Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d083937e by security tracker role at 2025-08-16T08:13:12+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,71 +1,71 @@
CVE-2025-8959 (HashiCorp's go-getter library subdirectory download feature is
vulnera ...)
TODO: check
CVE-2025-8898 (The Taxi Booking Manager for Woocommerce | E-cab plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8896 (The User Profile Builder \u2013 Beautiful User Registration
Forms, Use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8464 (The Drag and Drop Multiple File Upload for Contact Form 7
plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8293 (The Intl DateTime Calendar plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8113 (The Ebook Store WordPress plugin before 5.8015 does not escape
the $_S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8089 (The Advanced iFrame plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7686 (The weichuncai(WP\u4f2a\u6625\u83dc) plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7684 (The Last.fm Recent Album Artwork plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7683 (The LatestCheckins plugin for WordPress is vulnerable to
Cross-Site Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7668 (The Linux Promotional Plugin plugin for WordPress is vulnerable
to Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7664 (The AL Pack plugin for WordPress is vulnerable to unauthorized
access ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7651 (The Earnware Connect plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7649 (The Surbma | Recent Comments Shortcode plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7499 (The BetterDocs \u2013 Advanced AI-Driven Documentation, FAQ &
Knowledg ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7441 (The StoryChief plugin for WordPress is vulnerable to arbitrary
file up ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7440 (The Anber Elementor Addon plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7439 (Anber Elementor Addon plugin for WordPress is vulnerable to
Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6221 (The Embed Bokun plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6080 (The WPGYM - Wordpress Gym Management System plugin for
WordPress is vu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6079 (The School Management System for Wordpress plugin for WordPress
is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-55286 (z2d is a pure Zig 2D graphics library. z2d v0.7.0 released
with a new ...)
TODO: check
CVE-2025-55284 (Claude Code is an agentic coding tool. Prior to version 1.0.4,
it's po ...)
TODO: check
CVE-2025-52621 (HCL BigFix SaaS Authentication Service is vulnerable to cache
poisonin ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-52620 (HCL BigFix SaaS Authentication Service is affected by a
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-52619 (HCL BigFix SaaS Authentication Service is affected by a
sensitive info ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-52618 (HCL BigFix SaaS Authentication Service is affected by a SQL
injection ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-49895 (Cross-Site Request Forgery (CSRF) vulnerability in iThemes
ServerBuddy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-44201
REJECTED
CVE-2025-43201 (This issue was addressed with improved checks. This issue is
fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-3671 (The WPGYM - Wordpress Gym Management System plugin for
WordPress is vu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8393 (The Woocommerce Blocks \u2013 Woolook plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12612 (The School Management System for Wordpress plugin for
WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12575 (The Poll Maker \u2013 Versus Polls, Anonymous Polls, Image
Polls plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2017-20199 (A vulnerability was found in Buttercup
buttercup-browser-extension up ...)
TODO: check
CVE-2025-38501 (In the Linux kernel, the following vulnerability has been
resolved: k ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d083937eec5d5730ebb7dd9e094e621460b3313c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d083937eec5d5730ebb7dd9e094e621460b3313c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
