From c7c1c1d3e7b65d72a943519d68346f5ff99b1368 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Wed, 23 Oct 2013 22:06:25 +0200
Subject: [PATCH 1/3] Update plugin_vulns.xml

---
 data/plugin_vulns.xml | 30 ++++++++++++++++++++++++++----
 1 file changed, 26 insertions(+), 4 deletions(-)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index b7c22845..ef4d7ac5 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -1037,11 +1037,14 @@
       <type>MULTI</type>
     </vulnerability>
     <vulnerability>
-      <title>Wordfence 3.8.1 - XSS</title>
+      <title>Wordfence 3.8.1 - wp-admin/admin.php whois Parameter Stored XSS</title>
       <references>
+        <osvdb>97884</osvdb>
         <url>http://packetstormsecurity.com/files/122993/</url>
+        <url>http://www.securityfocus.com/bid/62053</url>
       </references>
       <type>XSS</type>
+      <fixed_in>3.8.3</fixed_in>
     </vulnerability>
   </plugin>
 
@@ -6371,13 +6374,21 @@
 
   <plugin name="wordpress-seo">
     <vulnerability>
-      <title>wordpress-seo - Security issue which allowed any user to reset settings</title>
+      <title>WordPress SEO - Security issue which allowed any user to reset settings</title>
       <references>
         <url>http://wordpress.org/plugins/wordpress-seo/changelog/</url>
       </references>
       <type>UNKNOWN</type>
       <fixed_in>1.4.5</fixed_in>
     </vulnerability>
+    <vulnerability>
+      <title>WordPress SEO 1.14.15 - index.php s Parameter Reflected XSS</title>
+      <references>
+        <osvdb>97885</osvdb>
+        <url>http://packetstormsecurity.com/files/123028/</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
   </plugin>
 
   <plugin name="underconstruction">
@@ -6817,10 +6828,12 @@
     <vulnerability>
       <title>Design Approval System 3.6 - XSS Vulnerability</title>
       <references>
+        <osvdb>97192</osvdb>
+        <osvdb>97279</osvdb>
+        <secunia>54704</secunia>
         <url>http://seclists.org/bugtraq/2013/Sep/54</url>
         <url>http://packetstormsecurity.com/files/123227/</url>
         <cve>2013-5711</cve>
-        <osvdb>97279</osvdb>
       </references>
       <fixed_in>3.7</fixed_in>
       <type>XSS</type>
@@ -7071,8 +7084,17 @@
 
   <plugin name="encrypted-blog">
     <vulnerability>
-      <title>Encrypted Blog 0.0.6.2 - XSS, Open Redirect</title>
+      <title>Encrypted Blog 0.0.6.2 - encrypt_blog_form.php redirect_to Parameter Arbitrary Site Redirect</title>
       <references>
+        <osvdb>97881</osvdb>
+        <url>http://packetstormsecurity.com/files/122992/</url>
+      </references>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>Encrypted Blog 0.0.6.2 - encrypt_blog_form.php redirect_to Parameter Reflected XSS</title>
+      <references>
+        <osvdb>97882</osvdb>
         <url>http://packetstormsecurity.com/files/122992/</url>
       </references>
       <type>XSS</type>

From 32588554da07a90fcd2655006082d949fb25db58 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Wed, 23 Oct 2013 22:40:37 +0200
Subject: [PATCH 2/3] Update plugin_vulns.xml

---
 data/plugin_vulns.xml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index ef4d7ac5..f34b7570 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -7281,6 +7281,14 @@
 
   <plugin name="a-forms">
     <vulnerability>
+    <vulnerability>
+      <title>A Forms 1.4.0 Multiple Parameters SQL Injection</title>
+      <references>
+        <osvdb>96404</osvdb>
+      </references>
+      <type>SQLI</type>
+      <fixed_in>1.4.2</fixed_in>
+    </vulnerability>
       <title>A Forms 1.4.1 - Form Submission CSRF</title>
       <references>
         <osvdb>96381</osvdb>
@@ -7520,4 +7528,17 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="really-simple-facebook-twitter-share-buttons">
+    <vulnerability>
+      <title>Really simple Facebook Twitter share buttons 2.10.4 - Settings Page Manipulation CSRF</title>
+      <references>
+        <osvdb>97190</osvdb>
+        <secunia>54707</secunia>
+        <url>http://www.securityfocus.com/bid/62268</url>
+      </references>
+      <type>CSRF</type>
+      <fixed_in>2.10.5</fixed_in>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>

From 9f06b61e9fe946e5b2aa635e1223cacf097fd131 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Wed, 23 Oct 2013 22:51:08 +0200
Subject: [PATCH 3/3] Update plugin_vulns.xml

---
 data/plugin_vulns.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index f34b7570..0c4b06e2 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -7280,7 +7280,6 @@
   </plugin>
 
   <plugin name="a-forms">
-    <vulnerability>
     <vulnerability>
       <title>A Forms 1.4.0 Multiple Parameters SQL Injection</title>
       <references>
@@ -7289,6 +7288,7 @@
       <type>SQLI</type>
       <fixed_in>1.4.2</fixed_in>
     </vulnerability>
+    <vulnerability>
       <title>A Forms 1.4.1 - Form Submission CSRF</title>
       <references>
         <osvdb>96381</osvdb>