is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0745 (The User Language Switch plugin for WordPress is vulnerable to 
Server- ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0736 (The Chatbot for WordPress by Collect.chat plugin for WordPress 
is vuln ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0735 (The User Language Switch plugin for WordPress is vulnerable to 
Stored  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0727 (The Accordion and Accordion Slider plugin for WordPress is 
vulnerable  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0693 (The Allow HTML in Category Descriptions plugin for WordPress is 
vulner ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0692 (The BlueSnap Payment Gateway for WooCommerce plugin for 
WordPress is v ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0559 (The MasterStudy LMS WordPress Plugin \u2013 for Online Courses 
and Edu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0557 (The WP Data Access plugin for WordPress is vulnerable to Stored 
Cross- ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-70957 (A Denial of Service (DoS) vulnerability was discovered in the 
TON Lite ...)
        TODO: check
 CVE-2025-70956 (A State Pollution vulnerability was discovered in the TON 
Virtual Mach ...)
@@ -119,7 +119,7 @@ CVE-2025-70954 (A Null Pointer Dereference vulnerability 
exists in the TON Virtu
 CVE-2025-70866 (LavaLite CMS 10.1.0 is vulnerable to Incorrect Access Control. 
An auth ...)
        TODO: check
 CVE-2025-6792 (The One to one user Chat by WPGuppy plugin for WordPress is 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-69633 (A SQL Injection vulnerability in the Advanced Popup Creator 
(advancedp ...)
        TODO: check
 CVE-2025-68128
@@ -139,21 +139,21 @@ CVE-2025-58182
 CVE-2025-47915
        REJECTED
 CVE-2025-15483 (The Link Hopper plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-15157 (The Starfish Review Generation & Marketing for WordPress 
plugin for Wo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14873 (The LatePoint \u2013 Calendar Booking Plugin for Appointments 
and Even ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14852 (The MDirector Newsletter plugin for WordPress is vulnerable to 
Cross-S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14608 (The WP Last Modified Info plugin for WordPress is vulnerable 
to Insecu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14067 (The Easy Form Builder plugin for WordPress is vulnerable to 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13973 (The StickEasy Protected Contact Form plugin for WordPress is 
vulnerabl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13681 (The BFG Tools \u2013 Extension Zipper plugin for WordPress is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-34157
        REJECTED
 CVE-2024-34154



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cfd3dd805a72a02171b9104ce507cb4678cd7e6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cfd3dd805a72a02171b9104ce507cb4678cd7e6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to