From 69a008a4a3aec1d5016d9b245bb3460bd0a6e997 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sat, 24 Sep 2022 13:33:43 +0200 Subject: Unify some WordPress plugin spelling --- data/CVE/list | 74 +++++++++++++++++++++++++++++------------------------------ 1 file changed, 37 insertions(+), 37 deletions(-) (limited to 'data/CVE/list') diff --git a/data/CVE/list b/data/CVE/list index 66cda86115..77014db52e 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -141641,7 +141641,7 @@ CVE-2020-26674 CVE-2020-26673 RESERVED CVE-2020-26672 (Testimonial Rotator Wordpress Plugin 3.0.2 is affected by Cross Site S ...) - NOT-FOR-US: Testimonial Rotator Wordpress Plugin + NOT-FOR-US: Testimonial Rotator WordPress plugin CVE-2020-26671 RESERVED CVE-2020-26670 (A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier ...) @@ -146003,7 +146003,7 @@ CVE-2020-24950 CVE-2020-24949 (Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php all ...) NOT-FOR-US: PHP-Fusion CVE-2020-24948 (The ao_ccss_import AJAX call in Autoptimize Wordpress Plugin 2.7.6 doe ...) - NOT-FOR-US: Autoptimize Wordpress Plugin + NOT-FOR-US: Autoptimize WordPress plugin CVE-2020-24947 RESERVED CVE-2020-24946 @@ -147538,7 +147538,7 @@ CVE-2020-24315 (Vinoj Cardoza WordPress Poll Plugin v36 and lower executes SQL s CVE-2020-24314 (Fahad Mahmood RSS Feed Widget Plugin v2.7.9 and lower does not sanitiz ...) NOT-FOR-US: Fahad Mahmood RSS Feed Widget Plugin CVE-2020-24313 (Etoile Web Design Ultimate Appointment Booking & Scheduling WordPr ...) - NOT-FOR-US: Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin + NOT-FOR-US: Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress plugin CVE-2020-24312 (mndpsingh287 WP File Manager v6.4 and lower fails to restrict external ...) NOT-FOR-US: mndpsingh287 WP File Manager CVE-2020-24311 @@ -151832,11 +151832,11 @@ CVE-2020-22279 CVE-2020-22278 (** DISPUTED ** phpMyAdmin through 5.0.2 allows CSV injection via Expor ...) NOTE: Disputed phpMyAdmin issue CVE-2020-22277 (Import and export users and customers WordPress Plugin through 1.15.5. ...) - NOT-FOR-US: Import and export users and customers WordPress Plugin + NOT-FOR-US: Import and export users and customers WordPress plugin CVE-2020-22276 (WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry ...) - NOT-FOR-US: WeForms Wordpress Plugin + NOT-FOR-US: WeForms WordPress plugin CVE-2020-22275 (Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an at ...) - NOT-FOR-US: Easy Registration Forms (ER Forms) Wordpress Plugin + NOT-FOR-US: Easy Registration Forms (ER Forms) WordPress plugin CVE-2020-22274 (JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection ...) NOT-FOR-US: JomSocial (Joomla Social Network Extention) CVE-2020-22273 (Neoflex Video Subscription System Version 2.0 is affected by CSRF whic ...) @@ -174510,7 +174510,7 @@ CVE-2020-12677 (An issue was discovered in Progress MOVEit Automation Web Admin. CVE-2020-12676 (FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge me ...) NOT-FOR-US: FusionAuth CVE-2020-12675 (The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPr ...) - NOT-FOR-US: mappress-google-maps-for-wordpress plugin for WordPress + NOT-FOR-US: mappress-google-maps-for-WordPress plugin for WordPress CVE-2020-12692 (An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...) {DSA-4679-1} - keystone 2:17.0.0~rc2-1 (bug #959900) @@ -176181,7 +176181,7 @@ CVE-2020-12079 (Beaker before 0.8.9 allows a sandbox escape, enabling system acc CVE-2020-12078 (An issue was discovered in Open-AudIT 3.3.1. There is shell metacharac ...) NOT-FOR-US: Open-AudIT CVE-2020-12077 (The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPr ...) - NOT-FOR-US: mappress-google-maps-for-wordpress plugin for WordPress + NOT-FOR-US: mappress-google-maps-for-WordPress plugin for WordPress CVE-2020-12076 (The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPr ...) NOT-FOR-US: data-tables-generator-by-supsystic plugin for WordPress CVE-2020-12075 (The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPr ...) @@ -193334,11 +193334,11 @@ CVE-2020-6012 (ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for CVE-2020-6011 RESERVED CVE-2020-6010 (LearnPress Wordpress plugin version prior and including 3.2.6.7 is vul ...) - NOT-FOR-US: LearnPress Wordpress plugin + NOT-FOR-US: LearnPress WordPress plugin CVE-2020-6009 (LearnDash Wordpress plugin version below 3.1.6 is vulnerable to Unauth ...) - NOT-FOR-US: LearnDash Wordpress plugin + NOT-FOR-US: LearnDash WordPress plugin CVE-2020-6008 (LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbi ...) - NOT-FOR-US: LifterLMS Wordpress plugin + NOT-FOR-US: LifterLMS WordPress plugin CVE-2020-6007 (Philips Hue Bridge model 2.X prior to and including version 1935144020 ...) NOT-FOR-US: Philips Hue Bridge model CVE-2020-6006 @@ -219086,7 +219086,7 @@ CVE-2015-9360 (The updraftplus plugin before 1.9.64 for WordPress has XSS via ad CVE-2015-9359 (The Jetpack plugin before 3.4.3 for WordPress has XSS via add_query_ar ...) NOT-FOR-US: Jetpack plugin for WordPress CVE-2015-9358 (The feedwordpress plugin before 2015.0514 for WordPress has XSS via ad ...) - NOT-FOR-US: feedwordpress plugin for WordPress + NOT-FOR-US: feedWordPress plugin for WordPress CVE-2015-9357 (The akismet plugin before 3.1.5 for WordPress has XSS. ...) NOT-FOR-US: akismet plugin for WordPress CVE-2015-9356 (The wp-vipergb plugin before 1.3.16 for WordPress has XSS via add_quer ...) @@ -219309,9 +219309,9 @@ CVE-2019-15651 (wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in Deco CVE-2019-15650 (The stops-core-theme-and-plugin-updates plugin before 8.0.5 for WordPr ...) NOT-FOR-US: stops-core-theme-and-plugin-updates plugin for WordPress CVE-2019-15649 (The insert-or-embed-articulate-content-into-wordpress plugin before 4. ...) - NOT-FOR-US: insert-or-embed-articulate-content-into-wordpress plugin for WordPress + NOT-FOR-US: insert-or-embed-articulate-content-into-WordPress plugin for WordPress CVE-2019-15648 (The insert-or-embed-articulate-content-into-wordpress plugin before 4. ...) - NOT-FOR-US: insert-or-embed-articulate-content-into-wordpress plugin for WordPress + NOT-FOR-US: insert-or-embed-articulate-content-into-WordPress plugin for WordPress CVE-2019-15647 (The groundhogg plugin before 1.3.5 for WordPress has wp-admin/admin-aj ...) NOT-FOR-US: groundhogg plugin for WordPress CVE-2019-15646 (The rsvpmaker plugin before 6.2 for WordPress has SQL injection. ...) @@ -219353,7 +219353,7 @@ CVE-2015-9351 (The feed-them-social plugin before 1.7.0 for WordPress has possib CVE-2015-9350 (The feed-them-social plugin before 1.7.0 for WordPress has reflected X ...) NOT-FOR-US: feed-them-social plugin for WordPress CVE-2015-9349 (The ckeditor-for-wordpress plugin before 4.5.3.1 for WordPress has ref ...) - NOT-FOR-US: ckeditor-for-wordpress plugin for WordPress + NOT-FOR-US: ckeditor-for-WordPress plugin for WordPress CVE-2015-9348 (The sell-downloads plugin before 1.0.8 for