Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3ef85dec by security tracker role at 2026-02-19T20:14:06+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,9 +7,9 @@ CVE-2026-2736 (Reflected Cross-site Scripting (XSS) in
Alkacon's OpenCms v18.0,
CVE-2026-2735 (Stored Cross-Site Scripting (XSS) in Alkacon's OpenCms v18.0,
which oc ...)
TODO: check
CVE-2026-2718 (The Dealia \u2013 Request a Quote plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2716 (The Client Testimonial Slider plugin for WordPress is
vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2409 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2026-2274 (A SSRF and Arbitrary File Read vulnerability in AppSheet Core
in Googl ...)
@@ -17,7 +17,7 @@ CVE-2026-2274 (A SSRF and Arbitrary File Read vulnerability
in AppSheet Core in
CVE-2026-2243 (A flaw was found in QEMU. A specially crafted VMDK image could
trigger ...)
TODO: check
CVE-2026-2232 (The Product Table and List Builder for WooCommerce Lite plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-27475 (SPIP before 4.4.9 allows Insecure Deserialization in the
public area t ...)
TODO: check
CVE-2026-27474 (SPIP before 4.4.9 allows Cross-Site Scripting (XSS) in the
private are ...)
@@ -27,45 +27,45 @@ CVE-2026-27473 (SPIP before 4.4.9 allows Stored Cross-Site
Scripting (XSS) via s
CVE-2026-27472 (SPIP before 4.4.9 allows Blind Server-Side Request Forgery
(SSRF) via ...)
TODO: check
CVE-2026-27094 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27092 (Missing Authorization vulnerability in Greg Winiarski
WPAdverts wpadve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27090 (Cross-Site Request Forgery (CSRF) vulnerability in WP Moose
Kenta Comp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27074 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27069 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27066 (Missing Authorization vulnerability in PI Web Solution Live
sales noti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27059 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27058 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27057 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27056 (Missing Authorization vulnerability in StellarWP iThemes Sync
ithemes- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27055 (Missing Authorization vulnerability in PenciDesign Penci AI
SmartConte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27052 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27050 (Cross-Site Request Forgery (CSRF) vulnerability in ThimPress
RealPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27042 (Missing Authorization vulnerability in WPDeveloper
NotificationX notif ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27013 (Fabric.js is a Javascript HTML5 canvas library. Prior to
version 7.2.0 ...)
TODO: check
CVE-2026-26362 (Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a
Relative Pa ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26361 (Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an
External C ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26360 (Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an
External C ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26359 (Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an
External C ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26358 (Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a
Missing Aut ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26345 (SPIP before 4.4.8 allows Cross-Site Scripting (XSS) in the
public area ...)
TODO: check
CVE-2026-26339 (Hyland Alfresco Transformation Service allows unauthenticated
attacker ...)
@@ -105,7 +105,7 @@ CVE-2026-26189 (Trivy Action runs Trivy as GitHub action to
scan a Docker contai
CVE-2026-26063 (CediPay is a crypto-to-fiat app for the Ghanaian market. A
vulnerabili ...)
TODO: check
CVE-2026-26059 (ChurchCRM is an open-source church management system. In
versions prio ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2026-26057 (Skill Scanner is a security scanner for AI Agent Skills that
detects p ...)
TODO: check
CVE-2026-26030 (Semantic Kernel, Microsoft's semantic kernel Python SDK, has a
remote ...)
@@ -129,181 +129,181 @@ CVE-2026-25535 (jsPDF is a library to generate PDFs in
JavaScript. Prior to 4.2.
CVE-2026-25527 (changedetection.io is a free open source web page change
detection too ...)
