diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 314d7629..4d761bac 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -3139,6 +3139,7 @@
     </vulnerability>
     <vulnerability>
       <title>W3-Total-Cache &lt; 0.9.2.9 Remote Code Execution</title>
+      <reference>http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/</reference>
       <reference>http://wordpress.org/support/topic/pwn3d</reference>
       <reference>http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html</reference>
       <type>RCE</type>
@@ -3148,6 +3149,7 @@
   <plugin name="wp-super-cache">
     <vulnerability>
       <title>WP-Super-Cache &lt; 1.3.1 Remote Code Execution</title>
+      <reference>http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/</reference>
       <reference>http://wordpress.org/support/topic/pwn3d</reference>
       <reference>http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html</reference>
       <type>RCE</type>