diff --git a/data/local_vulnerable_files.xml b/data/local_vulnerable_files.xml
index 3371eab4..134456dc 100644
--- a/data/local_vulnerable_files.xml
+++ b/data/local_vulnerable_files.xml
@@ -38,5 +38,36 @@ ryandewhurst at gmail
     <reference>http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html</reference>
   </hash>
 
+  <hash sha1="775dc1089829ef07838406def28a4d8bfef69d66">
+    <title>Arbitrary File Upload Vulnerability</title>
+    <file>php.php</file>
+    <reference>http://packetstormsecurity.com/files/119241/wpvalums-shell.txt</reference>
+  </hash>
+
+  <!-- This one a is the same as above, but the postSize verification has been removed -->
+  <hash sha1="5e8f0d5a917d2937318a9bafd0529135bd473e70">
+    <title>Arbitrary File Upload Vulnerability</title>
+    <file>php.php</file>
+    <reference>http://packetstormsecurity.com/files/119218/wpreflexgallery-shell.txt</reference>
+  </hash>
+
+  <hash sha1="3f9ad05b05b65ee2b6efa1373f708293dd2005c7">
+    <title>Arbitrary File Upload Vulnerability</title>
+    <file>uploadify.php</file>
+    <reference>http://packetstormsecurity.com/files/119219/wpuploader104-shell.txt</reference>
+  </hash>
+
+  <hash sha1="ac638cc38f011b74a8d9a4e7d3d60358e472166c">
+    <title>Inline phpinfo()</title>
+    <file>phpinfo.php</file>
+    <reference></reference>
+  </hash>
+
+  <hash sha1="012ee25cceff745e681fbb3697a06f3712f55554">
+    <title>phpinfo()</title>
+    <file>phpinfo.php</file>
+    <reference></reference>
+  </hash>
+
 </hashes>
 
diff --git a/wpstools.rb b/wpstools.rb
index 38af3dcd..9e37ba69 100755
--- a/wpstools.rb
+++ b/wpstools.rb
@@ -226,7 +226,8 @@ begin
           end
           puts "  |"
           puts "  | Title: #{vuln_title}"
-          puts "  | Refrence: #{vuln_refrence}"
+          puts "  | Refrence: #{vuln_refrence}" if !vuln_refrence.empty?
+          puts
         end
       end