diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index b0d7bf1f..c2a91c6c 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -322,14 +322,13 @@
OpenInviter Information Disclosure
- http://packetstormsecurity.com/files/119265/WordPress-OpenInviter-Information-Disclosure.html
-
+ http://packetstormsecurity.com/files/119265/
UNKNOWN
-
+
RokBox Multiple Vulnerabilities
@@ -337,6 +336,58 @@
MULTI
+
+ RokBox <= 2.13 - XSS,DoS,Disclosure,Upload Vulnerabilities
+
+ 54801
+ http://packetstormsecurity.com/files/118884/
+
+ MULTI
+
+
+
+
+
+ RokIntroScroller <= 1.8 - XSS,DoS,Disclosure,Upload Vulnerabilities
+
+ 54801
+ http://packetstormsecurity.com/files/123302/
+
+ MULTI
+
+
+
+
+
+ RokMicroNews <= 1.5 - XSS,DoS,Disclosure,Upload Vulnerabilities
+
+ 54801
+ http://packetstormsecurity.com/files/123312/
+
+ MULTI
+
+
+
+
+
+ RokNewsPager <= 1.17 - XSS,DoS,Disclosure,Upload Vulnerabilities
+
+ 54801
+ http://packetstormsecurity.com/files/123271/
+
+ MULTI
+
+
+
+
+
+ RokStories <= 1.25 - XSS,DoS,Disclosure,Upload Vulnerabilities
+
+ 54801
+ http://packetstormsecurity.com/files/123270/
+
+ MULTI
+
@@ -387,7 +438,7 @@
Shopping Cart Shell Upload / SQL Injection
- http://packetstormsecurity.com/files/119217/wplevelfour-sqlshell.txt
+ http://packetstormsecurity.com/files/119217/
51690
MULTI
@@ -399,7 +450,7 @@
ReFlex Gallery Shell Upload
- http://packetstormsecurity.com/files/119218/wpreflexgallery-shell.txt
+ http://packetstormsecurity.com/files/119218/
UPLOAD
@@ -409,7 +460,7 @@
Uploader 1.0.4 Shell Upload
- http://packetstormsecurity.com/files/119219/wpuploader104-shell.txt
+ http://packetstormsecurity.com/files/119219/
UPLOAD
@@ -419,7 +470,7 @@
Xerte Online 0.32 Shell Upload
- http://packetstormsecurity.com/files/119220/wpxerteonline-shell.txt
+ http://packetstormsecurity.com/files/119220/
UPLOAD
@@ -429,7 +480,7 @@
Advanced Custom Fields <= 3.5.1 Remote File Inclusion
- http://packetstormsecurity.com/files/119221/wp_advanced_custom_fields_exec.rb.txt
+ http://packetstormsecurity.com/files/119221/
51037
exploit/unix/webapp/wp_advanced_custom_fields_exec
@@ -908,7 +959,7 @@
Catalog HTML Code Injection and Cross-site scripting
- http://packetstormsecurity.org/files/117820/wpcatalog-xss.txt
+ http://packetstormsecurity.com/files/117820/
51143
MULTI
@@ -931,6 +982,13 @@
MULTI
+
+ Wordfence 3.8.1 - XSS
+
+ http://packetstormsecurity.com/files/122993/
+
+ XSS
+
@@ -976,7 +1034,7 @@
BBPress SQL Injection / Path Disclosure
- http://packetstormsecurity.org/files/116123
+ http://packetstormsecurity.com/files/116123/
MULTI
@@ -986,7 +1044,7 @@
NextGen Cu3er Gallery Information Disclosure
- http://packetstormsecurity.org/files/116150
+ http://packetstormsecurity.com/files/116150/
UNKNOWN
@@ -996,7 +1054,7 @@
Rich Widget File Upload
- http://packetstormsecurity.org/files/115787/wprichwidget-shell.txt
+ http://packetstormsecurity.com/files/115787/
UPLOAD
@@ -1006,7 +1064,7 @@
Monsters Editor Shell Upload
- http://packetstormsecurity.org/files/115788/wpmonsters-shell.txt
+ http://packetstormsecurity.com/files/115788/
UPLOAD
@@ -1080,7 +1138,7 @@
Resume Submissions Job Posting v2.5.1 Unrestricted File Upload
