Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
88d3469c by security tracker role at 2026-02-20T20:14:13+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2026-2854 (A flaw has been found in D-Link DWR-M960 1.01.07. This impacts
the fun ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-2853 (A vulnerability was detected in D-Link DWR-M960 1.01.07. This
affects ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-2852 (A vulnerability was identified in yeqifu warehouse up to
aaf29962ba407 ...)
TODO: check
CVE-2026-2851 (A vulnerability was determined in yeqifu warehouse up to
aaf29962ba407 ...)
@@ -11,17 +11,17 @@ CVE-2026-2850 (A vulnerability was found in yeqifu
warehouse up to aaf29962ba407
CVE-2026-2849 (A vulnerability has been found in yeqifu warehouse up to
aaf29962ba407 ...)
TODO: check
CVE-2026-2848 (A flaw has been found in SourceCodester Simple Responsive
Tourism Webs ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-2847 (A vulnerability was detected in UTT HiPER 520 1.7.7-160105.
Affected i ...)
TODO: check
CVE-2026-2846 (A security vulnerability has been detected in UTT HiPER 520
1.7.7-1601 ...)
TODO: check
CVE-2026-2832 (Certain Samsung MultiXpress Multifunction Printers may be
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2026-2818 (A zip-slip path traversal vulnerability in Spring Data Geode's
import ...)
TODO: check
CVE-2026-2486 (The Master Addons For Elementor plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2473 (Predictable bucket naming in Vertex AI Experiments in Google
Cloud Ver ...)
TODO: check
CVE-2026-2472 (Stored Cross-Site Scripting (XSS) in the
_genai/_evals_visualization c ...)
@@ -41,7 +41,7 @@ CVE-2026-27502 (SVXportal version 2.5 and prior contain a
reflected cross-site s
CVE-2026-27115 (ADB Explorer is a fluent UI for ADB on Windows. Versions
0.9.26020 and ...)
TODO: check
CVE-2026-27072 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-26747 (A Host Header Poisoning vulnerability exists in Monica 4.1.2
due to im ...)
TODO: check
CVE-2026-26746 (OpenSourcePOS 3.4.1 contains a Local File Inclusion (LFI)
vulnerabilit ...)
@@ -85,27 +85,27 @@ CVE-2026-26048 (The Wi-Fi router is vulnerable to
de-authentication attacks due
CVE-2026-25715 (The web management interface of the device allows the
administrator u ...)
TODO: check
CVE-2026-24959 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24956 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24955 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24953 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24950 (Authorization Bypass Through User-Controlled Key vulnerability
in them ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24949 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24948 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24946 (Missing Authorization vulnerability in tychesoftwares Print
Invoice & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24944 (Missing Authorization vulnerability in weDevs Subscribe2
subscribe2 al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24943 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24941 (Missing Authorization vulnerability in wpjobportal WP Job
Portal wp-jo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24891 (openITCOCKPIT is an open source monitoring tool built for
different mo ...)
TODO: check
CVE-2026-24790 (The underlying PLC of the device can be remotely influenced,
without p ...)
@@ -115,73 +115,73 @@ CVE-2026-24455 (The embedded web interface of the device
does not support HTTPS/
CVE-2026-22885 (A vulnerability exists in EnOcean SmartServer IoT version
4.60.009 and ...)
TODO: check
CVE-2026-22384 (Deserialization of Untrusted Data vulnerability in leafcolor
Applay - ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22383 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22381 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22380 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22379 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22378 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22377 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22376 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22375 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22374 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22373 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22372 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22371 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22370 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22369 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22368 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22367 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22366 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22365 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22364 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22363 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22362 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22361 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22357 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22356 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22354 (Deserialization of Untrusted Data vulnerability in Dotstore
Woocommerc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22352 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22351 (Missing Authorization vulnerability in Marcus (aka @msykes) WP
FullCal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22350 (Missing Authorization vulnerability in add-ons.org PDF for
Elementor F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22346 (Deserialization of Untrusted Data vulnerability in A WP Life
Slider Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22345 (Deserialization of Untrusted Data vulnerability in A WP Life
Image Gal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22344 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22341 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-21627 (The vulnerability was rooted in how the Tassos Framework
plugin handle ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2026-21620 (Relative Path Traversal, Improper Isolation or
Compartmentalization vu ...)
