From 9a2141025a10be5f56c96967747ba72739ef813e Mon Sep 17 00:00:00 2001
From: ethicalhack3r <ryandewhurst@gmail.com>
Date: Wed, 9 Apr 2014 16:30:20 +0200
Subject: [PATCH] Added WP 3.8.1 vulns. See #448

---
 data/wp_vulns.xml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/data/wp_vulns.xml b/data/wp_vulns.xml
index cd8355c2..f763cf8f 100644
--- a/data/wp_vulns.xml
+++ b/data/wp_vulns.xml
@@ -3,6 +3,24 @@
 <vulnerabilities xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                  xsi:noNamespaceSchemaLocation="vuln.xsd">
 
+  <wordpress version="3.8.1">
+    <vulnerability>
+      <title>Administrator-exploitable blind SQLi in WordPress 3.8.1</title>
+      <references>
+        <url>https://security.dxw.com/advisories/sqli-in-wordpress-3-6-1/</url>
+      </references>
+      <type>SQLI</type>
+    </vulnerability>
+    <vulnerability>
+      <title>Potential Authentication Cookie Forgery</title>
+      <references>
+        <url>https://github.com/WordPress/WordPress/commit/78a915e0e5927cf413aa6c2cef2fca3dc587f8be</url>
+        <cve>CVE-2014-0166</cve>
+      </references>
+      <type>AUTHBYPASS</type>
+    </vulnerability>
+  </wordpress>
+
   <wordpress version="3.8">
     <vulnerability>
       <title>wp-admin/options-writing.php Cleartext Admin Credentials Disclosure</title>