Merge pull request #368 from pvdl/vulns

Update WordPress Vulnerabilities

data/plugin_vulns.xml

@@ -2144,7 +2144,7 @@
       <fixed_in>3.5.4</fixed_in>
     </vulnerability>
     <vulnerability>
-      <title>Better WP Security v3.4.3 - Multiple XSS</title>
+      <title>Better WP Security 3.4.3 - Multiple XSS</title>
       <references>
         <url>http://seclists.org/bugtraq/2012/Oct/9</url>
       </references>
@@ -2584,6 +2584,22 @@
   </plugin>
 
   <plugin name="link-library">
+    <vulnerability>
+      <title>Link Library 5.0.8 - wp-content/plugins/link-library/tracker.php id Parameter XSS</title>
+      <references>
+        <osvdb>74561</osvdb>
+        <secunia>45588</secunia>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+    <vulnerability>
+      <title>Link Library 5.0.8 - wp-content/plugins/link-library/tracker.php id Parameter SQL Injection</title>
+      <references>
+        <osvdb>74562</osvdb>
+        <secunia>45588</secunia>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
     <vulnerability>
       <title>Link Library &lt;= 5.2.1 - SQL Injection</title>
       <references>
@@ -4106,6 +4122,15 @@
   </plugin>
 
   <plugin name="wp-e-commerce">
+    <vulnerability>
+      <title>WP e-Commerce 3.8.6 - wpsc-cart_widget.php cart_messages Parameter XSS</title>
+      <references>
+        <osvdb>74295</osvdb>
+        <secunia>45513</secunia>
+      </references>
+      <type>XSS</type>
+      <fixed_in>3.8.8</fixed_in>
+    </vulnerability>
     <vulnerability>
       <title>WP e-Commerce &lt;= 3.8.6 - SQL Injection Vulnerability</title>
       <references>
@@ -4114,7 +4139,7 @@
       <type>SQLI</type>
     </vulnerability>
     <vulnerability>
-      <title>WP-e-Commerce v3.8.9.5 - Cross Site Scripting Vulnerability</title>
+      <title>WP-e-Commerce 3.8.9.5 - Cross Site Scripting Vulnerability</title>
       <references>
         <url>http://1337day.com/exploit/20517</url>
       </references>
@@ -8119,4 +8144,61 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="social-slider-2">
+    <vulnerability>
+      <title>Social Slider &lt;= 5.6.5 - social-slider-2/ajax.php rA Parameter SQL Injection</title>
+      <references>
+        <osvdb>74421</osvdb>
+        <secunia>45549</secunia>
+        <exploitdb>17617</exploitdb>
+      </references>
+      <type>SQLI</type>
+      <fixed_in>6.0.0</fixed_in>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="redirection">
+    <vulnerability>
+      <title>Redirection - wp-admin/tools.php id Parameter XSS</title>
+      <references>
+        <osvdb>74783</osvdb>
+        <secunia>45782</secunia>
+      </references>
+      <type>XSS</type>
+      <fixed_in>2.2.9</fixed_in>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="eshop">
+    <vulnerability>
+      <title>eShop - wp-admin/admin.php Multiple Parameter XSS</title>
+      <references>
+        <osvdb>74464</osvdb>
+        <secunia>45553</secunia>
+        <url>http://seclists.org/bugtraq/2011/Aug/52</url>
+      </references>
+      <type>XSS</type>
+      <fixed_in>6.2.9</fixed_in>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="all-in-one-adsense-and-ypn">
+    <vulnerability>
+      <title>All in One Adsense YPN 2.0.1 - all-in-one-adsense-and-ypn.php Unspecified XSS</title>
+      <references>
+        <osvdb>74900</osvdb>
+        <secunia>45579</secunia>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+    <vulnerability>
+      <title>All in One Adsense YPN 2.0.1 - all-in-one-adsense-and-ypn.php Direct Request AdSense Account Manipulation</title>
+      <references>
+        <osvdb>74899</osvdb>
+        <secunia>45579</secunia>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>