From ef0253ee9eb5f32d927c0800d601d2261bb0d66c Mon Sep 17 00:00:00 2001
From: Peter <vanderlaan.pm@gmail.com>
Date: Fri, 11 Jul 2014 16:20:46 +0200
Subject: [PATCH] Added CVE's. Update #554

---
 data/plugin_vulns.xml | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 8cbf06d5..695f5b47 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -1839,6 +1839,14 @@
       <type>RCE</type>
       <fixed_in>4.29.5</fixed_in>
     </vulnerability>
+    <vulnerability>
+     <title>VideoWhisper Live Streaming Integration &lt; 4.27.2 - XSS vulnerability in ls/vv_login.php via room_name parameter</title>
+      <references>
+        <cve>2014-4569</cve>
+        <url>http://codevigilant.com/disclosure/wp-plugin-videowhisper-live-streaming-integration-a3-cross-site-scripting-xss/</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
     <vulnerability>
       <title>VideoWhisper Live Streaming Integration - ls/htmlchat.php Multiple Parameter XSS</title>
       <references>
@@ -13398,4 +13406,37 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="xen-carousel">
+    <vulnerability>
+     <title>XEN Carousel &lt; 0.12.2 - XSS vulnerabilities in xencarousel-admin.js.php via path or ajaxpath parameter</title>
+      <references>
+        <cve>2014-4602</cve>
+        <url>http://codevigilant.com/disclosure/wp-plugin-xen-carousel-a3-cross-site-scripting-xss/</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="wp-media-player">
+    <vulnerability>
+     <title>WP Silverlight Media Player &lt; 0.8 - XSS vulnerability in uploader.php via the post_id parameter</title>
+      <references>
+        <cve>2014-4589</cve>
+        <url>http://codevigilant.com/disclosure/wp-plugin-wp-media-player-a3-cross-site-scripting-xss/</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
+  <plugin name="wp-microblogs">
+    <vulnerability>
+     <title>WP Microblogs plugin &lt; 0.4.0 - XSS vulnerability in get.php via the oauth_verifier parameter</title>
+      <references>
+        <cve>2014-4590</cve>
+        <url>http://codevigilant.com/disclosure/wp-plugin-wp-microblogs-a3-cross-site-scripting-xss/</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>