From bec7b5ed22c8b31558e54a25ef8c762b6a1b5430 Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Fri, 25 Oct 2013 10:40:53 +0200 Subject: [PATCH 1/2] It's WordPress, not Wordpress --- data/plugin_vulns.xml | 86 +++++++++++++++++++++---------------------- 1 file changed, 43 insertions(+), 43 deletions(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index e5f0af14..106e4793 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -563,7 +563,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -573,7 +573,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -583,7 +583,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -593,7 +593,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -603,7 +603,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -613,7 +613,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -623,7 +623,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -633,7 +633,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -643,7 +643,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -653,7 +653,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -663,7 +663,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -680,7 +680,7 @@ UPLOAD - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -690,7 +690,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -700,7 +700,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -710,7 +710,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -720,7 +720,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -730,7 +730,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html 51224 @@ -741,7 +741,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -758,7 +758,7 @@ UPLOAD - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -768,7 +768,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -778,7 +778,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html 51250 @@ -797,7 +797,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -807,7 +807,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -817,7 +817,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -827,7 +827,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -844,7 +844,7 @@ UPLOAD - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -861,7 +861,7 @@ UPLOAD - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -896,7 +896,7 @@ UPLOAD - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -906,7 +906,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -923,7 +923,7 @@ UPLOAD - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -940,7 +940,7 @@ UPLOAD - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -950,7 +950,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -967,7 +967,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -977,7 +977,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -1454,7 +1454,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -1478,7 +1478,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -2776,7 +2776,7 @@ MULTI - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -3097,7 +3097,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html 51271 @@ -3222,7 +3222,7 @@ - SWF Vulnerable to XSS Bundled in Many Wordpress Plugins + SWF Vulnerable to XSS Bundled in Many WordPress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -4683,7 +4683,7 @@ - Cardoza Wordpress poll - Cross-Site Request Forgery Vulnerability + Cardoza WordPress poll - Cross-Site Request Forgery Vulnerability 89443 2013-1401 @@ -4693,7 +4693,7 @@ 34.06 - Cardoza Wordpress poll - Multiple SQL injection vulnerabilities + Cardoza WordPress poll - Multiple SQL injection vulnerabilities 51942 http://www.girlinthemiddle.net/2013/01/multiple-sql-injection-vulnerabilities.html @@ -4702,7 +4702,7 @@ SQLI - Cardoza Wordpress poll - Multiple SQL Injection Vulnerabilities + Cardoza WordPress poll - Multiple SQL Injection Vulnerabilities 50910 @@ -7503,7 +7503,7 @@ - Wordpress - wp-realty - MySQL Time Based Injection + wp-realty - MySQL Time Based Injection 29021 http://www.exploit-db.com/exploits/29021/ From 0c406d72f6ec8d18c7df5620de2da1c9a33d361f Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Fri, 25 Oct 2013 11:48:22 +0200 Subject: [PATCH 2/2] Update WordPress Theme vulns --- data/theme_vulns.xml | 46 +++++++++++++++++++++++++++++++++++++++----- 1 file changed, 41 insertions(+), 5 deletions(-) diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml index 37b89e22..0ae6c0ce 100644 --- a/data/theme_vulns.xml +++ b/data/theme_vulns.xml @@ -1248,9 +1248,11 @@ - DailyDeal - Shell Upload + DailyDeal - File Upload Remote Code Execution + 98924 http://packetstormsecurity.com/files/123748/ + http://templatic.com/app-themes/daily-deal-premium-wordpress-app-theme RCE @@ -1730,7 +1732,7 @@ - silverOrchid - XSS Vulnerability + silverOrchid <= 1.5.0 - XSS Vulnerability 96723 54662 @@ -1744,9 +1746,9 @@ Caulk - path disclosure vulnerability - 96723 - 54662 + 90889 http://packetstormsecurity.com/files/120632/ + http://themeforest.net/item/caulk/76108 FPD @@ -1759,7 +1761,7 @@ 98806 http://packetstormsecurity.com/files/123697/ - UNKNOWN + RCE @@ -1818,4 +1820,38 @@ + + + AREA53 <= 1.0.5 - File Upload Code Execution + + 98927 + 29068 + http://www.securityfocus.com/bid/63306 + http://themeforest.net/item/area53-a-responsive-html5-wordpress-theme/2538737 + + RCE + + + + + + Sahifa 2.4.0 - Multiple Script Path Disclosure Direct Request Path Disclosure + + 88926 + http://packetstormsecurity.com/files/119191/ + http://www.securityfocus.com/bid/57109 + + FPD + + + Sahifa 2.4.0 - Site Setting Reset CSRF + + 88927 + http://packetstormsecurity.com/files/119191/ + http://www.securityfocus.com/bid/57109 + + CSRF + + +