Merge pull request #309 from pvdl/master

Update Wordpress Vulnerabilities DB

README.md

@@ -28,6 +28,7 @@ WPScan comes pre-installed on the following Linux distributions:
 
 - [BackBox Linux](http://www.backbox.org/)
 - [BackTrack Linux](http://www.backtrack-linux.org/)
+- [Kali Linux](http://www.kali.org/)
 - [Pentoo](http://www.pentoo.ch/)
 - [SamuraiWTF](http://samurai.inguardians.com/)
 

data/plugin_vulns.xml

@@ -275,12 +275,15 @@
 
   <plugin name="google-document-embedder">
     <vulnerability>
-      <title>Google Document Embedder Arbitrary File Disclosure</title>
+      <title>Google Document Embedder - Arbitrary File Disclosure</title>
       <references>
+        <cve>2012-4915</cve>
         <exploitdb>23970</exploitdb>
+        <secunia>50832</secunia>
+        <url>http://www.securityfocus.com/bid/57133</url>
+        <url>http://packetstormsecurity.com/files/119329/</url>
         <url>http://ceriksen.com/2013/01/03/wordpress-google-document-embedder-arbitrary-file-disclosure/
         </url>
-        <secunia>50832</secunia>
         <metasploit>exploit/unix/webapp/wp_google_document_embedder_exec</metasploit>
       </references>
       <type>UNKNOWN</type>
@@ -448,17 +451,23 @@
 
   <plugin name="reflex-gallery">
     <vulnerability>
-      <title>ReFlex Gallery Shell Upload</title>
+      <title>ReFlex Gallery 1.3 - Shell Upload</title>
       <references>
         <url>http://packetstormsecurity.com/files/119218/</url>
       </references>
       <type>UPLOAD</type>
     </vulnerability>
+    <vulnerability>
+      <title>ReFlex Gallery 1.4 - reflex-gallery.php Direct Request Path Disclosure</title>
+      <references>
+        <osvdb>88869</osvdb>
+      </references>
+    </vulnerability>
   </plugin>
 
   <plugin name="uploader">
     <vulnerability>
-      <title>Uploader 1.0.4 Shell Upload</title>
+      <title>Uploader 1.0.4 - Shell Upload</title>
       <references>
         <url>http://packetstormsecurity.com/files/119219/</url>
       </references>
@@ -468,7 +477,7 @@
 
   <plugin name="xerte-online">
     <vulnerability>
-      <title>Xerte Online 0.32 Shell Upload</title>
+      <title>Xerte Online 0.32 - Shell Upload</title>
       <references>
         <url>http://packetstormsecurity.com/files/119220/</url>
       </references>

data/wp_vulns.xml

@@ -16,6 +16,7 @@
         <osvdb>97211</osvdb>
       </references>
       <type>UNKNOWN</type>
+      <fixed_in>3.6.1</fixed_in>
     </vulnerability>
     <vulnerability>
       <title>wp-includes/functions.php get_allowed_mime_types Function SWF / EXE File Upload XSS Weakness</title>
@@ -35,6 +36,7 @@
         <url>http://core.trac.wordpress.org/changeset/25323</url>
       </references>
       <type>UNKNOWN</type>
+      <fixed_in>3.6.1</fixed_in>
     </vulnerability>
     <vulnerability>
       <title>wp-admin/includes/post.php user_ID Parameter Manipulation Post Authorship Spoofing</title>
@@ -45,6 +47,7 @@
         <url>http://core.trac.wordpress.org/changeset/25321</url>
       </references>
       <type>UNKNOWN</type>
+      <fixed_in>3.6.1</fixed_in>
     </vulnerability>
     <vulnerability>
       <title>wp-includes/functions.php get_allowed_mime_types Function HTML File Upload XSS Weakness</title>
@@ -2090,9 +2093,19 @@
     <vulnerability>
       <title>Wordpress &lt;= 1.5.1.2 xmlrpc Interface SQL Injection Exploit</title>
       <references>
+        <osvdb>17636</osvdb>
+        <osvdb>17637</osvdb>
+        <osvdb>17638</osvdb>
+        <osvdb>17639</osvdb>
+        <osvdb>17640</osvdb>
+        <osvdb>17641</osvdb>
+        <cve>2005-2108</cve>
         <exploitdb>1077</exploitdb>
+        <secunia>15831</secunia>
+        <secunia>15898</secunia>
       </references>
       <type>SQLI</type>
+      <fixed_in>1.5.1.3</fixed_in>
     </vulnerability>
     <vulnerability>
       <title>XMLRPC Pingback API Internal/External Port Scanning</title>
@@ -2158,4 +2171,56 @@
     </vulnerability>
   </wordpress>
 
+  <wordpress version="1.5">
+    <vulnerability>
+      <title>WordPress wp-trackback.php tb_id Parameter SQL Injection</title>
+      <references>
+        <cve>2005-1687</cve>
+        <osvdb>16701</osvdb>
+        <osvdb>16702</osvdb>
+        <osvdb>16703</osvdb>
+      </references>
+      <type>SQLI</type>
+      <fixed_in>1.5.1</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress post.php p Parameter XSS</title>
+      <references>
+        <osvdb>16702</osvdb>
+        <osvdb>16701</osvdb>
+        <osvdb>16703</osvdb>
+      </references>
+      <type>XSS</type>
+      <fixed_in>1.5.1</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress Multiple Script Direct Request Path Disclosure</title>
+      <references>
+        <cve>2005-1688</cve>
+        <osvdb>16703</osvdb>
+        <osvdb>16701</osvdb>
+        <osvdb>16702</osvdb>
+      </references>
+      <type>UNKNOWN</type>
+      <fixed_in>1.5.1</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress Cross-Site Scripting and SQL Injection Vulnerabilities</title>
+      <references>
+        <osvdb>16478</osvdb>
+        <secunia>15324</secunia>
+      </references>
+      <type>MULTI</type>
+      <fixed_in>1.5.1</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress template-functions-post.php Multiple Field XSS</title>
+      <references>
+        <cve>2005-1102</cve>
+        <osvdb>15643</osvdb>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </wordpress>
+
 </vulnerabilities>