Merge branch 'master' into new-enumeration-system

data/plugin_vulns.xml

@@ -4096,4 +4096,86 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="mathjax-latex">
+    <vulnerability>
+      <title>Mathjax Latex 1.1 CSRF Vulnerability</title>
+      <reference>http://1337day.com/exploit/20566</reference>
+      <type>CSRF</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="wp-banners-lite">
+    <vulnerability>
+      <title>XSS vulnerability on WP-Banners-Lite</title>
+      <reference>http://seclists.org/fulldisclosure/2013/Mar/209</reference>
+      <reference>http://threatpost.com/en_us/blogs/xss-flaw-wordpress-plugin-allows-injection-malicious-code-032513</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="backupbuddy">
+    <vulnerability>
+      <title>Backupbuddy - sensitive data exposure in importbuddy.php</title>
+      <reference>http://seclists.org/fulldisclosure/2013/Mar/206</reference>
+      <reference>http://archives.neohapsis.com/archives/fulldisclosure/2013-03/0205.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="wp-funeral-press">
+    <vulnerability>
+      <title>WP FuneralPress - Stored XSS in Guestbook</title>
+      <reference>http://seclists.org/fulldisclosure/2013/Mar/282</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="chikuncount">
+    <vulnerability>
+      <title>ofc_upload_image.php Arbitrary File Upload Vulnerability</title>
+      <reference>http://www.exploit-db.com/exploits/24492/</reference>
+      <type>UPLOAD</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="open-flash-chart-core-wordpress-plugin">
+    <vulnerability>
+      <title>ofc_upload_image.php Arbitrary File Upload Vulnerability</title>
+      <reference>http://www.exploit-db.com/exploits/24492/</reference>
+      <type>UPLOAD</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="spamtask">
+    <vulnerability>
+      <title>ofc_upload_image.php Arbitrary File Upload Vulnerability</title>
+      <reference>http://www.exploit-db.com/exploits/24492/</reference>
+      <type>UPLOAD</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="php-analytics">
+    <vulnerability>
+      <title>ofc_upload_image.php Arbitrary File Upload Vulnerability</title>
+      <reference>http://www.exploit-db.com/exploits/24492/</reference>
+      <type>UPLOAD</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="seo-spy-google-wordpress-plugin">
+    <vulnerability>
+      <title>ofc_upload_image.php Arbitrary File Upload Vulnerability</title>
+      <reference>http://www.exploit-db.com/exploits/24492/</reference>
+      <type>UPLOAD</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="wp-seo-spy-google">
+    <vulnerability>
+      <title>ofc_upload_image.php Arbitrary File Upload Vulnerability</title>
+      <reference>http://www.exploit-db.com/exploits/24492/</reference>
+      <type>UPLOAD</type>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>

data/theme_vulns.xml

@@ -1221,7 +1221,7 @@
       <type>XSS</type>
     </vulnerability>
   </theme>
-  
+
   <theme name="pinboard">
     <vulnerability>
       <title>Wordpress theme pinboard 1.0.6 XSS</title>
@@ -1264,4 +1264,21 @@
     </vulnerability>
   </theme>
 
+  <theme name="felici">
+    <vulnerability>
+      <title>felici XSS Vulnerability</title>
+      <reference>http://1337day.com/exploit/20560</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </theme>
+
+  <theme name="classic">
+    <vulnerability>
+      <title>CVE-2007-4483: Classic v1.5 Theme PHP_SELF XSS</title>
+      <reference>http://osvdb.org/38450</reference>
+      <reference>http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-4483</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </theme>
+
 </vulnerabilities>