Skip to content

Commit 0e07d0a

Browse files
advisory-database[bot]advisory-database[bot]
committed
Advisory Database Sync
1 parent 93bbe0d commit 0e07d0a

40 files changed

Lines changed: 445 additions & 104 deletions

File tree

advisories/unreviewed/2025/11/GHSA-v6c5-9mp4-mwq4/GHSA-v6c5-9mp4-mwq4.json

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-v6c5-9mp4-mwq4",
4-
"modified": "2026-02-18T21:31:17Z",
4+
"modified": "2026-02-25T00:31:21Z",
55
"published": "2025-11-26T15:34:12Z",
66
"aliases": [
77
"CVE-2025-13601"
@@ -35,10 +35,18 @@
3535
"type": "WEB",
3636
"url": "https://access.redhat.com/security/cve/CVE-2025-13601"
3737
},
38+
{
39+
"type": "WEB",
40+
"url": "https://access.redhat.com/errata/RHSA-2026:2671"
41+
},
3842
{
3943
"type": "WEB",
4044
"url": "https://access.redhat.com/errata/RHSA-2026:2659"
4145
},
46+
{
47+
"type": "WEB",
48+
"url": "https://access.redhat.com/errata/RHSA-2026:2633"
49+
},
4250
{
4351
"type": "WEB",
4452
"url": "https://access.redhat.com/errata/RHSA-2026:2563"

advisories/unreviewed/2026/02/GHSA-29xg-2j5g-mj8g/GHSA-29xg-2j5g-mj8g.json

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-29xg-2j5g-mj8g",
4-
"modified": "2026-02-20T18:31:35Z",
4+
"modified": "2026-02-25T00:31:21Z",
55
"published": "2026-02-20T18:31:35Z",
66
"aliases": [
77
"CVE-2025-68531"
88
],
99
"details": "Deserialization of Untrusted Data vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Object Injection.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through < 1.5.6.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -23,7 +28,7 @@
2328
"cwe_ids": [
2429
"CWE-502"
2530
],
26-
"severity": null,
31+
"severity": "HIGH",
2732
"github_reviewed": false,
2833
"github_reviewed_at": null,
2934
"nvd_published_at": "2026-02-20T16:22:10Z"

advisories/unreviewed/2026/02/GHSA-4r8w-crc8-mqph/GHSA-4r8w-crc8-mqph.json

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-4r8w-crc8-mqph",
4-
"modified": "2026-02-20T18:31:35Z",
4+
"modified": "2026-02-25T00:31:21Z",
55
"published": "2026-02-20T18:31:35Z",
66
"aliases": [
77
"CVE-2025-69301"
88
],
99
"details": "Deserialization of Untrusted Data vulnerability in ThemeGoods PhotoMe photome allows Object Injection.This issue affects PhotoMe: from n/a through <= 5.6.11.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -23,7 +28,7 @@
2328
"cwe_ids": [
2429
"CWE-502"
2530
],
26-
"severity": null,
31+
"severity": "CRITICAL",
2732
"github_reviewed": false,
2833
"github_reviewed_at": null,
2934
"nvd_published_at": "2026-02-20T16:22:17Z"

advisories/unreviewed/2026/02/GHSA-5h9r-fr4c-2vwr/GHSA-5h9r-fr4c-2vwr.json

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-5h9r-fr4c-2vwr",
4-
"modified": "2026-02-20T18:31:34Z",
4+
"modified": "2026-02-25T00:31:21Z",
55
"published": "2026-02-20T18:31:34Z",
66
"aliases": [
77
"CVE-2025-67993"
88
],
99
"details": "Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through <= 4.2.1.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -23,7 +28,7 @@
2328
"cwe_ids": [
2429
"CWE-862"
2530
],
26-
"severity": null,
31+
"severity": "MODERATE",
2732
"github_reviewed": false,
2833
"github_reviewed_at": null,
2934
"nvd_published_at": "2026-02-20T16:22:05Z"

