Merge pull request #363 from pvdl/vulns

Update WordPress Vulnerabilities
2013-11-11 05:48:44 -08:00
parent 7f9b49059b 5c93540f91
commit 30709091b3
2 changed files with 24 additions and 0 deletions
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -7936,11 +7936,23 @@
    <vulnerability>
      <title>Polldaddy Polls and Ratings 2.0.20 - Cross-Site Request Forgery Vulnerability</title>
      <references>
+        <osvdb>99515</osvdb>
        <secunia>55464</secunia>
+        <url>http://www.securityfocus.com/bid/63557</url>
      </references>
      <type>CSRF</type>
      <fixed_in>2.0.21</fixed_in>
    </vulnerability>
  </plugin>

+  <plugin name="jigoshop">
+    <vulnerability>
+      <title>Jigoshop 1.8 - Multiple Script Direct Request Path Disclosure</title>
+      <references>
+        <osvdb>99485</osvdb>
+      </references>
+      <type>FPD</type>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -2014,4 +2014,16 @@
    </vulnerability>
  </theme>

+  <theme name="kernel-theme">
+    <vulnerability>
+      <title>Kernel Theme - functions/upload-handler.php File Upload Remote Code Execution</title>
+      <references>
+        <osvdb>99553</osvdb>
+        <exploitdb>29482</exploitdb>
+        <url>http://packetstormsecurity.com/files/123954/</url>
+      </references>
+      <type>RCE</type>
+    </vulnerability>
+  </theme>
+
 </vulnerabilities>