Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
35acd15c by security tracker role at 2026-06-06T07:13:51+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,77 +1,77 @@
CVE-2026-9851 (The Booking Package plugin for WordPress is vulnerable to
Privilege Es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9829 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9719 (The LatePoint \u2013 Calendar Booking Plugin for Appointments
and Even ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9594 (The WP Maps \u2013 Google Maps,OpenStreetMap,Mapbox,Store
Locator,List ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9290 (The WP User Manager \u2013 User Profile Builder & Membership
plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9281 (The Master Addons For Elementor \u2013 Widgets, Extensions,
Theme Buil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9280 (The Ad Inserter \u2013 Ad Manager & AdSense Ads plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9197 (The Smart Slider 3 plugin for WordPress is vulnerable to
Directory Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9016 (The Debug Log Manager \u2013 Conveniently Monitor and Inspect
Errors p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9008 (The Page-list plugin for WordPress is vulnerable to Missing
Authorizat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8991 (The Drag and Drop Multiple File Upload for Contact Form 7
plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8978 (The OptinCraft \u2013 Drag & Drop Optins & Popup Builder for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8976 (The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging,
News & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8901 (The Integration for Freshsales \u2013 Contact Form 7, WPForms,
Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8900 (The Simple SEO Slideshow plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8893 (The Express Payment For Stripe plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8839 (The MapPress Maps for WordPress plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8611 (The Klamra Paycal for Aspaclaria plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8608 (The Event Monster \u2013 Event Management, Events Calendar,
Tickets pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8502 (The LearnPress \u2013 WordPress LMS Plugin for Create and Sell
Online ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8438 (The All-In-One Security (AIOS) \u2013 Security and Firewall
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7796 (The EmbedPress \u2013 PDF Embedder, Embed PDF viewer, YouTube
Videos, ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7795 (The Click to Chat \u2013 WA Widget plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7792 (The WPForms \u2013 Easy Form Builder for WordPress \u2013
Contact Form ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7665 (The Essential Addons for Elementor \u2013 Popular Elementor
Templates ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7654 (The Admin Columns plugin for WordPress is vulnerable to PHP
Object Inj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7624 (The SEO Plugin by Squirrly SEO plugin for WordPress is
vulnerable to a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7566 (The LearnPress \u2013 Backup & Migration Tool plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7565 (The LearnPress \u2013 Backup & Migration Tool plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7537 (The MDJM Event Management plugin for WordPress is vulnerable to
Arbitr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7523 (The Alba Board plugin for WordPress is vulnerable to
authorization byp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7047 (The Frontend User Notes plugin for WordPress is vulnerable to
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6448 (The Quiz and Survey Master (QSM) \u2013 Easy Quiz and Survey
Maker plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6242 (An authenticated format string vulnerability exists in the
ONVIF Subsc ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-6241 (An authenticated format string vulnerability is present in the
ONVIF A ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-6240 (A stack-based buffer overflow vulnerability exists in Tapo
C520WS v2 i ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-6239 (A stack\u2011based buffer overflow vulnerability exists in Tapo
C520WS ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-46493 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. V ...)
TODO: check
CVE-2026-46401 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. V ...)
@@ -99,21 +99,21 @@ CVE-2026-45409 (Internationalized Domain Names in
Applications (IDNA) for Python
CVE-2026-45300 (The AsyncHttpClient (AHC) library allows Java applications to
easily e ...)
TODO: check
CVE-2026-36785 (Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was
discovered ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-34123 (On Tapo C520WS v2, restricted accounts (for example, hub
users) are in ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-2500 (The Quick Playground plugin for WordPress is vulnerable to Path
Traver ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-25624 (An administrative cross-site scripting (XSS) vulnerability
exists in t ...)
- TODO: check
+ NOT-FOR-US: Arista Networks
CVE-2026-25623 (An input validation command execution vulnerability exists in
the brow ...)
- TODO: check
+ NOT-FOR-US: Arista Networks
CVE-2026-25622 (A Captive Portal Custom Handler command injection
vulnerability exists ...)
- TODO: check
+ NOT-FOR-US: Arista Networks
CVE-2026-25621 (A Reports application infrastructure vulnerability exists in
Arista Ed ...)
- TODO: check
+ NOT-FOR-US: Arista Networks
CVE-2026-25620 (An encrypted password command injection vulnerability exists
in the Ca ...)
- TODO: check
+ NOT-FOR-US: Arista Networks
CVE-2026-11431 (A path traversal vulnerability exists in the Projects Service
download ...)
TODO: check
CVE-2026-11429 (A path traversal vulnerability exists in the Git Service
component sha ...)
@@ -133,13 +133,13 @@ CVE-2026-11416 (MoviePilot contains a path traversal
vulnerability in the AliPan
CVE-2026-11414 (A hard-coded cryptographic key is used by Altium Enterprise
Server to ...)
TODO: check
CVE-2026-11401 (An untrusted search path issue in the GlobalDatabasePlugin in
the AWS ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-11400 (An untrusted search path issue in the GlobalDatabasePlugin in
the AWS ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-10038 (The Charitable \u2013 Donation Plugin for WordPress \u2013
Fundraising ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12656 (The Migration, Backup, Staging \u2013 WPvivid Backup &
Migration plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9270 (DataDog::DogStatsd versions through 0.07 for Perl allow metric
injecti ...)
NOT-FOR-US: DataDog::DogStatsd Perl module
CVE-2026-9088 (A flaw was found in org.keycloak.services. An administrator
with deleg ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35acd15c0976d04a9506de539eb31da18180687b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35acd15c0976d04a9506de539eb31da18180687b
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