TODO: check
CVE-2026-25473 (Missing Authorization vulnerability in AA-Team WZone woozone
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25472 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25463 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25459 (Missing Authorization vulnerability in uixthemes Sober sober
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25453 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25451 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25441 (Missing Authorization vulnerability in LeadConnector
LeadConnector lea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25432 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25428 (Server-Side Request Forgery (SSRF) vulnerability in totalsoft
TS Poll ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25423 (Missing Authorization vulnerability in
creativeinteractivemedia Real 3 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25422 (Cross-Site Request Forgery (CSRF) vulnerability in Themes4WP
Popularis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25420 (Missing Authorization vulnerability in MailerLite MailerLite
official- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25419 (Missing Authorization vulnerability in flycart UpsellWP
checkout-upsel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25418 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25416 (Missing Authorization vulnerability in blazethemes News Kit
Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25415 (Missing Authorization vulnerability in iqonicdesign WPBookit
Pro wpboo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25412 (Missing Authorization vulnerability in mdempfle Advanced
iFrame advanc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25411 (Cross-Site Request Forgery (CSRF) vulnerability in
themastercut Revisi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25410 (Missing Authorization vulnerability in tstephenson WP-CORS
wp-cors all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25409 (Missing Authorization vulnerability in crgeary JAMstack
Deployments wp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25408 (Missing Authorization vulnerability in PluginRx Broken Link
Notifier b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25407 (Missing Authorization vulnerability in cookiebot Cookiebot
cookiebot a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25404 (Missing Authorization vulnerability in Automattic WP Job
Manager wp-jo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25402 (Missing Authorization vulnerability in echoplugins Knowledge
Base for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25399 (Missing Authorization vulnerability in CryoutCreations Serious
Slider ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25395 (Missing Authorization vulnerability in ikreatethemes Business
Roy busi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25394 (Missing Authorization vulnerability in sparklewpthemes Fitness
FSE fit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25393 (Missing Authorization vulnerability in sparklewpthemes Hello
FSE hello ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25392 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in K ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25391 (Missing Authorization vulnerability in WP Grids WP Wand
ai-content-gen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25389 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25388 (Missing Authorization vulnerability in scripteo Ads Pro
ap-plugin-scri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25387 (Missing Authorization vulnerability in Elementor Image
Optimizer by El ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25386 (Missing Authorization vulnerability in Elementor Ally
pojo-accessibili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25385 (Server-Side Request Forgery (SSRF) vulnerability in
KaizenCoders URL S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25384 (Missing Authorization vulnerability in WP Lab WP-Lister Lite
for eBay ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25378 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25375 (Missing Authorization vulnerability in WP Chill Image Photo
Gallery Fi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25374 (Missing Authorization vulnerability in raratheme Spa and Salon
spa-and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25372 (Missing Authorization vulnerability in Kodezen LLC Academy LMS
academy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25370 (Missing Authorization vulnerability in AresIT WP Compress
wp-compress- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25368 (Missing Authorization vulnerability in codepeople Calculated
Fields Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25367 (Missing Authorization vulnerability in NooTheme CitiLights
noo-citilig ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25364 (Missing Authorization vulnerability in BoldGrid Client
Invoicing by Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25363 (Missing Authorization vulnerability in FooPlugins FooGallery
foogaller ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25362 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25348 (Missing Authorization vulnerability in alttextai Download Alt
Text AI ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25343 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25338 (Missing Authorization vulnerability in Ays Pro AI ChatBot with
ChatGPT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25337 (Cross-Site Request Forgery (CSRF) vulnerability in wpcoachify
Coachify ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25336 (Missing Authorization vulnerability in wpcoachify Coachify
coachify al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25335 (Missing Authorization vulnerability in Ays Pro Secure Copy
Content Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25333 (Missing Authorization vulnerability in peregrinethemes
Shopwell shopwe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25332 (Missing Authorization vulnerability in Fahad Mahmood Endless
Posts Nav ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25331 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25330 (Missing Authorization vulnerability in PublishPress
PublishPress Autho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25329 (Missing Authorization vulnerability in ExpressTech Systems
Quiz And Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25326 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25325 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25324 (Authorization Bypass Through User-Controlled Key vulnerability
in Expr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25323 (Missing Authorization vulnerability in MiKa OSM osm allows
Exploiting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25322 (Cross-Site Request Forgery (CSRF) vulnerability in
PublishPress Publis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25321 (Missing Authorization vulnerability in PSM Plugins
SupportCandy suppor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25320 (Missing Authorization vulnerability in Cool Plugins Elementor
Contact ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25319 (Cross-Site Request Forgery (CSRF) vulnerability in wpzita Zita
Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25318 (Missing Authorization vulnerability in Wisernotify team
WiserReview Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25316 (Deserialization of Untrusted Data vulnerability in Brainstorm
Force Ca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25315 (Missing Authorization vulnerability in hcaptcha hCaptcha for
WP hcaptc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25314 (Missing Authorization vulnerability in WP Messiah TOP Table Of
Content ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25313 (Missing Authorization vulnerability in Shahjahan Jewel
FluentForm flue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25311 (Missing Authorization vulnerability in 10up Autoshare for
Twitter auto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25310 (Server-Side Request Forgery (SSRF) vulnerability in Alobaidi
Extend Li ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25308 (Missing Authorization vulnerability in wp.insider Simple
Membership si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25307 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25305 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25008 (Insertion of Sensitive Information Into Sent Data
vulnerability in Sha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25006 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25005 (Authorization Bypass Through User-Controlled Key vulnerability
in N-Me ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25004 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25003 (Missing Authorization vulnerability in madalin.ungureanu
Client Portal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25000 (Missing Authorization vulnerability in Kraft Plugins Wheel of
Life whe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24999 (Missing Authorization vulnerability in Alma Alma
alma-gateway-for-wooc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24834 (Kata Containers is an open source project focusing on a
standard imple ...)
