Update CVE-2014-0165 and CVE-2014-0166 (Ref #448)

data/wp_vulns.xml

@@ -14,18 +14,22 @@
     <vulnerability>
       <title>Potential Authentication Cookie Forgery</title>
       <references>
+        <osvdb>105620</osvdb>
         <url>https://github.com/WordPress/WordPress/commit/78a915e0e5927cf413aa6c2cef2fca3dc587f8be</url>
         <cve>2014-0166</cve>
       </references>
       <type>AUTHBYPASS</type>
+      <fixed_in>3.8.2</fixed_in>
     </vulnerability>
     <vulnerability>
       <title>Privilege escalation: contributors publishing posts</title>
       <references>
+        <osvdb>105630</osvdb>
         <url>https://github.com/wpscanteam/wpscan/wiki/CVE-2014-0165</url>
         <cve>2014-0165</cve>
       </references>
       <type>BYPASS</type>
+      <fixed_in>3.8.2</fixed_in>
     </vulnerability>
   </wordpress>
 
@@ -41,6 +45,26 @@
   </wordpress>
 
   <wordpress version="3.7.1">
+    <vulnerability>
+      <title>Potential Authentication Cookie Forgery</title>
+      <references>
+        <osvdb>105620</osvdb>
+        <url>https://github.com/WordPress/WordPress/commit/78a915e0e5927cf413aa6c2cef2fca3dc587f8be</url>
+        <cve>2014-0166</cve>
+      </references>
+      <type>AUTHBYPASS</type>
+      <fixed_in>3.7.2</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>Privilege escalation: contributors publishing posts</title>
+      <references>
+        <osvdb>105630</osvdb>
+        <url>https://github.com/wpscanteam/wpscan/wiki/CVE-2014-0165</url>
+        <cve>2014-0165</cve>
+      </references>
+      <type>BYPASS</type>
+      <fixed_in>3.7.2</fixed_in>
+    </vulnerability>
     <vulnerability>
       <title>wp-admin/options-writing.php Cleartext Admin Credentials Disclosure</title>
       <references>