advisories/unreviewed/2026/02/GHSA-5ppr-f7g3-89cw/GHSA-5ppr-f7g3-89cw.json

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-5ppr-f7g3-89cw",
4-
"modified": "2026-02-20T18:31:38Z",
4+
"modified": "2026-02-25T00:31:22Z",
55
"published": "2026-02-20T18:31:38Z",
66
"aliases": [
77
"CVE-2026-22345"
88
],
99
"details": "Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through <= 1.6.0.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -23,7 +28,7 @@
2328
"cwe_ids": [
2429
"CWE-502"
2530
],
26-
"severity": null,
31+
"severity": "HIGH",
2732
"github_reviewed": false,
2833
"github_reviewed_at": null,
2934
"nvd_published_at": "2026-02-20T16:22:33Z"

advisories/unreviewed/2026/02/GHSA-5w67-c6pv-hmpq/GHSA-5w67-c6pv-hmpq.json

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-5w67-c6pv-hmpq",
4-
"modified": "2026-02-20T18:31:35Z",
4+
"modified": "2026-02-25T00:31:21Z",
55
"published": "2026-02-20T18:31:35Z",
66
"aliases": [
77
"CVE-2025-69294"
88
],
99
"details": "Deserialization of Untrusted Data vulnerability in fuelthemes PeakShops peakshops allows Object Injection.This issue affects PeakShops: from n/a through <= 1.5.9.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -23,7 +28,7 @@
2328
"cwe_ids": [
2429
"CWE-502"
2530
],
26-
"severity": null,
31+
"severity": "HIGH",
2732
"github_reviewed": false,
2833
"github_reviewed_at": null,
2934
"nvd_published_at": "2026-02-20T16:22:15Z"

advisories/unreviewed/2026/02/GHSA-5xr7-h2jm-xhr2/GHSA-5xr7-h2jm-xhr2.json

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-5xr7-h2jm-xhr2",
4-
"modified": "2026-02-20T18:31:35Z",
4+
"modified": "2026-02-25T00:31:21Z",
55
"published": "2026-02-20T18:31:35Z",
66
"aliases": [
77
"CVE-2025-69063"
88
],
99
"details": "Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through <= 3.2.0.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -23,7 +28,7 @@
2328
"cwe_ids": [
2429
"CWE-862"
2530
],
26-
"severity": null,
31+
"severity": "HIGH",
2732
"github_reviewed": false,
2833
"github_reviewed_at": null,
2934
"nvd_published_at": "2026-02-20T16:22:15Z"

advisories/unreviewed/2026/02/GHSA-6fwh-vwxr-5jrw/GHSA-6fwh-vwxr-5jrw.json

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-6fwh-vwxr-5jrw",
4-
"modified": "2026-02-20T18:31:34Z",
4+
"modified": "2026-02-25T00:31:21Z",
55
"published": "2026-02-20T18:31:34Z",
66
"aliases": [
77
"CVE-2025-67974"
88
],
99
"details": "Missing Authorization vulnerability in WP Legal Pages WPLegalPages wplegalpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLegalPages: from n/a through <= 3.5.4.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -23,7 +28,7 @@
2328
"cwe_ids": [
2429
"CWE-862"
2530
],
26-
"severity": null,
31+
"severity": "HIGH",
2732
"github_reviewed": false,
2833
"github_reviewed_at": null,
2934
"nvd_published_at": "2026-02-20T16:22:03Z"

advisories/unreviewed/2026/02/GHSA-6g49-x6hq-6rmq/GHSA-6g49-x6hq-6rmq.json

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-6g49-x6hq-6rmq",
4-
"modified": "2026-02-20T18:31:34Z",
4+
"modified": "2026-02-25T00:31:21Z",
55
"published": "2026-02-20T18:31:34Z",
66
"aliases": [
77
"CVE-2025-68000"
88
],
99
"details": "Missing Authorization vulnerability in PickPlugins Testimonial Slider testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonial Slider: from n/a through <= 2.0.15.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -23,7 +28,7 @@
2328
"cwe_ids": [
2429
"CWE-862"
2530
],
26-
"severity": null,
31+
"severity": "MODERATE",
2732
"github_reviewed": false,
2833
"github_reviewed_at": null,
2934
"nvd_published_at": "2026-02-20T16:22:06Z"

advisories/unreviewed/2026/02/GHSA-7c63-32m9-7mfg/GHSA-7c63-32m9-7mfg.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,8 @@
3030
],
3131
"database_specific": {
3232
"cwe_ids": [
33-
"CWE-122"
33+
"CWE-122",
34+
"CWE-787"
3435
],
3536
"severity": "HIGH",
3637
"github_reviewed": false,

0 commit comments

Comments
 (0)