WordPress has insufficient ...) NOT-FOR-US: sell-downloads plugin for WordPress CVE-2015-9347 (The wp-plotly plugin before 1.0.3 for WordPress has XSS by authors. ...) @@ -237134,7 +237134,7 @@ CVE-2019-10101 (JetBrains Kotlin versions before 1.3.30 were resolving artifacts CVE-2019-10100 (In JetBrains YouTrack Confluence plugin versions before 1.8.1.3, it wa ...) NOT-FOR-US: JetBrains YouTrack Confluence plugin CVE-2019-1000031 (A disk space or quota exhaustion issue exists in article2pdf_getfile.p ...) - NOT-FOR-US: article2pdf Wordpress plugin + NOT-FOR-US: article2pdf WordPress plugin CVE-2018-20815 (In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated ...) {DSA-4506-1 DLA-1781-1} - qemu 1:3.1+dfsg-7 @@ -237968,7 +237968,7 @@ CVE-2019-1010259 (SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. T CVE-2019-1010258 (nanosvg library nanosvg after commit c1f6e209c16b18b46aa9f45d7e619acf4 ...) NOT-FOR-US: nanosvg CVE-2019-1010257 (An Information Disclosure / Data Modification issue exists in article2 ...) - NOT-FOR-US: article2pdf Wordpress plugin + NOT-FOR-US: article2pdf WordPress plugin CVE-2019-1010256 RESERVED CVE-2019-1010255 @@ -238085,7 +238085,7 @@ CVE-2019-1010211 CVE-2019-1010210 RESERVED CVE-2019-1010209 (GoUrl.io GoURL Wordpress Plugin 1.4.13 and earlier is affected by: CWE ...) - NOT-FOR-US: GoUrl.io GoURL Wordpress Plugin + NOT-FOR-US: GoUrl.io GoURL WordPress plugin CVE-2019-1010208 (IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 (Veracryp ...) NOT-FOR-US: VeraCrypt CVE-2019-1010207 (Genetechsolutions Pie Register 3.0.15 is affected by: Cross Site Scrip ...) @@ -238327,7 +238327,7 @@ CVE-2019-1010106 CVE-2019-1010105 RESERVED CVE-2019-1010104 (TechyTalk Quick Chat WordPress Plugin All up to the latest is affected ...) - NOT-FOR-US: TechyTalk Quick Chat WordPress Plugin All + NOT-FOR-US: TechyTalk Quick Chat WordPress plugin All CVE-2019-1010103 RESERVED CVE-2019-1010102 @@ -249032,7 +249032,7 @@ CVE-2019-6029 (Cross-site scripting vulnerability in Custom Body Class 0.6.0 and CVE-2019-6028 RESERVED CVE-2019-6027 (Cross-site request forgery (CSRF) vulnerability in WP Spell Check 7.1. ...) - NOT-FOR-US: WP Spell Check Wordpress Plugin + NOT-FOR-US: WP Spell Check WordPress plugin CVE-2019-6026 (Privilege escalation vulnerability in Multiple MOTEX products (LanScop ...) NOT-FOR-US: MOTEX CVE-2019-6025 (Open redirect vulnerability in Movable Type series Movable Type 7 r.46 ...) @@ -415522,7 +415522,7 @@ CVE-2015-4000 (The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite i CVE-2015-3999 (Piriform CCleaner 3.26.0.1988 through 5.02.5101 writes the filenames t ...) NOT-FOR-US: Piriform CCleaner CVE-2015-3998 (Cross-site scripting (XSS) vulnerability in phpwhois 4.2.5, as used in ...) - NOT-FOR-US: phpwhois component of adsense-click-fraud-monitoring wordpress plugin + NOT-FOR-US: phpwhois component of adsense-click-fraud-monitoring WordPress plugin CVE-2015-3997 RESERVED CVE-2015-3996 (The default AFSecurityPolicy.validatesDomainName configuration for AFS ...) @@ -427980,7 +427980,7 @@ CVE-2014-9293 (The config_auth function in ntpd in NTP before 4.2.7p11, when an - ntp 1:4.2.6.p5+dfsg-3.2 (bug #773576) NOTE: http://bugs.ntp.org/show_bug.cgi?id=2665 (not yet open) CVE-2014-9292 (Server-side request forgery (SSRF) vulnerability in proxy.php in the j ...) - NOT-FOR-US: jRSS WordPress Plugin + NOT-FOR-US: jRSS WordPress plugin CVE-2014-9291 REJECTED CVE-2014-9290 @@ -428194,11 +428194,11 @@ CVE-2014-9179 (Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticke CVE-2014-9178 (Multiple SQL injection vulnerabilities in classes/ajax.php in the Smar ...) NOT-FOR-US: Smarty Pants Plugin for WordPress CVE-2014-9177 (The HTML5 MP3 Player with Playlist Free plugin before 2.7 for WordPres ...) - NOT-FOR-US: Playlist Free WordPress Plugin + NOT-FOR-US: Playlist Free WordPress plugin CVE-2014-9176 (Cross-site scripting (XSS) vulnerability in the InstaSqueeze Sexy Sque ...) NOT-FOR-US: InstaSqueeze Sexy Squeeze Pages plugin for WordPress CVE-2014-9175 (SQL injection vulnerability in wpdatatables.php in the wpDataTables pl ...) - NOT-FOR-US: wpDataTables WordPress Plugin + NOT-FOR-US: wpDataTables WordPress plugin CVE-2014-9174 (Cross-site scripting (XSS) vulnerability in the Google Analytics by Yo ...) NOT-FOR-US: Google Analytics by Yoast (google-analytics-for-wordpress) plugin for WordPress CVE-2014-9173 (SQL injection vulnerability in view.php in the Google Doc Embedder plu ...) @@ -428503,9 +428503,9 @@ CVE-2014-9100 (Cross-site scripting (XSS) vulnerability in the WhyDoWork AdSense CVE-2014-9099 (Cross-site request forgery (CSRF) vulnerability in the WhyDoWork AdSen ...) NOT-FOR-US: WhyDoWork AdSense plugin for WordPress CVE-2014-9098 (Multiple cross-site scripting (XSS) vulnerabilities in the Apptha Word ...) - NOT-FOR-US: Apptha WordPress Plugin + NOT-FOR-US: Apptha WordPress plugin CVE-2014-9097 (Multiple SQL injection vulnerabilities in the Apptha WordPress Video G ...) - NOT-FOR-US: Apptha WordPress Plugin + NOT-FOR-US: Apptha WordPress plugin CVE-2014-9096 (Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0 ...) NOT-FOR-US: Pligg CVE-2014-9095 (Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4 ...) @@ -430261,7 +430261,7 @@ CVE-2014-8741 (Directory traversal vulnerability in the GfdFileUploadServerlet s CVE-2014-8740 RESERVED CVE-2014-8739 (Unrestricted file upload vulnerability in server/php/UploadHandler.php ...) - NOT-FOR-US: Joomla/Wordpress plugin + NOT-FOR-US: Joomla/WordPress plugin CVE-2014-8736 (The Open Atrium Core module for Drupal before 7.x-2.22 allows remote a ...) NOT-FOR-US: Drupal module Open Atrium Core CVE-2014-8735 (The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7 ...) @@ -468941,9 +468941,9 @@ CVE-2012-6514 (Cross-site scripting (XSS) vulnerability in the nBill (com_nbill) CVE-2012-6513 (Cross-site scripting (XSS) vulnerability in index.php/Admin_Preference ...) NOT-FOR-US: gpEasy CMS CVE-2012-6512 (The Organizer plugin 1.2.1 for WordPress allows remote attackers to ob ...) - NOT-FOR-US: Organizer wordpress plugin not in Debian + NOT-FOR-US: Organizer WordPress plugin not in Debian CVE-2012-6511 (Multiple cross-site scripting (XSS) vulnerabilities in organizer/page/ ...) - NOT-FOR-US: Organizer wordpress plugin not in Debian + NOT-FOR-US: Organizer WordPress plugin not in Debian CVE-2012-6510 (Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Ca ...) NOT-FOR-US: NetArt Media Car Portal CVE-2012-6509 (Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 ...) @@ -468953,7 +468953,7 @@ CVE-2012-6508 (Multiple cross-site request forgery (CSRF) vulnerabilities in Net CVE-2012-6507 (Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 ...) NOT-FOR-US: ChurchCMS CVE-2012-6506 (Multiple cross-site scripting (XSS) vulnerabilities in the Zingiri Web ...) - NOT-FOR-US: Zingiri Web Shop wordpress plugin not in Debian + NOT-FOR-US: Zingiri Web Shop WordPress plugin not in Debian CVE-2012-6505 (Cross-site scripting (XSS) vulnerability in mods/hours/data/get_hours. ...) NOT-FOR-US: PHP Volunteer Management not in Debian CVE-2012-6504 (SQL injection vulnerability in mods/hours/data/get_hours.php in PHP Vo ...) @@ -470782,9 +470782,9 @@ CVE-2013-0737 (Cross-site scripting (XSS) vulnerability in BoltWire 3.5 and earl CVE-2013-0736 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Ming ...) NOT-FOR-US: mingle forum plugin for wp CVE-2013-0735 (Multiple SQL injection vulnerabilities in wpf.class.php in the Mingle ...) - NOT-FOR-US: Mingle Forum Wordpress plugin + NOT-FOR-US: Mingle Forum WordPress plugin CVE-2013-0734 (Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Foru ...) - NOT-FOR-US: Mingle Forum Wordpress plugin + NOT-FOR-US: Mingle Forum WordPress plugin CVE-2013-0733 (Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 1 ...) NOT-FOR-US: Corel PaintShop Pro CVE-2013-0732 (Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before ...) @@ -502454,7 +502454,7 @@ CVE-2011-0643 (Cross-site request forgery (CSRF) vulnerability in admin/conf_use CVE-2011-0642 (Cross-site request forgery (CSRF) vulnerability in news/admin.php in N ...) NOT-FOR-US: N-13 News CVE-2011-0641 (Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/admin. ...) - NOT-FOR-US: StatPressCN Wordpress Plugin + NOT-FOR-US: StatPressCN WordPress plugin CVE-2011-0640 (The default configuration of udev on Linux does not warn the user befo ...) NOTE: Not much that could sensibly be fixed here CVE-2011-0639 (Apple Mac OS X does not properly warn the user before enabling additio ...) @@ -506183,7 +506183,7 @@ CVE-2010-3979 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates diff CVE-2010-3978 (Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data usi ...) NOT-FOR-US: Spree CVE-2010-3977 (Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plug ...) - NOT-FOR-US: cForm wordpress plugin + NOT-FOR-US: cForm WordPress plugin CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player before 9.0.2 ...) NOT-FOR-US: Adobe Flash Player CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9 allows loc ...) @@ -545982,9 +545982,9 @@ CVE-2008-0562 (SQL injection vulnerability in index.php in the Restaurant (com_r CVE-2008-0561 (SQL injection vulnerability in index.php in the Arthur Konze AkoGaller ...) NOT-FOR-US: AkoGallery component for Mambo and Joomla! CVE-2008-0560 - NOT-FOR-US: cforms wordpress plugin + NOT-FOR-US: cforms WordPress plugin CVE-2008-0559 (Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 ...) - NOT-FOR-US: cforms wordpress plugin + NOT-FOR-US: cforms WordPress plugin CVE-2008-0558 (Cross-site scripting (XSS) vulnerability in Uniwin eCart Professional ...) NOT-FOR-US: Uniwin eCart Professiona CVE-2008-0557 (SQL injection vulnerability in index.php in the CatalogShop (com_catal ...) @@ -551785,7 +551785,7 @@ CVE-2007-5231 (Unrestricted file upload vulnerability in admin/upload_files.php CVE-2007-5230 (admin/upload_files.php in Zomplog 3.8.1 and earlier does not check for ...) NOT-FOR-US: Zomplog CVE-2007-5229 (Cross-site request forgery (CSRF) vulnerability in the FeedBurner Feed ...) - NOT-FOR-US: FeedBurner FeedSmith wordpress plugin + NOT-FOR-US: FeedBurner FeedSmith WordPress plugin CVE-2007-5228 (Cross-site scripting (XSS) vulnerability in the subscription functiona ...) - drupal (does not shipt this module) CVE-2007-5227 (Multiple cross-site scripting (XSS) vulnerabilities in messaging/cours ...) -- cgit v1.2.3