Addition of an AUTHBYPASS type for plugins that will operate without a valid WordPress session and/or adequate privilege, creating a vulnerability due to its functionality. Also, added a portable-phpMyAdmin vulnerability to the plugin vulnerability listing utilizing the aforementioned new type.

data/plugin_vulns.xml

@@ -18,7 +18,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 ryandewhurst at gmail
 
   This file contains vulnerabilities associated with WordPress plugins.
-  TYPE = ["SQLI", "MULTI", "REDIRECT", "RCE", "RFI", "LFI", "UPLOAD", "UNKNOWN", "XSS", "CSRF"]
+  TYPE = ["SQLI", "MULTI", "REDIRECT", "RCE", "RFI", "LFI", "UPLOAD", "UNKNOWN", "XSS", "CSRF", "AUTHBYPASS"]
 
   <plugin name="">
     <vulnerability>
@@ -2420,5 +2420,12 @@ File Upload Vulnerability</title>
       <type>RCE</type>
     </vulnerability>
   </plugin>
+  <plugin name="portable-phpmyadmin">
+    <vulnerability>
+      <title>portable-phpMyAdmin &lt; 1.3.1 Authentication Bypass</title>
+      <reference>http://www.exploit-db.com/exploits/23356</reference>
+      <type>AUTHBYPASS</type>
+    </vulnerability>
+  </plugin>
 </vulnerabilities>