- http://www.packetstormsecurity.org/files/114716
+ http://packetstormsecurity.com/files/114716/
UPLOAD
@@ -1143,7 +1201,7 @@
Fancy Gallery 1.2.4 Shell Upload
- http://packetstormsecurity.org/files/114114/
+ http://packetstormsecurity.com/files/114114/
UPLOAD
@@ -1153,7 +1211,7 @@
Flip Book 1.0 Shell Upload
- http://packetstormsecurity.org/files/114112/
+ http://packetstormsecurity.com/files/114112/
UPLOAD
@@ -1163,7 +1221,7 @@
Ajax Multi Upload 1.1 Shell Upload
- http://packetstormsecurity.org/files/114109/
+ http://packetstormsecurity.com/files/114109/
UPLOAD
@@ -1183,7 +1241,7 @@
Wordpress Automatic 2.0.3 CSRF
- http://packetstormsecurity.org/files/113763/
+ http://packetstormsecurity.com/files/113763/
CSRF
@@ -1191,14 +1249,19 @@
- VideoWhisper Video Conference
- 4.51 Arbitrary File Upload Vulnerability
-
+ VideoWhisper Video Conference 4.51 - Arbitrary File Upload Vulnerability
- http://packetstormsecurity.org/files/113580/
+ http://packetstormsecurity.com/files/113580/
UPLOAD
+
+ Video Whisper - XSS
+
+ http://packetstormsecurity.com/files/122943/
+
+ XSS
+
@@ -1207,7 +1270,7 @@
File Upload Vulnerability
- http://packetstormsecurity.org/files/113568/
+ http://packetstormsecurity.com/files/113568/
UPLOAD
@@ -1217,7 +1280,7 @@
LB Mixed Slideshow 1.0 Arbitrary File Upload Vulnerability
- http://packetstormsecurity.org/files/113844/
+ http://packetstormsecurity.com/files/113844/
UPLOAD
@@ -1227,7 +1290,7 @@
Lim4wp 1.1.1 Arbitrary File Upload Vulnerability
- http://packetstormsecurity.org/files/113846/
+ http://packetstormsecurity.com/files/113846/
UPLOAD
@@ -1237,7 +1300,7 @@
Wp-ImageZoom 1.0.3 Remote File Disclosure
- http://packetstormsecurity.org/files/113845/
+ http://packetstormsecurity.com/files/113845/
UNKNOWN
@@ -1247,7 +1310,7 @@
Invit0r 0.22 Shell Upload
- http://packetstormsecurity.org/files/113639/
+ http://packetstormsecurity.com/files/113639/
UPLOAD
@@ -1257,7 +1320,7 @@
Annonces 1.2.0.1 Shell Upload
- http://packetstormsecurity.org/files/113637/
+ http://packetstormsecurity.com/files/113637/
UPLOAD
@@ -1269,7 +1332,7 @@
File Upload Vulnerability
- http://packetstormsecurity.org/files/113571/
+ http://packetstormsecurity.com/files/113571/
UPLOAD
@@ -1288,7 +1351,7 @@
File Upload Vulnerability
- http://packetstormsecurity.org/files/113570/
+ http://packetstormsecurity.com/files/113570/
UPLOAD
@@ -1590,7 +1653,7 @@
Foxypress 0.4.1.1 - 0.4.2.1 Arbitrary File Upload
- http://packetstormsecurity.org/files/113576/
+ http://packetstormsecurity.com/files/113576/
18991
19100
@@ -1600,7 +1663,7 @@
FoxyPress 0.4.2.5 XSS / CSRF / SQL Injection
- http://packetstormsecurity.org/files/117768
+ http://packetstormsecurity.com/files/117768/
51109
MULTI
@@ -1611,7 +1674,7 @@
Track That Stat <= 1.0.8 Cross Site Scripting
- http://packetstormsecurity.org/files/112722/
+ http://packetstormsecurity.com/files/112722/
XSS
@@ -1621,7 +1684,7 @@
WP-Facethumb Gallery <= 0.1 Reflected Cross Site Scripting
- http://packetstormsecurity.org/files/112658/
+ http://packetstormsecurity.com/files/112658/
XSS
@@ -1631,7 +1694,7 @@
Survey And Quiz Tool <= 2.9.2 Cross Site Scripting
- http://packetstormsecurity.org/files/112685/
