Process several NFUs

author: Salvatore Bonaccorso <carnil@debian.org> 2022-02-01 21:27:46 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-02-01 21:27:46 +0100
commit: 07324ef8002c6e5fa3f879f05dfd57ba6e113d33 (patch)
tree: 24e921dc42c12c5a5706366aa269697613a874b1
parent: 79ff3fd6dc31521cd46c44ef3bfa08d9dcc5add1 (diff)
2 files changed, 29 insertions, 29 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 76171a466b..9911d9585b 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -53356,7 +53356,7 @@ CVE-2021-25099
 CVE-2021-25098
 	RESERVED
 CVE-2021-25097 (The LabTools WordPress plugin through 1.0 does not have proper authori ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-25096
 	RESERVED
 CVE-2021-25095
@@ -53364,15 +53364,15 @@ CVE-2021-25095
 CVE-2021-25094
 	RESERVED
 CVE-2021-25093 (The Link Library WordPress plugin before 7.2.8 does not have authorisa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-25092 (The Link Library WordPress plugin before 7.2.8 does not have CSRF chec ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-25091 (The Link Library WordPress plugin before 7.2.9 does not sanitise and e ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-25090
 	RESERVED
 CVE-2021-25089 (The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.6 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-25088
 	RESERVED
 CVE-2021-25087
@@ -53380,7 +53380,7 @@ CVE-2021-25087
 CVE-2021-25086
 	RESERVED
 CVE-2021-25085 (The WOOF WordPress plugin before 1.2.6.3 does not sanitise and escape  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-25084
 	RESERVED
 CVE-2021-25083 (The Registrations for the Events Calendar WordPress plugin before 2.7. ...)
@@ -53406,7 +53406,7 @@ CVE-2021-25074 (The WebP Converter for Media WordPress plugin before 4.0.3 conta
 CVE-2021-25073 (The WP125 WordPress plugin before 1.5.5 does not have CSRF checks in v ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-25072 (The NextScripts: Social Networks Auto-Poster WordPress plugin before 4 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-25071
 	RESERVED
 CVE-2021-25070
@@ -53424,7 +53424,7 @@ CVE-2021-25065 (The Smash Balloon Social Post Feed WordPress plugin before 4.1.1
 CVE-2021-25064
 	RESERVED
 CVE-2021-25063 (The Contact Form 7 Skins WordPress plugin through 2.5.0 does not sanit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-25062 (The Orders Tracking for WooCommerce WordPress plugin before 1.1.10 doe ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-25061 (The WP Booking System WordPress plugin before 2.0.15 was affected by a ...)
@@ -53584,7 +53584,7 @@ CVE-2021-24985 (The Easy Forms for Mailchimp WordPress plugin before 6.8.6 does
 CVE-2021-24984 (The WPFront User Role Editor WordPress plugin before 3.2.1.11184 does  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24983 (The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24982
 	RESERVED
 CVE-2021-24981 (The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cros ...)
@@ -53600,7 +53600,7 @@ CVE-2021-24977
 CVE-2021-24976 (The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24975 (The NextScripts: Social Networks Auto-Poster WordPress plugin before 4 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24974 (The Product Feed PRO for WooCommerce WordPress plugin before 11.0.7 do ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24973 (The Site Reviews WordPress plugin before 5.17.3 does not sanitise and  ...)
@@ -53662,7 +53662,7 @@ CVE-2021-24946 (The Modern Events Calendar Lite WordPress plugin before 6.1.5 do
 CVE-2021-24945 (The Like Button Rating &#9829; LikeBtn WordPress plugin before 2.6.38  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24944 (The Custom Dashboard &amp; Login Page WordPress plugin before 7.0 does ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24943 (The Registrations for the Events Calendar WordPress plugin before 2.7. ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24942
@@ -53676,13 +53676,13 @@ CVE-2021-24939 (The LoginWP (Formerly Peter's Login Redirect) WordPress plugin b
 CVE-2021-24938 (The WOOCS WordPress plugin before 1.3.7.1 does not sanitise and escape ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24937 (The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24936 (The WP Extra File Types WordPress plugin before 0.5.1 does not have CS ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24935 (The WP Google Fonts WordPress plugin before 3.1.5 does not escape the  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24934 (The Visual CSS Style Editor WordPress plugin before 7.5.4 does not san ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24933
 	RESERVED
 CVE-2021-24932 (The Auto Featured Image (Auto Post Thumbnail) WordPress plugin before  ...)
@@ -53698,7 +53698,7 @@ CVE-2021-24928
 CVE-2021-24927 (The My Calendar WordPress plugin before 3.2.18 does not sanitise and e ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24926 (The Domain Check WordPress plugin before 1.0.17 does not sanitise and  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24925 (The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24924 (The Email Log WordPress plugin before 2.4.8 does not escape the d para ...)
@@ -53712,7 +53712,7 @@ CVE-2021-24921
 CVE-2021-24920
 	RESERVED
 CVE-2021-24919 (The Wicked Folders WordPress plugin before 2.8.10 does not sanitise an ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24918 (The Smash Balloon Social Post Feed WordPress plugin before 4.0.1 did n ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24917 (The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allow ...)
