diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index f386187f..e5f0af14 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -6052,8 +6052,7 @@
social-media-widget - malicious code
http://plugins.trac.wordpress.org/changeset?reponame=&old=691839%40social-media-widget%2Ftrunk&new=693941%40social-media-widget%2Ftrunk
- http://slashdot.org/submission/2592777/top-wordpress-widget-sold-off-turned-into-seo-spambot
-
+ http://slashdot.org/submission/2592777/top-wordpress-widget-sold-off-turned-into-seo-spambot
UNKNOWN
4.0.2
@@ -7577,7 +7576,16 @@
XSS
+
+
+
+ Blue Wrench Video-Widget CSRF and Persistent XSS 0day Disclosure
+
+ http://securityundefined.com/wordpress-plugin-blue-wrench-video-widget-csrf-persistent-xss-0day-disclosure/
+
+ MULTI
+
diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index 98407dff..37b89e22 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -1246,6 +1246,16 @@
+
+
+ DailyDeal - Shell Upload
+
+ http://packetstormsecurity.com/files/123748/
+
+ RCE
+
+
+
WooThemes WooFramework Remote Unauthenticated Shortcode Execution
@@ -1690,6 +1700,7 @@
Slash WP - FPD, XSS and CS vulnerabilities
+ http://packetstormsecurity.com/files/123748/
http://seclists.org/fulldisclosure/2013/Jun/166
MULTI