+ http://packetstormsecurity.com/files/112685/
XSS
@@ -1641,7 +1704,7 @@
WP Statistics <= 2.2.4 Cross Site Scripting
- http://packetstormsecurity.org/files/112686/
+ http://packetstormsecurity.com/files/112686/
XSS
@@ -1651,7 +1714,7 @@
WP Easy Gallery <= 1.7 Cross Site Scripting
- http://packetstormsecurity.org/files/112687/
+ http://packetstormsecurity.com/files/112687/
XSS
@@ -1668,7 +1731,7 @@
Subscribe2 <= 8.0 Cross Site Scripting
- http://packetstormsecurity.org/files/112688/
+ http://packetstormsecurity.com/files/112688/
XSS
@@ -1678,7 +1741,7 @@
Soundcloud Is Gold <= 2.1 Cross Site Scripting
- http://packetstormsecurity.org/files/112689/
+ http://packetstormsecurity.com/files/112689/
XSS
@@ -1686,24 +1749,24 @@
- Sharebar <= 1.2.5 sharebar-admin.php page Parameter XSS
+ Sharebar <= 1.2.5 - sharebar-admin.php page Parameter XSS
98078
- http://packetstormsecurity.org/files/123365/
+ http://packetstormsecurity.com/files/123365/
XSS
- Sharebar <= 1.2.5 Button Manipulation CSRF
+ Sharebar <= 1.2.5 - Button Manipulation CSRF
94843
CSRF
- Sharebar <= 1.2.1 SQL Injection / Cross Site Scripting
+ Sharebar <= 1.2.1 - SQL Injection / Cross Site Scripting
- http://packetstormsecurity.org/files/112690/
+ http://packetstormsecurity.com/files/112690/
MULTI
1.2.2
@@ -1714,7 +1777,7 @@
Share And Follow <= 1.80.3 Cross Site Scripting
- http://packetstormsecurity.org/files/112691/
+ http://packetstormsecurity.com/files/112691/
XSS
@@ -1724,7 +1787,7 @@
SABRE <= 1.2.0 Cross Site Scripting
- http://packetstormsecurity.org/files/112692/
+ http://packetstormsecurity.com/files/112692/
XSS
@@ -1734,7 +1797,7 @@
Pretty Link Lite <= 1.5.2 Cross Site Scripting
- http://packetstormsecurity.org/files/112693/
+ http://packetstormsecurity.com/files/112693/
XSS
@@ -1749,7 +1812,7 @@
WordPress pretty-link plugin XSS in SWF
http://seclists.org/bugtraq/2013/Feb/100
- http://packetstormsecurity.com/files/120433/wpprettylink163-xss.txt
+ http://packetstormsecurity.com/files/120433/
2013-1636
XSS
@@ -1760,7 +1823,7 @@
Newsletter Manager <= 1.0 Cross Site Scripting
- http://packetstormsecurity.org/files/112694/
+ http://packetstormsecurity.com/files/112694/
XSS
@@ -1770,7 +1833,7 @@
Network Publisher <= 5.0.1 Cross Site Scripting
- http://packetstormsecurity.org/files/112695/
+ http://packetstormsecurity.com/files/112695/
XSS
@@ -1780,7 +1843,7 @@
LeagueManager <= 3.7 Cross Site Scripting
- http://packetstormsecurity.org/files/112698/
+ http://packetstormsecurity.com/files/112698/
49949
XSS
@@ -1798,7 +1861,7 @@
Leaflet <= 0.0.1 Cross Site Scripting
- http://packetstormsecurity.org/files/112699/
+ http://packetstormsecurity.com/files/112699/
XSS
@@ -1808,7 +1871,7 @@
PDF And Print Button Joliprint <= 1.3.0 Cross Site Scripting
- http://packetstormsecurity.org/files/112700/
+ http://packetstormsecurity.com/files/112700/
XSS
@@ -1818,7 +1881,7 @@
IFrame Admin Pages <= 0.1 Cross Site Scripting
- http://packetstormsecurity.org/files/112701/
+ http://packetstormsecurity.com/files/112701/
XSS
@@ -1828,7 +1891,7 @@
EZPZ One Click Backup <= 12.03.10 Cross Site Scripting
- http://packetstormsecurity.org/files/112705/
+ http://packetstormsecurity.com/files/112705/
