diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 122b1269..f75198f3 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -6063,10 +6063,20 @@
   </plugin>
 
   <plugin name="sagepay-direct-for-woocommerce-payment-gateway">
+    <vulnerability>
+      <title>WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DRedirect.php Multiple Parameter Reflected XSS</title>
+      <references>
+        <osvdb>102882</osvdb>
+        <secunia>56801</secunia>
+      </references>
+      <type>XSS</type>
+      <fixed_in>0.1.6.7</fixed_in>
+    </vulnerability>
     <vulnerability>
       <title>WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DCallBack.php Multiple Parameter Reflected XSS</title>
       <references>
         <osvdb>102746</osvdb>
+        <secunia>56801</secunia>
       </references>
       <type>XSS</type>
       <fixed_in>0.1.6.7</fixed_in>
@@ -6075,6 +6085,7 @@
       <title>WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DComplete.php Multiple Parameter Reflected XSS</title>
       <references>
         <osvdb>102747</osvdb>
+        <secunia>56801</secunia>
       </references>
       <type>XSS</type>
       <fixed_in>0.1.6.7</fixed_in>
@@ -10791,4 +10802,15 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="delightful-downloads">
+    <vulnerability>
+      <title>Delightful Downloads 1.3.1.1 - meta-boxes.php dedo_meta_boxes_save Function Multiple Action Authorization Bypass</title>
+      <references>
+        <osvdb>102932</osvdb>
+      </references>
+      <type>AUTHBYPASS</type>
+      <fixed_in>1.3.2</fixed_in>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>
diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index 0daf7866..b486b0fc 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -2900,6 +2900,14 @@
   </theme>
 
   <theme name="infocus">
+    <vulnerability>
+      <title>InFocus - prettyPhoto Cross-Site Scripting Vulnerability</title>
+      <references>
+        <secunia>56583</secunia>
+        <url>http://packetstormsecurity.com/files/124960/</url>
+      </references>
+      <type>XSS</type>
+    </vulnerability>
     <vulnerability>
       <title>InFocus 3.3 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion</title>
       <references>
@@ -2908,7 +2916,7 @@
         <url>http://www.securityfocus.com/bid/64501</url>
       </references>
       <type>UNKNOWN</type>
-      <fixed_in>2.5</fixed_in>
+      <fixed_in>3.4</fixed_in>
     </vulnerability>
     <vulnerability>
       <title>InFocus 3.3 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download</title>
@@ -2967,4 +2975,16 @@
     </vulnerability>
   </theme>
 
+  <theme name="dandelion">
+    <vulnerability>
+      <title>Dandelion - Arbitry File Upload</title>
+      <references>
+        <osvdb>99043</osvdb>
+        <exploitdb>31424</exploitdb>
+        <url>http://packetstormsecurity.com/files/125098/</url>
+      </references>
+      <type>UPLOAD</type>
+    </vulnerability>
+  </theme>
+
 </vulnerabilities>