Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d9b79155 by security tracker role at 2024-06-06T08:12:03+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,77 @@
+CVE-2024-5665 (The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for
WordPr ...)
+ TODO: check
+CVE-2024-5656 (The Google CSE plugin for WordPress is vulnerable to Stored
Cross-Site ...)
+ TODO: check
+CVE-2024-5653 (A vulnerability, which was classified as critical, has been
found in C ...)
+ TODO: check
+CVE-2024-5615 (The Open Graph plugin for WordPress is vulnerable to Sensitive
Informa ...)
+ TODO: check
+CVE-2024-5449 (The WP Dark Mode \u2013 WordPress Dark Mode Plugin for Improved
Access ...)
+ TODO: check
+CVE-2024-5342 (The Simple Image Popup Shortcode plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-5324 (The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for
WordPr ...)
+ TODO: check
+CVE-2024-5224 (The Easy Social Like Box \u2013 Popup \u2013 Sidebar Widget
plugin for ...)
+ TODO: check
+CVE-2024-5179 (The Cowidgets \u2013 Elementor Addons plugin for WordPress is
vulnerab ...)
+ TODO: check
+CVE-2024-5162 (The WordPress prettyPhoto plugin for WordPress is vulnerable to
Stored ...)
+ TODO: check
+CVE-2024-5161 (The Magical Addons For Elementor ( Header Footer Builder, Free
Element ...)
+ TODO: check
+CVE-2024-5153 (The Startklar Elementor Addons plugin for WordPress is
vulnerable to D ...)
+ TODO: check
+CVE-2024-5152 (The ElementsReady Addons for Elementor plugin for WordPress is
vulnera ...)
+ TODO: check
+CVE-2024-5141 (The Rotating Tweets (Twitter widget and shortcode) plugin for
WordPres ...)
+ TODO: check
+CVE-2024-5001 (The Image Hover Effects for Elementor with Lightbox and Flipbox
plugin ...)
+ TODO: check
+CVE-2024-4942 (The Custom Dash plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
+ TODO: check
+CVE-2024-4788 (The Boostify Header Footer Builder for Elementor plugin for
WordPress ...)
+ TODO: check
+CVE-2024-4707 (The Materialis Companion plugin for WordPress is vulnerable to
Stored ...)
+ TODO: check
+CVE-2024-4705 (The Testimonials Widget plugin for WordPress is vulnerable to
Stored C ...)
+ TODO: check
+CVE-2024-4608 (The SellKit \u2013 Funnel builder and checkout optimizer for
WooCommer ...)
+ TODO: check
+CVE-2024-4459 (The Themesflat Addons For Elementor plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2024-4458 (The Themesflat Addons For Elementor plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2024-4364 (The Qi Addons For Elementor plugin for WordPress is vulnerable
to Stor ...)
+ TODO: check
+CVE-2024-4212 (The Themesflat Addons For Elementor plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2024-4194 (The The Album and Image Gallery plus Lightbox plugin for
WordPress is ...)
+ TODO: check
+CVE-2024-4177 (A host whitelist parser issue in the proxy service implemented
in the ...)
+ TODO: check
+CVE-2024-3049 (A flaw was found in Booth, a cluster ticket manager. If a
specially-cr ...)
+ TODO: check
+CVE-2024-2922 (The Themesflat Addons For Elementor plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2024-2350 (The Clever Addons for Elementor plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-2017 (The Countdown, Coming Soon, Maintenance \u2013 Countdown &
Clock plugi ...)
+ TODO: check
+CVE-2024-1175 (The WP-Recall \u2013 Registration, Profile, Commerce & More
plugin for ...)
+ TODO: check
+CVE-2024-0972 (The BuddyPress Members Only plugin for WordPress is vulnerable
to Sens ...)
+ TODO: check
+CVE-2024-0912 (Under certain circumstances the Microsoft\xae Internet
Information Ser ...)
+ TODO: check
+CVE-2024-0910 (The Restrict for Elementor plugin for WordPress is vulnerable
to Sensi ...)
+ TODO: check
+CVE-2023-6968 (The The Moneytizer plugin for WordPress is vulnerable to
Cross-Site Re ...)
+ TODO: check
+CVE-2023-6966 (The The Moneytizer plugin for WordPress is vulnerable to
unauthorized ...)
+ TODO: check
+CVE-2023-6956 (The EasyAzon \u2013 Amazon Associates Affiliate Plugin plugin
for Word ...)
+ TODO: check
CVE-2024-5629 (An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or
earlier ...)
- pymongo <unfixed>
NOTE: https://jira.mongodb.org/browse/PYTHON-4305
@@ -20695,6 +20769,7 @@ CVE-2024-26275 (A vulnerability has been identified in
Parasolid V35.1 (All vers
CVE-2024-26257 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-26256 (libarchive Remote Code Execution Vulnerability)
+ {DSA-5706-1}
- libarchive 3.7.2-2.1 (bug #1072107)
[bullseye] - libarchive <not-affected> (Vulnerable code introduced in
3.6.0)
[buster] - libarchive <not-affected> (Vulnerable code introduced in
3.6.0)
@@ -26945,7 +27020,7 @@ CVE-2024-2304 (The Animated Headline plugin for
WordPress is vulnerable to Store
NOT-FOR-US: WordPress plugin
CVE-2024-2255 (The Essential Blocks \u2013 Page Builder Gutenberg Blocks,
Patterns & ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-2197 (Chirp Access improperly stores credentials within its source
code, pot ...)
+CVE-2024-2197 (The Chirp Access app contains a hard-coded password,
BEACON_PASSWORD. ...)
NOT-FOR-US: Chirp Access
CVE-2024-2129 (The WPBITS Addons For Elementor Page Builder plugin for
WordPress is v ...)
NOT-FOR-US: WordPress plugin
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9b79155559d7263702be939258a33734e06668f
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9b79155559d7263702be939258a33734e06668f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
