From 6fe3bafd4d47219d777b8bd7efc2878fd72cd98e Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Mon, 14 Oct 2013 17:51:47 +0200
Subject: [PATCH 1/3] Added OSVDB #89441, #89443, #89455

---
 data/plugin_vulns.xml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index a22ddffe..ec493de8 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -2607,6 +2607,7 @@
     <vulnerability>
       <title>WP Symposium &lt;= 12.12 - Multiple SQL Injection Vulnerabilities</title>
       <references>
+        <osvdb>89455</osvdb>
         <secunia>50674</secunia>
         <url>http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/</url>
       </references>
@@ -4609,6 +4610,8 @@
     <vulnerability>
       <title>Cardoza Wordpress poll - Cross-Site Request Forgery Vulnerability</title>
       <references>
+        <osvdb>89443</osvdb>
+        <cve>2013-1401</cve>
         <secunia>51925</secunia>
       </references>
       <type>CSRF</type>
@@ -4649,6 +4652,8 @@
     <vulnerability>
       <title>DVS Custom Notification - Cross-Site Request Forgery Vulnerability</title>
       <references>
+        <osvdb>89441</osvdb>
+        <cve>2012-4921</cve>
         <secunia>51531</secunia>
       </references>
       <type>CSRF</type>
@@ -7205,6 +7210,8 @@
       <references>
         <osvdb>98352</osvdb>
         <cve>2013-5977</cve>
+        <exploitdb>28959</exploitdb>
+        <secunia>55265</secunia>
       </references>
       <type>CSRF</type>
       <fixed_in>1.5.1.15</fixed_in>
@@ -7214,6 +7221,7 @@
       <references>
         <osvdb>98353</osvdb>
         <cve>2013-5978</cve>
+        <exploitdb>28959</exploitdb>
       </references>
       <type>XSS</type>
       <fixed_in>1.5.1.15</fixed_in>

From c3f31e2aeed3cfb065ef5a14c7b0c826527760b2 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Mon, 14 Oct 2013 19:40:05 +0200
Subject: [PATCH 2/3] Update theme_vulns.xml

---
 data/theme_vulns.xml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index 65bdfc3b..7270face 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -1573,8 +1573,10 @@
 
   <theme name="pinboard">
     <vulnerability>
-      <title>Wordpress theme pinboard 1.0.6 XSS</title>
+      <title>pinboard 1.0.6 - includes/theme-options.php tab Parameter XSS</title>
       <references>
+        <osvdb>90070</osvdb>
+        <cve>2013-0286</cve>
         <secunia>52079</secunia>
         <url>http://seclists.org/oss-sec/2013/q1/274</url>
         <url>http://cxsecurity.com/issue/WLB-2013020062</url>

From 587f6adaa1e0116f0d41e34e23c12594b61dffc5 Mon Sep 17 00:00:00 2001
From: Peter van der Laan <vanderlaan.pm@gmail.com>
Date: Mon, 14 Oct 2013 20:03:50 +0200
Subject: [PATCH 3/3] Update plugin_vulns.xml

---
 data/plugin_vulns.xml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index ec493de8..e589e2bd 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -2111,6 +2111,8 @@
     <vulnerability>
       <title>Login With Ajax - Cross-Site Request Forgery Vulnerability</title>
       <references>
+        <osvdb>93031</osvdb>
+        <cve>2013-2707</cve>
         <secunia>52950</secunia>
       </references>
       <type>CSRF</type>
@@ -6078,10 +6080,11 @@
 
   <plugin name="easy-adsense-lite">
     <vulnerability>
-      <title>easy-adsense-lite - CSRF</title>
+      <title>easy-adsense-lite 6.06 - CSRF</title>
       <references>
-        <secunia>52953</secunia>
+        <osvdb>92910</osvdb>
         <cve>2013-2702</cve>
+        <secunia>52953</secunia>
       </references>
       <type>CSRF</type>
       <fixed_in>6.10</fixed_in>