TODO: check
CVE-2026-20761 (A vulnerability exists in EnOcean SmartServer IoT version
4.60.009 and ...)
@@ -193,355 +193,355 @@ CVE-2025-70833 (An Authentication Bypass vulnerability
in Smanga 3.2.7 allows an
CVE-2025-70831 (A Remote Code Execution (RCE) vulnerability was found in
Smanga 3.2.7 ...)
TODO: check
CVE-2025-69410 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69409 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69408 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69407 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69406 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69405 (Deserialization of Untrusted Data vulnerability in ThemeREX
Lorem Ipsu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69404 (Deserialization of Untrusted Data vulnerability in ThemeREX
Extreme St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69403 (Unrestricted Upload of File with Dangerous Type vulnerability
in Bravi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69402 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69401 (Authentication Bypass by Spoofing vulnerability in mdalabar
WooODT Lit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69400 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69399 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69398 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69397 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69396 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69395 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69394 (Authorization Bypass Through User-Controlled Key vulnerability
in cnvr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69393 (Missing Authorization vulnerability in Jthemes Exzo exzo
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69392 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69391 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69390 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69389 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69388 (Missing Authorization vulnerability in cliengo Cliengo \u2013
Chatbot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69387 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69386 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69385 (Missing Authorization vulnerability in AgniHD Cartify -
WooCommerce Gu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69384 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69383 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69382 (Deserialization of Untrusted Data vulnerability in themesflat
Themesfl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69381 (Missing Authorization vulnerability in vanquish WooCommerce
Bulk Produ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69380 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69379 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69378 (Incorrect Privilege Assignment vulnerability in
XforWooCommerce Produc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69377 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69376 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69375 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69374 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69373 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69372 (Deserialization of Untrusted Data vulnerability in
AncoraThemes SevenH ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69371 (Deserialization of Untrusted Data vulnerability in
AncoraThemes Kindly ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69370 (Deserialization of Untrusted Data vulnerability in ThemeGoods
Capella ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69368 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69367 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69366 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69365 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69337 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69330 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69329 (Deserialization of Untrusted Data vulnerability in Jthemes
Prestige pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69328 (Deserialization of Untrusted Data vulnerability in
magepeopleteam Book ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69326 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69325 (Path Traversal: '.../...//' vulnerability in primersoftware
Primer MyD ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69324 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69323 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69322 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69310 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69309 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69308 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69307 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69306 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69305 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69304 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69303 (Missing Authorization vulnerability in modeltheme ModelTheme
Framework ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69302 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69301 (Deserialization of Untrusted Data vulnerability in ThemeGoods
PhotoMe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69299 (Server-Side Request Forgery (SSRF) vulnerability in Laborator
Oxygen o ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69298 (Missing Authorization vulnerability in GhostPool Gauge gauge
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69297 (Missing Authorization vulnerability in GhostPool Aardvark
Plugin aardv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69296 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69295 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69294 (Deserialization of Untrusted Data vulnerability in fuelthemes
PeakShop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69063 (Missing Authorization vulnerability in Saad Iqbal New User
Approve new ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69011 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68895 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68880 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68863 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68862 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68856 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68855 (Insertion of Sensitive Information Into Sent Data
vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68854 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68853 (Deserialization of Untrusted Data vulnerability in Kleor
Contact Manag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68852 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68848 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68847 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68846 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68845 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68844 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68843 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68842 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68841 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68837 (Missing Authorization vulnerability in ELEXtensions ELEX
WordPress Hel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68834 (Missing Authorization vulnerability in Saiful Islam Sync
Master Sheet ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68564 (Missing Authorization vulnerability in sendy Sendy sendy
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68552 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68549 (Unrestricted Upload of File with Dangerous Type vulnerability
in zozot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68545 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68543 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68542 (Missing Authorization vulnerability in vgdevsolutions Checkout