XSS
@@ -1838,7 +1901,7 @@
Dynamic Widgets <= 1.5.1 Cross Site Scripting
- http://packetstormsecurity.org/files/112706/
+ http://packetstormsecurity.com/files/112706/
XSS
@@ -1867,7 +1930,7 @@
Download Monitor <= 3.3.5.4 Cross Site Scripting
- http://packetstormsecurity.org/files/112707/
+ http://packetstormsecurity.com/files/112707/
XSS
@@ -1877,7 +1940,7 @@
Download Manager <= 2.2 Cross Site Scripting
- http://packetstormsecurity.org/files/112708/
+ http://packetstormsecurity.com/files/112708/
XSS
@@ -1887,7 +1950,7 @@
Code Styling Localization <= 1.99.16 Cross Site Scripting
- http://packetstormsecurity.org/files/112709/
+ http://packetstormsecurity.com/files/112709/
XSS
@@ -1897,7 +1960,7 @@
Catablog <= 1.6 Cross Site Scripting
- http://packetstormsecurity.org/files/112619/
+ http://packetstormsecurity.com/files/112619/
XSS
@@ -1907,7 +1970,7 @@
Bad Behavior <= 2.24 Cross Site Scripting
- http://packetstormsecurity.org/files/112619/
+ http://packetstormsecurity.com/files/112619/
XSS
@@ -1917,7 +1980,7 @@
BulletProof Security <= 0.47 Cross Site Scripting
- http://packetstormsecurity.org/files/112618/
+ http://packetstormsecurity.com/files/112618/
XSS
@@ -1947,7 +2010,7 @@
Better WP Security <= 3.2.4 Cross Site Scripting
- http://packetstormsecurity.org/files/112617/
+ http://packetstormsecurity.com/files/112617/
XSS
3.2.5
@@ -1958,7 +2021,7 @@
Custom Contact Forms <= 5.0.0.1 Cross Site Scripting
- http://packetstormsecurity.org/files/112616/
+ http://packetstormsecurity.com/files/112616/
XSS
@@ -1968,14 +2031,14 @@
2-Click-Socialmedia-Buttons <= 0.34 Cross Site Scripting
- http://packetstormsecurity.org/files/112615/
+ http://packetstormsecurity.com/files/112615/
XSS
2-Click-Socialmedia-Buttons <= 0.32.2 Cross Site Scripting
- http://packetstormsecurity.org/files/112711/
+ http://packetstormsecurity.com/files/112711/
XSS
@@ -2011,7 +2074,7 @@
Media Library Categories plugin <= 1.1.1 Cross Site Scripting
- http://packetstormsecurity.org/files/112697/
+ http://packetstormsecurity.com/files/112697/
SQLI
@@ -2021,7 +2084,7 @@
FCKeditor Deans With Pwwangs Code <= 1.0.0 Remote Shell Upload
- http://packetstormsecurity.org/files/111319/
+ http://packetstormsecurity.com/files/111319/
RFI
@@ -2047,14 +2110,14 @@
Zingiri Web Shop <= 2.3.5 Cross Site Scripting
- http://packetstormsecurity.org/files/112684/
+ http://packetstormsecurity.com/files/112684/
XSS
Zingiri Web Shop 2.4.3 Shell Upload
- http://packetstormsecurity.org/files/113668/
+ http://packetstormsecurity.com/files/113668/
UPLOAD
@@ -2064,8 +2127,8 @@
Organizer 1.2.1 Cross Site Scripting / Path Disclosure
- http://packetstormsecurity.org/files/112086
- http://packetstormsecurity.org/files/113800
+ http://packetstormsecurity.com/files/112086/
+ http://packetstormsecurity.com/files/113800/
MULTI
@@ -2075,7 +2138,7 @@
Zingiri Tickets plugin File Disclosure
- http://packetstormsecurity.org/files/111904
+ http://packetstormsecurity.com/files/111904/
UNKNOWN
@@ -2115,7 +2178,7 @@
Register Plus Redux <= 3.8.3 Cross Site Scripting
- http://packetstormsecurity.org/files/111367
+ http://packetstormsecurity.com/files/111367/
XSS
@@ -2125,7 +2188,7 @@
