[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 05 Jun 2023 13:16:03 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f36051e0 by Salvatore Bonaccorso at 2023-06-05T22:15:24+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33,23 +33,23 @@ CVE-2023-32766 (Gitpod before 2022.11.3 allows XSS because 
redirection can occur
 CVE-2023-31893 (Telefnica Brasil Vivo Play (IPTV) Firmware: 
2023.04.04.01.06.15 is vul ...)
        TODO: check
 CVE-2023-2634 (The Get your number WordPress plugin through 1.1.3 does not 
sanitise a ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2572 (The Survey Maker WordPress plugin before 3.4.7 does not escape 
some pa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2571 (The Quiz Maker WordPress plugin before 6.4.2.7 does not escape 
some pa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2503 (The 10Web Social Post Feed WordPress plugin before 1.2.9 does 
not sani ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2489 (The Stop Spammers Security | Block Spam Users, Comments, Forms 
WordPre ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2488 (The Stop Spammers Security | Block Spam Users, Comments, Forms 
WordPre ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2472 (The Newsletter, SMTP, Email marketing and Subscribe forms by 
Sendinblu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2337 (The ConvertKit WordPress plugin before 2.2.1 does not escape a 
paramet ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-4946 (The Frontend Post WordPress Plugin WordPress plugin through 
2.8.4 does ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2015-10115 (A vulnerability, which was classified as problematic, was 
found in Woo ...)
        TODO: check
 CVE-2015-10114 (A vulnerability, which was classified as problematic, has been 
found i ...)
@@ -3901,7 +3901,7 @@ CVE-2023-2226 (Due to insufficient validation in the PE 
and OLE parsers in Rapid
 CVE-2023-2225
        RESERVED
 CVE-2023-2224 (The SEO by 10Web WordPress plugin before 1.2.7 does not 
sanitise and e ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2223 (The Login rebuilder WordPress plugin before 2.8.1 does not 
sanitise an ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-2222
@@ -18544,7 +18544,7 @@ CVE-2023-26031
 CVE-2023-0901 (Exposure of Sensitive Information to an Unauthorized Actor in 
GitHub r ...)
        NOT-FOR-US: pixelfed
 CVE-2023-0900 (The Pricing Table Builder WordPress plugin through 1.1.6 does 
not prop ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0899 (The Steveas WP Live Chat Shoutbox WordPress plugin through 
1.4.2 does  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-0898
@@ -22828,7 +22828,7 @@ CVE-2023-0547 (OCSP revocation status of recipient 
certificates was not checked
 CVE-2023-0546 (The Contact Form Plugin WordPress plugin before 4.3.25 does not 
proper ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-0545 (The Hostel WordPress plugin before 1.1.5.2 does not sanitise 
and escap ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0544 (The WP Login Box WordPress plugin through 2.0.2 does not 
sanitise and  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-0543 (The Arigato Autoresponder and Newsletter WordPress plugin 
before 2.1.7 ...)
@@ -28049,7 +28049,7 @@ CVE-2023-0154 (The GamiPress WordPress plugin before 
1.0.9 does not validate and
 CVE-2023-0153 (The Vimeo Video Autoplay Automute WordPress plugin through 1.0 
does no ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-0152 (The WP Multi Store Locator WordPress plugin through 2.4 does 
not valid ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0151 (The uTubeVideo Gallery WordPress plugin before 2.0.8 does not 
validate ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-0150 (The Cloak Front End Email WordPress plugin before 1.9.2 does 
not valid ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f36051e0a5f1e3cd44906c45cd91dd3a20f4e5b5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f36051e0a5f1e3cd44906c45cd91dd3a20f4e5b5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to