Merge branch 'master' of github.com:wpscanteam/wpscan

data/wp_vulns.xml

@@ -1038,6 +1038,12 @@
   </wordpress>
 
   <wordpress version="2.1.2">
+     <vulnerability>
+      <title>WordPress "year" Cross-Site Scripting Vulnerability</title>
+      <reference>http://secunia.com/advisories/24485/</reference>
+      <reference>http://www.securityfocus.com/archive/1/archive/1/462374/100/0/threaded</reference>
+      <type>XSS</type>
+    </vulnerability>
     <vulnerability>
       <title>Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit</title>
       <reference>http://www.exploit-db.com/exploits/3656/</reference>

lib/wpscan/wp_target.rb

@@ -61,7 +61,7 @@ class WpTarget
 
   # Valid HTTP return codes
   def self.valid_response_codes
-    [200, 301, 302, 401, 403, 500]
+    [200, 301, 302, 401, 403, 500, 400]
   end
 
   # return WpTheme