Magn WP Drag and Drop <= 1.1.4 Upload Shell Upload Vulnerability
- http://packetstormsecurity.org/files/110103
+ http://packetstormsecurity.com/files/110103/
UPLOAD
@@ -2145,7 +2208,7 @@
AllWebMenus Shell Upload <= 1.1.9 Shell Upload
- http://packetstormsecurity.org/files/108946/
+ http://packetstormsecurity.com/files/108946/
RFI
@@ -2162,7 +2225,7 @@
Shortcode Redirect <= 1.0.01 Stored Cross Site Scripting
- http://packetstormsecurity.org/files/108914/
+ http://packetstormsecurity.com/files/108914/
XSS
@@ -2192,7 +2255,7 @@
myEASYbackup 1.0.8.1 Directory Traversal
- http://packetstormsecurity.org/files/108711
+ http://packetstormsecurity.com/files/108711/
UNKNOWN
@@ -2209,14 +2272,14 @@
Count Per Day 3.2.3 Cross Site Scripting
- http://packetstormsecurity.org/files/115904
+ http://packetstormsecurity.com/files/115904/
XSS
Count Per Day 3.1.1 Cross Site Scripting
- http://packetstormsecurity.org/files/114787/SSCHADV2012-015.txt
+ http://packetstormsecurity.com/files/114787/
XSS
@@ -2260,7 +2323,7 @@
Yousaytoo Auto Publishing <= 1.0 Cross Site Scripting
- http://packetstormsecurity.org/files/108470
+ http://packetstormsecurity.com/files/108470/
XSS
@@ -2280,7 +2343,7 @@
Whois Search <= 1.4.2 Cross Site Scripting
- http://packetstormsecurity.org/files/108271
+ http://packetstormsecurity.com/files/108271/
XSS
@@ -2588,7 +2651,7 @@
GRAND Flash Album Gallery 1.9.0 and 2.0.0 Multiple Vulnerabilities
- http://packetstormsecurity.org/files/117665/
+ http://packetstormsecurity.com/files/117665/
http://www.waraxe.us/advisory-94.html
51601
@@ -2611,7 +2674,7 @@
GRAND Flash Album Gallery <= 1.71 XSS Vulnerability
- http://packetstormsecurity.org/files/112704
+ http://packetstormsecurity.com/files/112704/
XSS
@@ -2692,7 +2755,7 @@
WP Forum Server plugin <= 1.7.3 SQL Injection / XSS Vulnerabilities
- http://www.packetstormsecurity.org/files/112703
+ http://packetstormsecurity.com/files/112703/
MULTI
@@ -2722,7 +2785,7 @@
WordPress Comment Rating 2.9.32 SQL Injection / Bypass
- http://packetstormsecurity.com/files/120569/wpcomment2932-sqlbypass.txt
+ http://packetstormsecurity.com/files/120569/
MULTI
@@ -2771,7 +2834,7 @@
Mingle Forum <= 1.0.32.1 Cross Site Scripting / SQL Injection
- http://packetstormsecurity.org/files/108915/
+ http://packetstormsecurity.com/files/108915/
MULTI
@@ -2792,7 +2855,7 @@
Mingle Forum <= 1.0.33 Cross Site Scripting
- http://packetstormsecurity.org/files/112696/
+ http://packetstormsecurity.com/files/112696/
MULTI
@@ -2836,12 +2899,19 @@
- NextGEN Smooth Gallery Blind SQL Injection Vulnerability
+ NextGEN Smooth Gallery - Blind SQL Injection Vulnerability
14541
SQLI
+
+ NextGen Smooth Gallery - XSS
+
+ http://packetstormsecurity.com/files/123074/
+
+ XSS
+
@@ -3228,7 +3298,7 @@
- plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability
+ fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability
4993
@@ -3429,7 +3499,7 @@
Evarisk 5.1.5.4 Shell Upload
- http://packetstormsecurity.org/files/113638/
+ http://packetstormsecurity.com/files/113638/
UPLOAD
@@ -3810,7 +3880,7 @@
TheCartPress <= 1.6 Cross Site Sripting
- http://packetstormsecurity.org/files/108272/
+ http://packetstormsecurity.com/files/108272/