Gateway ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68541 (Deserialization of Untrusted Data vulnerability in BoldThemes
Ippsum i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68539 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68536 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68534 (Missing Authorization vulnerability in add-ons.org PDF for
WPForms pdf ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68531 (Deserialization of Untrusted Data vulnerability in modeltheme
ModelThe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68526 (Deserialization of Untrusted Data vulnerability in A WP Life
Modal Pop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68514 (Authorization Bypass Through User-Controlled Key vulnerability
in Cozm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68501 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68495 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68069 (Missing Authorization vulnerability in wpWax Directorist
directorist a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68051 (Authorization Bypass Through User-Controlled Key vulnerability
in Ship ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68050 (Missing Authorization vulnerability in Leadpages Leadpages
leadpages a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68048 (Missing Authorization vulnerability in XLPlugins NextMove Lite
woo-tha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68043 (Missing Authorization vulnerability in LottieFiles LottieFiles
lottief ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68042 (Missing Authorization vulnerability in Travelpayouts
Travelpayouts tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68037 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68032 (Missing Authorization vulnerability in Passionate Brains
Advanced WC A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68031 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68028 (Missing Authorization vulnerability in Passionate Brains
GA4WP: Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68026 (Missing Authorization vulnerability in Niaj Morshed LC Wizard
ghl-wiza ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68025 (Missing Authorization vulnerability in Addonify Addonify
Floating Cart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68024 (Missing Authorization vulnerability in Addonify Addonify
\u2013 WooCom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68023 (Missing Authorization vulnerability in Addonify Addonify
– Compa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68022 (Missing Authorization vulnerability in soporteblue Plugin
BlueX for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68021 (Missing Authorization vulnerability in ConveyThis ConveyThis
conveythi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68005 (Missing Authorization vulnerability in themewant Easy Hotel
Booking ea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68002 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68000 (Missing Authorization vulnerability in PickPlugins Testimonial
Slider ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67998 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67997 (Deserialization of Untrusted Data vulnerability in BoldThemes
Travelic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67996 (Deserialization of Untrusted Data vulnerability in BoldThemes
Nestin n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67995 (Deserialization of Untrusted Data vulnerability in LoftOcean
PatioTime ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67994 (Missing Authorization vulnerability in YayCommerce YayCurrency
yaycurr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67993 (Missing Authorization vulnerability in Vito Peleg Atarim
atarim-visual ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67992 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67991 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67990 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67988 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67987 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67984 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67982 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67981 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67980 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67979 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67978 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67977 (Missing Authorization vulnerability in VillaTheme HAPPY
happy-helpdesk ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67975 (Missing Authorization vulnerability in aDirectory aDirectory
adirector ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67974 (Missing Authorization vulnerability in WP Legal Pages
WPLegalPages wpl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67973 (Missing Authorization vulnerability in sunshinephotocart
Sunshine Phot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67972 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67971 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67970 (Missing Authorization vulnerability in vertim Schedula
schedula-smart- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67969 (Missing Authorization vulnerability in knitpay UPI QR Code
Payment Gat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67624 (Missing Authorization vulnerability in Arya Dhiratara Optimize
More! & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67547 (Missing Authorization vulnerability in uixthemes Konte konte
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67438 (A Stored Cross-Site Scripting (XSS) vulnerability in Sync-in
Server be ...)
TODO: check
CVE-2025-60183 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60087 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53237 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53233 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53231 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53228 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53217 (Missing Authorization vulnerability in staviravn AIO WP
Builder all-in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52744 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52603 (HCL Connections is vulnerable to information disclosure. In a
very sp ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-15583 (A weakness has been identified in detronetdip E-commerce
1.0.0. This a ...)
TODO: check
CVE-2025-15582 (A security flaw has been discovered in detronetdip E-commerce
1.0.0. T ...)
TODO: check
CVE-2025-14547 (An integer underflow vulnerability is present in Silicon
Lab\u2019s im ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2025-14055 (An integer underflow vulnerability in Silicon Labs Secure NCP
host imp ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2025-10970 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2024-56208 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-54222 (Missing Authorization vulnerability in Seraphinite Solutions
Seraphini ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-52387 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-51915 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-50555 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-50452 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-43228 (Missing Authorization vulnerability in SecuPress SecuPress
Free secupr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-34438 (Missing Authorization vulnerability in Anssi Laitila Shared
Files shar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2019-25445 (Fiverr Clone Script 1.2.2 contains a cross-site scripting
vulnerabilit ...)
TODO: check
CVE-2019-25444 (Fiverr Clone Script 1.2.2 contains an SQL injection
vulnerability that ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88d3469c9e1930bacca05d979697dccc2334df11
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88d3469c9e1930bacca05d979697dccc2334df11
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
