added vulns

2013-01-31 22:31:21 +01:00
parent df66a7496a
commit 2de6671a2c
1 changed files with 31 additions and 0 deletions
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -3193,8 +3193,15 @@
  </plugin>

  <plugin name="cardoza-wordpress-poll">
+    <vulnerability>
+      <title>WordPress Poll Plugin &lt; 34.06 Cross-Site Request Forgery Vulnerability</title>
+      <reference>http://secunia.com/advisories/51925/</reference>
+      <type>CSRF</type>
+    </vulnerability>
    <vulnerability>
      <title>Multiple SQL injection vulnerabilities in Cardoza Wordpress poll plugin</title>
+      <reference>http://secunia.com/advisories/51942/</reference>
+      <reference>http://www.girlinthemiddle.net/2013/01/multiple-sql-injection-vulnerabilities.html</reference>
      <reference>http://seclists.org/bugtraq/2013/Jan/86</reference>
      <type>SQLI</type>
    </vulnerability>
@@ -3578,5 +3585,29 @@
    </vulnerability>
  </plugin>
  
+  <plugin name="wordpress-simple-shout-box">
+    <vulnerability>
+      <title>wordpress-simple-shout-box Plugin SQL Injection</title>
+      <reference>http://cxsecurity.com/issue/WLB-2013010235</reference>
+      <type>SQLI</type>
+    </vulnerability>
+  </plugin>
+  
+  <plugin name="portfolio-slideshow-pro">
+    <vulnerability>
+      <title>Wordpress portfolio-slideshow-pro v3 Plugin SQL Injection </title>
+      <reference>http://cxsecurity.com/issue/WLB-2013010236</reference>
+      <type>SQLI</type>
+    </vulnerability>
+  </plugin>
+  
+  <plugin name="simple-history">
+    <vulnerability>
+      <title>WordPress Simple History Plugin &lt; 1.0.8 RSS Feed "rss_secret" Disclosure Weakness</title>
+      <reference>http://secunia.com/advisories/51998/</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+  </plugin>
+  
 </vulnerabilities>