XSS
@@ -4151,7 +4221,7 @@
GD Star Rating plugin <= 1.9.16 Cross Site Scripting
- http://www.packetstormsecurity.org/files/112702
+ http://packetstormsecurity.com/files/112702/
XSS
@@ -4231,26 +4301,27 @@
- BackWPUp 2.1.4 Code Execution
+ BackWPUp 2.1.4 - Code Execution
17987
RCE
- plugin BackWPup 1.5.2, 1.6.1, 1.7.1 Remote and Local Code Execution Vulnerability
+ plugin BackWPup 1.5.2, 1.6.1, 1.7.1 - Remote and Local Code Execution Vulnerability
71481
RCE
- BackWPup wp-admin/admin.php tab Parameter XSS
+ BackWPup 3.0.12 - wp-admin/admin.php tab Parameter XSS
2013-4626
https://www.htbridge.com/advisory/HTB23161
96505
54515
+ http://packetstormsecurity.com/files/122916/
XSS
3.0.13
@@ -4344,7 +4415,7 @@
floating-tweets persistent XSS
- http://packetstormsecurity.com/files/119499/floatingtweets-xsstraversal.txt
+ http://packetstormsecurity.com/files/119499/
http://websecurity.com.ua/6023/
XSS
@@ -4352,7 +4423,7 @@
floating-tweets directory traversal
- http://packetstormsecurity.com/files/119499/floatingtweets-xsstraversal.txt
+ http://packetstormsecurity.com/files/119499/
http://websecurity.com.ua/6023/
UNKNOWN
@@ -4400,6 +4471,17 @@
+
+
+ SlimStat-Ex - Open Flash Chart Arbitrary File Creation Vulnerability
+
+ 55160
+ http://packetstormsecurity.com/files/123494/
+
+ UPLOAD
+
+
+
browser-rejector Remote and Local File Inclusion
@@ -4474,7 +4556,7 @@
- WordPress Events Manager Plugin Multiple Cross-Site Scripting Vulnerabilities
+ Events Manager - Multiple XSS Vulnerabilities
51869
@@ -4482,7 +4564,7 @@
5.3.4
- WordPress Events Manager Multiple Cross Site Scripting Vulnerabilities
+ Events Manager - Multiple XSS Vulnerabilities
http://www.securityfocus.com/bid/60078
53478
@@ -4491,6 +4573,14 @@
XSS
5.3.9
+
+ Events Manager - Multiple Unspecified XSS Vulnerabilities
+
+ 55182
+
+ XSS
+ 5.5.2
+
@@ -4610,7 +4700,7 @@
SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin
https://www.htbridge.com/advisory/HTB23140
- http://packetstormsecurity.com/files/120089/wpwysijanl-sql.txt
+ http://packetstormsecurity.com/files/120089/
http://seclists.org/bugtraq/2013/Feb/29
http://cxsecurity.com/issue/WLB-2013020039
@@ -5025,7 +5115,7 @@
Wordpress wp-table-reloaded plugin cross-site scripting in SWF
- http://packetstormsecurity.com/files/119968/wptablereloaded-xss.txt
+ http://packetstormsecurity.com/files/119968/
52027
http://seclists.org/bugtraq/2013/Feb/28
@@ -5078,7 +5168,7 @@
Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin
https://www.htbridge.com/advisory/HTB23138
- http://packetstormsecurity.com/files/120090/wpcommentluv-xss.txt
+ http://packetstormsecurity.com/files/120090/
http://seclists.org/bugtraq/2013/Feb/30
http://cxsecurity.com/issue/WLB-2013020040
52092
@@ -5180,7 +5270,7 @@
smart-flv jwplayer.swf XSS
http://www.openwall.com/lists/oss-security/2013/02/24/7
- http://packetstormsecurity.com/files/115100/jwplayer-xss.txt
+ http://packetstormsecurity.com/files/115100/
90606
XSS
@@ -5213,7 +5303,7 @@
Marekkis Watermark Cross Site Scripting
- http://packetstormsecurity.com/files/120378/wpmarekkiswatermark-xss.txt
+ http://packetstormsecurity.com/files/120378/
XSS
@@ -5223,7 +5313,7 @@
