From de2cb08a6be101872d4f8ae4bc2f8497d2c6f85c Mon Sep 17 00:00:00 2001
From: Pedro Worcel <pedro@worcel.com>
Date: Mon, 7 Apr 2014 12:07:13 +1200
Subject: [PATCH 1/2] Wordpress Templatic Themes CSRF

Add http://1337day.com/exploit/22091

Couldn't verify myself because themes are paid, but files seem to exist and are possibly vulnerable.
---
 data/theme_vulns.xml | 51 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)

diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index 12fbff65..d1cc960f 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -3028,5 +3028,56 @@
       <type>UPLOAD</type>
     </vulnerability>
   </theme>
+  
+  <theme name="Realestate">
+    <vulnerability>
+        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+        <references>
+            <url>http://1337day.com/exploit/22091</url>
+        </references>
+        <type>CSRF</type>
+    </vulnerability>
+</theme>
+
+<theme name="dailydeal">
+    <vulnerability>
+        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+        <references>
+            <url>http://1337day.com/exploit/22091</url>
+        </references>
+        <type>CSRF</type>
+    </vulnerability>
+</theme>
+
+<theme name="nightlife">
+    <vulnerability>
+        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+        <references>
+            <url>http://1337day.com/exploit/22091</url>
+        </references>
+        <type>CSRF</type>
+    </vulnerability>
+</theme>
+
+<theme name="5star">
+    <vulnerability>
+        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+        <references>
+            <url>http://1337day.com/exploit/22091</url>
+        </references>
+        <type>CSRF</type>
+    </vulnerability>
+</theme>
+
+<theme name="specialist">
+    <vulnerability>
+        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+        <references>
+            <url>http://1337day.com/exploit/22091</url>
+        </references>
+        <type>CSRF</type>
+    </vulnerability>
+</theme>
+
 
 </vulnerabilities>

From dd5cdfd8481cf8f02011b81ff45147461d72122d Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Mon, 7 Apr 2014 12:19:22 +1200
Subject: [PATCH 2/2] fix indentation

---
 data/theme_vulns.xml | 91 ++++++++++++++++++++++----------------------
 1 file changed, 45 insertions(+), 46 deletions(-)

diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index d1cc960f..7266f50a 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -3028,56 +3028,55 @@
       <type>UPLOAD</type>
     </vulnerability>
   </theme>
-  
+
   <theme name="Realestate">
-    <vulnerability>
-        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
-        <references>
-            <url>http://1337day.com/exploit/22091</url>
-        </references>
-        <type>CSRF</type>
-    </vulnerability>
-</theme>
+      <vulnerability>
+          <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+          <references>
+              <url>http://1337day.com/exploit/22091</url>
+          </references>
+          <type>CSRF</type>
+      </vulnerability>
+  </theme>
 
-<theme name="dailydeal">
-    <vulnerability>
-        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
-        <references>
-            <url>http://1337day.com/exploit/22091</url>
-        </references>
-        <type>CSRF</type>
-    </vulnerability>
-</theme>
+  <theme name="dailydeal">
+      <vulnerability>
+          <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+          <references>
+              <url>http://1337day.com/exploit/22091</url>
+          </references>
+          <type>CSRF</type>
+      </vulnerability>
+  </theme>
 
-<theme name="nightlife">
-    <vulnerability>
-        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
-        <references>
-            <url>http://1337day.com/exploit/22091</url>
-        </references>
-        <type>CSRF</type>
-    </vulnerability>
-</theme>
+  <theme name="nightlife">
+      <vulnerability>
+          <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+          <references>
+              <url>http://1337day.com/exploit/22091</url>
+          </references>
+          <type>CSRF</type>
+      </vulnerability>
+  </theme>
 
-<theme name="5star">
-    <vulnerability>
-        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
-        <references>
-            <url>http://1337day.com/exploit/22091</url>
-        </references>
-        <type>CSRF</type>
-    </vulnerability>
-</theme>
-
-<theme name="specialist">
-    <vulnerability>
-        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
-        <references>
-            <url>http://1337day.com/exploit/22091</url>
-        </references>
-        <type>CSRF</type>
-    </vulnerability>
-</theme>
+  <theme name="5star">
+      <vulnerability>
+          <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+          <references>
+              <url>http://1337day.com/exploit/22091</url>
+          </references>
+          <type>CSRF</type>
+      </vulnerability>
+  </theme>
 
+  <theme name="specialist">
+      <vulnerability>
+          <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+          <references>
+              <url>http://1337day.com/exploit/22091</url>
+          </references>
+          <type>CSRF</type>
+      </vulnerability>
+  </theme>
 
 </vulnerabilities>