Merge pull request #611 from fgeek/pluginvulns

mp3-jplayer vulnerability, references

data/plugin_vulns.xml

@@ -8300,6 +8300,7 @@
     <vulnerability>
       <title>jammer &lt;= 0.2 - jPlayer.swf XSS</title>
       <references>
+        <osvdb>92254</osvdb>
         <secunia>53106</secunia>
       </references>
       <type>XSS</type>
@@ -12058,6 +12059,14 @@
       </references>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>MP3-jPlayer 1.8.3 - jPlayer.swf XSS</title>
+      <references>
+        <osvdb>92254</osvdb>
+      </references>
+      <fixed_in>1.8.4</fixed_in>
+      <type>XSS</type>
+    </vulnerability>
   </plugin>
 
   <plugin name="google-analytics-mu">
@@ -12124,11 +12133,13 @@
       <title>XCloner 3.1.0 - Multiple Actions CSRF</title>
       <references>
         <cve>2014-2340</cve>
+        <cve>2014-2579</cve>
         <osvdb>104402</osvdb>
         <secunia>57362</secunia>
         <exploitdb>32701</exploitdb>
         <url>http://packetstormsecurity.com/files/125991/</url>
         <url>https://www.htbridge.com/advisory/HTB23206</url>
+        <url>https://www.htbridge.com/advisory/HTB23207</url>
       </references>
       <type>CSRF</type>
       <fixed_in>3.1.1</fixed_in>
@@ -13386,6 +13397,7 @@
      <title>Toolpage 1.6.1 - XSS vulnerability in includes/getTipo.php</title>
       <references>
         <cve>2014-4560</cve>
+        <osvdb>108704</osvdb>
         <url>http://codevigilant.com/disclosure/wp-plugin-toolpage-a3-cross-site-scripting-xss/</url>
       </references>
       <type>XSS</type>
@@ -13397,6 +13409,7 @@
      <title>Cloak and Encrypt &lt; 2.0 - XSS vulnerability in go.php</title>
       <references>
         <cve>2014-4563</cve>
+        <osvdb>108895</osvdb>
         <url>http://codevigilant.com/disclosure/wp-plugin-url-cloak-encrypt-a3-cross-site-scripting-xss/</url>
       </references>
       <type>XSS</type>