Responsive Logo Slideshow Cross Site Scripting
- http://packetstormsecurity.com/files/120379/wpresponsivelogo-xss.txt
+ http://packetstormsecurity.com/files/120379/
XSS
@@ -5534,7 +5624,7 @@
Terillion Reviews Cross Site Scripting
- http://packetstormsecurity.com/files/120730/wpterillionreviews-xss.txt
+ http://packetstormsecurity.com/files/120730/
XSS
@@ -5690,8 +5780,7 @@
podPress 8.8.10.13 Cross Site Scripting
- http://packetstormsecurity.com/files/121011/WordPress-podPress-8.8.10.13-Cross-Site-Scripting.html
-
+ http://packetstormsecurity.com/files/121011/
XSS
@@ -6120,8 +6209,7 @@
ADIF Log Search Widget XSS Arbitrary Vulnerability
- http://packetstormsecurity.com/files/121777/ADIF-Log-Search-Widget-1.0e-Cross-Site-Scripting.html
-
+ http://packetstormsecurity.com/files/121777/
53599
93721
@@ -6462,27 +6550,33 @@
- CSRF vulnerability in IndiaNIC Testimonial 2.2
+ IndiaNIC Testimonial 2.2 - CSRF vulnerability
http://seclists.org/fulldisclosure/2013/Sep/5
2013-5672
28054
+ http://packetstormsecurity.com/files/123036/
+ CSRF
- SQL Injection vulnerability in IndiaNIC Testimonial 2.2
+ IndiaNIC Testimonial 2.2 - SQL Injection vulnerability
http://seclists.org/fulldisclosure/2013/Sep/5
2013-5673
28054
+ http://packetstormsecurity.com/files/123036/
+ SQLI
- XSS vulnerability in IndiaNIC Testimonial 2.2
+ IndiaNIC Testimonial 2.2 - XSS vulnerability
http://seclists.org/fulldisclosure/2013/Sep/5
28054
+ http://packetstormsecurity.com/files/123036/
+ XSS
@@ -6509,46 +6603,55 @@
- /admin/walkthrough/walkthrough.php step Parameter Reflected XSS
+ Design Approval System 3.6 - XSS Vulnerability
http://seclists.org/bugtraq/2013/Sep/54
+ http://packetstormsecurity.com/files/123227/
2013-5711
97279
3.7
+ XSS
- Multiple Administrator Action CSRF
+ Event Easy Calendar 1.0.0 - Multiple Administrator Action CSRF
97042
+ http://packetstormsecurity.com/files/123132/
+ CSRF
- Multiple Unspecified XSS
+ Event Easy Calendar 1.0.0 - Multiple Unspecified XSS
97041
+ http://packetstormsecurity.com/files/123132/
+ XSS
- falha.php URI Reflected XSS
+ Bradesco - falha.php URI Reflected XSS
97624
2013-5916
+ http://packetstormsecurity.com/files/123356/
+ XSS
- New Post Title Field Stored XSS
+ Social Hashtags 2.0.0 - New Post Title Field Stored XSS
98027
+ http://packetstormsecurity.com/files/123485/
XSS
@@ -6566,9 +6669,10 @@
- Lazy SEO lazyseo.php File Upload Arbitrary Code Execution
+ Lazy SEO 1.1.9 - lazyseo.php File Upload Arbitrary Code Execution
- http://packetstormsecurity.com/files/123349/wplazyseo-shell.txt
+ http://packetstormsecurity.com/files/123349/
+ http://xforce.iss.net/xforce/xfdb/87384
97662
2013-5961
28452
@@ -6581,7 +6685,7 @@
SEO Watcher - Open Flash Chart Arbitrary File Creation Vulnerability
- http://packetstormsecurity.com/files/123493/wpseowatcher-exec.txt
+ http://packetstormsecurity.com/files/123493/
55162
UPLOAD
@@ -6593,6 +6697,7 @@
All in One SEO Pack <= 2.3.0 - XSS Vulnerability
http://archives.neohapsis.com/archives/bugtraq/2013-10/0006.html
+ http://packetstormsecurity.com/files/123490/
55133
2.3.0.1
@@ -6604,7 +6709,7 @@
Simple Dropbox Upload - Arbitrary File Upload Vulnerability
- http://packetstormsecurity.com/files/123235/wpsdu-shell.txt
