From 7dc4fd6fb20557f1dda46fddb73269751eaba402 Mon Sep 17 00:00:00 2001 From: ethicalhack3r Date: Sat, 27 Oct 2012 23:03:14 +0200 Subject: [PATCH] Added some WP vulns from info on cvedetails.com. See issue #33 --- data/wp_vulns.xml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/data/wp_vulns.xml b/data/wp_vulns.xml index d79b0a08..f2f2b9a4 100644 --- a/data/wp_vulns.xml +++ b/data/wp_vulns.xml @@ -23,6 +23,14 @@ This file contains vulnerabilities associated with WordPress verions. --> + + + + WordPress 3.4.2 Cross Site Request Forgery + http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.html + + + Wordpress 3.3.1 Multiple CSRF Vulnerabilities @@ -73,6 +81,13 @@ This file contains vulnerabilities associated with WordPress verions. + + + WordPress wp-includes/formatting.php make_clickable() PCRE Library Remote DoS + http://osvdb.org/show/osvdb/72142 + + + SQL injection vulnerability in do_trackbacks() Wordpress function @@ -84,6 +99,20 @@ This file contains vulnerabilities associated with WordPress verions. + + + WordPress XML-RPC Interface Access Restriction Bypass + http://osvdb.org/69761 + + + + + + WordPress: Information Disclosure via SQL Injection Attack + http://blog.sjinks.pro/wordpress/858-information-disclosure-via-sql-injection-attack/ + + + WordPress 2.9 Failure to Restrict URL Access