TODO: check
CVE-2026-24392 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24375 (Missing Authorization vulnerability in WP Swings Ultimate Gift
Cards F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23805 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23804 (Missing Authorization vulnerability in BBR Plugins Better
Business Rev ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23803 (Server-Side Request Forgery (SSRF) vulnerability in Burhan
Nasir Smart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23621 (GFI MailEssentials AI versions prior to22.4 contain an
arbitrary direc ...)
TODO: check
CVE-2026-23620 (GFI MailEssentials AI versions prior to22.4 contain an
arbitrary file ...)
@@ -341,39 +341,39 @@ CVE-2026-23605 (GFI MailEssentials AI versions prior
to22.4 contain a stored cro
CVE-2026-23604 (GFI MailEssentials AI versions prior to22.4 contain a stored
cross-sit ...)
TODO: check
CVE-2026-23549 (Deserialization of Untrusted Data vulnerability in
magepeopleteam WpEv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23548 (Missing Authorization vulnerability in designinvento
DirectoryPress di ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23547 (Missing Authorization vulnerability in cmsmasters CMSMasters
Content C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23545 (Missing Authorization vulnerability in Aruba.it Dev Aruba
HiSpeed Cach ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23544 (Deserialization of Untrusted Data vulnerability in codetipi
Valenti va ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23543 (Missing Authorization vulnerability in WPDeveloper Essential
Addons fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23542 (Deserialization of Untrusted Data vulnerability in ThemeGoods
Grand Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23541 (Missing Authorization vulnerability in WPFunnels Mail Mint
mail-mint a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22422 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22333 (Deserialization of Untrusted Data vulnerability in YITHEMES
YITH WooCo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22269 (Dell PowerProtect Data Manager, version(s) prior to 19.22,
contain(s) ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22268 (Dell PowerProtect Data Manager, version(s) prior to 19.22,
contain(s) ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22267 (Dell PowerProtect Data Manager, version(s) prior to 19.22,
contain(s) ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22266 (Dell PowerProtect Data Manager, version(s) prior to 19.22,
contain(s) ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-1581 (The wpForo Forum plugin for WordPress is vulnerable to
time-based SQL ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1461 (The Simple Membership plugin for WordPress is vulnerable to
Improper H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1219 (The MP3 Audio Player \u2013 Music Player, Podcast Player &
Radio by So ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9953 (Authorization Bypass Through User-Controlled SQL Primary Key
vulnerabi ...)
TODO: check
CVE-2025-9062 (Authorization Bypass Through User-Controlled Key vulnerability
in MeCO ...)
@@ -425,9 +425,9 @@ CVE-2025-15560 (An authenticated attacker with minimal
permissions can exploit a
CVE-2025-15559 (An unauthenticated attacker can inject OS commands when
calling a serv ...)
TODO: check
CVE-2025-13590 (A malicious actor with administrative privileges can upload an
arbitra ...)
- TODO: check
+ NOT-FOR-US: WSO2
CVE-2025-12107 (Due to the use of a vulnerable third-party Velocity template
engine, a ...)
- TODO: check
+ NOT-FOR-US: WSO2
CVE-2019-25430 (Comodo Dome Firewall 2.7.0 contains a reflected cross-site
scripting v ...)
TODO: check
CVE-2019-25429 (Comodo Dome Firewall 2.7.0 contains a reflected cross-site
scripting v ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef85deccf93a57e76f212c6e9f9ebd33cee3940
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef85deccf93a57e76f212c6e9f9ebd33cee3940
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