+ http://packetstormsecurity.com/files/123235/
http://xforce.iss.net/xforce/xfdb/87166
54856
2013-5963
@@ -6629,7 +6734,7 @@
miniAudioPlayer - Two XSS Vulnerabilities
54979
- http://packetstormsecurity.com/files/123372/wpminiaudioplayer-xss.txt
+ http://packetstormsecurity.com/files/123372/
XSS
@@ -6645,4 +6750,110 @@
+
+
+ Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability
+
+ 97481
+ 54894
+ 2013-5962
+ 28377
+ http://packetstormsecurity.com/files/123303/
+ http://xforce.iss.net/xforce/xfdb/87172
+
+ 3.3.4
+ UPLOAD
+
+
+
+
+
+ LBG Zoominoutslider - XSS Vulnerability
+
+ http://packetstormsecurity.com/files/123367/
+
+ XSS
+
+
+
+
+
+ Woopra - Remote Code Execution
+
+ http://packetstormsecurity.com/files/123525/
+
+ RCE
+
+
+
+
+
+ fGallery_Plus - XSS
+
+ http://packetstormsecurity.com/files/123347/
+
+ XSS
+
+
+
+
+
+ NOSpamPTI 2.1 - Blind SQL Injection
+
+ http://packetstormsecurity.com/files/123331/
+
+ SQLI
+
+
+
+
+
+ Comment Attachment 1.0 - XSS Vulnerability
+
+ http://packetstormsecurity.com/files/123327/
+
+ XSS
+
+
+
+
+
+ Mukioplayer 1.6 - SQL Injection
+
+ http://packetstormsecurity.com/files/123231/
+
+ SQLI
+
+
+
+
+
+ Encrypted Blog 0.0.6.2 - XSS, Open Redirect
+
+ http://packetstormsecurity.com/files/122992/
+
+ XSS
+
+
+
+
+
+ Simple Login Registration 1.0.1 - XSS
+
+ http://packetstormsecurity.com/files/122963/
+
+ XSS
+
+
+
+
+
+ Post Gallery - XSS
+
+ http://packetstormsecurity.com/files/122957/
+
+ XSS
+
+
+
diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index 7923a981..0b40a53c 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -1704,4 +1704,25 @@
+
+
+ MORE+ Theme: prettyPhoto XSS Vulnerability
+
+ 54924
+ http://archives.neohapsis.com/archives/fulldisclosure/2013-09/0177.html
+
+ XSS
+
+
+
+
+
+ silverOrchid - XSS Vulnerability
+
+ http://packetstormsecurity.com/files/122986/
+
+ XSS
+
+
+
diff --git a/data/timthumbs.txt b/data/timthumbs.txt
index 23571a00..b25a87f1 100644
--- a/data/timthumbs.txt
+++ b/data/timthumbs.txt
@@ -180,11 +180,24 @@ $wp-plugins$/wp-pagenavi/scripts/timthumb.php
$wp-plugins$/wp-pagenavi/thumb.php
$wp-plugins$/wp-pagenavi/timthumb.php
$wp-plugins$/wp-pagenavi/timthumb.phptimthumb.php
+$wp-plugins$/wp_rokbox/thumb.php
+$wp-plugins$/wp_rokbox/thumb.phpthumb.php
+$wp-plugins$/wp_rokbox/thumb.phptimthumb.php
+$wp-plugins$/wp_rokbox/timthumb.php
+$wp-plugins$/wp_rokintroscroller/thumb.php
+$wp-plugins$/wp_rokintroscroller/thumb.phpthumb.php
+$wp-plugins$/wp_rokintroscroller/thumb.phptimthumb.php
+$wp-plugins$/wp_rokintroscroller/timthumb.php
+$wp-plugins$/wp_rokmicronews/thumb.php
+$wp-plugins$/wp_rokmicronews/thumb.phpthumb.php
+$wp-plugins$/wp_rokmicronews/thumb.phptimthumb.php
+$wp-plugins$/wp_rokmicronews/timthumb.php
$wp-plugins$/wp_roknewspager/thumb.php
$wp-plugins$/wp_roknewspager/thumb.phpthumb.php
$wp-plugins$/wp_roknewspager/thumb.phptimthumb.php
$wp-plugins$/wp_roknewspager/timthumb.php
$wp-plugins$/wp_rokstories/thumb.php
+$wp-plugins$/wp_rokstories/thumb.phpthumb.php
$wp-plugins$/wp_rokstories/thumb.phptimthumb.php
$wp-plugins$/wp_rokstories/timthumb.php
$wp-plugins$/wps3slider/scripts/timthumb.php