diff --git a/lib/common/models/wp_version/vulnerable.rb b/lib/common/models/wp_version/vulnerable.rb
index f50894b9..0ab7d818 100644
--- a/lib/common/models/wp_version/vulnerable.rb
+++ b/lib/common/models/wp_version/vulnerable.rb
@@ -2,6 +2,7 @@
 
 class WpVersion < WpItem
   module Vulnerable
+
     def vulns_file
       unless @vulns_file
         @vulns_file = WP_VULNS_FILE
@@ -12,5 +13,6 @@ class WpVersion < WpItem
     def vulns_xpath
       "//wordpress[@version='#{@number}']/vulnerability"
     end
+
   end
 end
diff --git a/spec/lib/common/models/wp_version_spec.rb b/spec/lib/common/models/wp_version_spec.rb
index 96fb3666..d3e1518b 100644
--- a/spec/lib/common/models/wp_version_spec.rb
+++ b/spec/lib/common/models/wp_version_spec.rb
@@ -3,9 +3,16 @@
 require 'spec_helper'
 
 describe WpVersion do
+  it_behaves_like 'WpVersion::Vulnerable'
+  it_behaves_like 'WpItem::Vulnerable' do
+    let(:options)        { { number: '3.2' } }
+    let(:vulns_file)     { MODELS_FIXTURES + '/wp_version/vulnerable/versions_vulns.xml' }
+    let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('Here I Am', 'SQLI', ['http://ref1.com']) }
+  end
+
   subject(:wp_version) { WpVersion.new(uri, options) }
-  let(:uri)            { URI.parse('http://example.com') }
-  let(:options)        { {} }
+  let(:uri)            { URI.parse('http://example.com/') }
+  let(:options)        { { number: '1.2' } }
 
   describe '#allowed_options' do
     [:number, :found_from].each do |sym|
diff --git a/spec/samples/common/models/wp_version/vulnerable/versions_vulns.xml b/spec/samples/common/models/wp_version/vulnerable/versions_vulns.xml
new file mode 100644
index 00000000..78b37b65
--- /dev/null
+++ b/spec/samples/common/models/wp_version/vulnerable/versions_vulns.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<vulnerabilities>
+  <wordpress version="3.5">
+    <vulnerability>
+      <title>I should not appear in the results</title>
+      <reference>http://ref2.com</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </wordpress>
+
+  <wordpress version="3.2">
+    <vulnerability>
+      <title>Here I Am</title>
+      <reference>http://ref1.com</reference>
+      <type>SQLI</type>
+    </vulnerability>
+  </wordpress>
+</vulnerabilities>
diff --git a/spec/shared_examples/wp_version_vulnerable.rb b/spec/shared_examples/wp_version_vulnerable.rb
new file mode 100644
index 00000000..81f35d0d
--- /dev/null
+++ b/spec/shared_examples/wp_version_vulnerable.rb
@@ -0,0 +1,26 @@
+# encoding: UTF-8
+
+shared_examples 'WpVersion::Vulnerable' do
+
+  describe '#vulns_file' do
+    after { subject.vulns_file.should == @expected }
+
+    context 'when :vulns_file is no set' do
+      it 'returns the default one' do
+        @expected = WP_VULNS_FILE
+      end
+    end
+
+    context 'when the :vulns_file is already set' do
+      it 'returns it' do
+        @expected          = 'test.xml'
+        subject.vulns_file = @expected
+      end
+    end
+  end
+
+  describe '#vulns_xpath' do
+    its(:vulns_xpath) { should == "//wordpress[@version='1.2']/vulnerability" }
+  end
+
+end