@@ -53750,7 +53750,7 @@ CVE-2021-24902 (The Typebot | Build beautiful conversational forms WordPress plu
 CVE-2021-24901
 	RESERVED
 CVE-2021-24900 (The Ninja Tables WordPress plugin before 4.1.8 does not sanitise and e ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24899 (The Media-Tags WordPress plugin through 3.2.0.2 does not sanitise and  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24898
@@ -53814,7 +53814,7 @@ CVE-2021-24870
 CVE-2021-24869
 	RESERVED
 CVE-2021-24868 (The Document Embedder WordPress plugin before 1.7.9 contains a AJAX ac ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24867
 	RESERVED
 CVE-2021-24866 (The WP Data Access WordPress plugin before 5.0.0 does not properly san ...)
@@ -53922,7 +53922,7 @@ CVE-2021-24816 (The Phoenix Media Rename WordPress plugin before 3.4.4 does not
 CVE-2021-24815 (The Accept Donations with PayPal WordPress plugin before 1.3.2 does no ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24814 (The check_privacy_settings AJAX action of the WordPress GDPR WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24813 (The Events Made Easy WordPress plugin before 2.2.24 does not sanitise  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24812 (The BetterLinks WordPress plugin before 1.2.6 does not sanitise and es ...)
@@ -54000,7 +54000,7 @@ CVE-2021-24777
 CVE-2021-24776 (The WP Performance Score Booster WordPress plugin before 2.1 does not  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24775 (The Document Embedder WordPress plugin before 1.7.5 contains a REST en ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24774 (The Check &amp; Log Email WordPress plugin before 1.0.3 does not valid ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24773 (The WordPress Download Manager WordPress plugin before 3.2.16 does not ...)
@@ -54020,15 +54020,15 @@ CVE-2021-24767 (The Redirect 404 Error Page to Homepage or Custom Page with Logs
 CVE-2021-24766 (The 404 to 301 &#8211; Redirect, Log and Notify 404 Errors WordPress p ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24765 (The Perfect Survey WordPress plugin through 1.5.2 does not validate an ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24764 (The Perfect Survey WordPress plugin before 1.5.2 does not sanitise and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24763 (The Perfect Survey WordPress plugin before 1.5.2 does not have proper  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24762 (The Perfect Survey WordPress plugin before 1.5.2 does not validate and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24761 (The Error Log Viewer WordPress plugin through 1.1.1 does not perform n ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24760 (The Gutenberg PDF Viewer Block WordPress plugin before 1.0.1 does not  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24759 (The PDF.js Viewer WordPress plugin before 2.0.2 does not escape some o ...)
@@ -54136,7 +54136,7 @@ CVE-2021-24709 (The Weather Effect WordPress plugin before 1.3.6 does not proper
 CVE-2021-24708 (The Export any WordPress data to XML/CSV WordPress plugin before 1.3.1 ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24707 (The Learning Courses WordPress plugin before 5.0 does not sanitise and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24706 (The Qwizcards &#8211; online quizzes and flashcards WordPress plugin b ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24705 (The NEX-Forms WordPress plugin through 7.9.4 does not escape some of i ...)
@@ -54178,7 +54178,7 @@ CVE-2021-24688
 CVE-2021-24687 (The Modern Events Calendar Lite WordPress plugin before 5.22.2 does no ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24686 (The SVG Support WordPress plugin before 2.3.20 does not escape the "CS ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24685 (The Flat Preloader WordPress plugin before 1.5.4 does not enforce nonc ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24684 (The WordPress PDF Light Viewer Plugin WordPress plugin before 1.4.12 a ...)
@@ -54254,7 +54254,7 @@ CVE-2021-24650
 CVE-2021-24649
 	RESERVED
 CVE-2021-24648 (The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitis ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24647 (The Registration Forms &#8211; User profile, Content Restriction, Spam ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24646 (The Booking.com Banner Creator WordPress plugin before 1.4.3 does not  ...)
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022
index 11dcb64863..fbad871881 100644
--- a/data/CVE/list.2022
+++ b/data/CVE/list.2022
@@ -1444,7 +1444,7 @@ CVE-2022-0322 [DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c]
 CVE-2022-0321
 	RESERVED
 CVE-2022-0320 (The Essential Addons for Elementor WordPress plugin before 5.0.5 does  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-0319 (Out-of-bounds Read in vim/vim prior to 8.2. ...)
 	- vim <unfixed>
 	[bullseye] - vim <no-dsa> (Minor issue)
@@ -2948,7 +2948,7 @@ CVE-2022-0222
 CVE-2022-0221
 	RESERVED
 CVE-2022-0220 (The check_privacy_settings AJAX action of the WordPress GDPR WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-0219 (Improper Restriction of XML External Entity Reference in GitHub reposi ...)
 	NOT-FOR-US: jadx
 CVE-2022-0218
author	Salvatore Bonaccorso <carnil@debian.org>	2022-02-01 21:27:46 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-02-01 21:27:46 +0100
commit	07324ef8002c6e5fa3f879f05dfd57ba6e113d33 (patch)
tree	24e921dc42c12c5a5706366aa269697613a874b1
parent	79ff3fd6dc31521cd46c44ef3bfa08d9dcc5add1 (diff)