added another few secunia advisories
This commit is contained in:
Christian Mehlmauer
@@ -37,7 +37,7 @@
|
||||
<type>LFI</type>
|
||||
</vulnerability>
|
||||
<vulnerability>
|
||||
<title>UnGallery Arbitrary Command Execution</title>
|
||||
<title>UnGallery Arbitrary < 2.1.6 Command Execution</title>
|
||||
<reference>http://secunia.com/advisories/50875/</reference>
|
||||
<reference>http://ceriksen.com/2012/10/23/wordpress-ungallery-remote-command-injection-vulnerability/</reference>
|
||||
<type>RCE</type>
|
||||
@@ -46,7 +46,7 @@
|
||||
|
||||
<plugin name="thanks-you-counter-button">
|
||||
<vulnerability>
|
||||
<title>Thank You Counter Button XSS</title>
|
||||
<title>Thank You Counter Button < 1.8.3 XSS</title>
|
||||
<reference>http://secunia.com/advisories/50977/</reference>
|
||||
<type>XSS</type>
|
||||
</vulnerability>
|
||||
@@ -54,7 +54,7 @@
|
||||
|
||||
<plugin name="bookings">
|
||||
<vulnerability>
|
||||
<title>Bookings XSS</title>
|
||||
<title>Bookings < 1.8.3 XSS</title>
|
||||
<reference>http://secunia.com/advisories/50975/</reference>
|
||||
<type>XSS</type>
|
||||
</vulnerability>
|
||||
@@ -577,6 +577,7 @@
|
||||
<vulnerability>
|
||||
<title>Answer My Question 1.1 Multiple XSS</title>
|
||||
<reference>http://www.securityfocus.com/archive/1/524625/30/0/threaded</reference>
|
||||
<reference>http://secunia.com/advisories/50655/</reference>
|
||||
<type>XSS</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
@@ -594,6 +595,7 @@
|
||||
<vulnerability>
|
||||
<title>Wordfence 3.3.5 XSS and IAA</title>
|
||||
<reference>http://seclists.org/fulldisclosure/2012/Oct/139</reference>
|
||||
<reference>http://secunia.com/advisories/51055/</reference>
|
||||
<type>MULTI</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
@@ -925,6 +927,11 @@ File Upload Vulnerability</title>
|
||||
<reference>http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html</reference>
|
||||
<type>XSS</type>
|
||||
</vulnerability>
|
||||
<vulnerability>
|
||||
<title>WordPress Mac Photo Gallery Plugin Two Security Bypass Security Issues</title>
|
||||
<reference>http://secunia.com/advisories/49923/</reference>
|
||||
<type>AUTHBYPASS</type>
|
||||
</vulnerability>
|
||||
<vulnerability>
|
||||
<title>Mac Photo Gallery 2.7 Arbitrary File Upload</title>
|
||||
<reference>http://www.exploit-db.com/exploits/19056/</reference>
|
||||
@@ -1269,6 +1276,7 @@ File Upload Vulnerability</title>
|
||||
<vulnerability>
|
||||
<title>Download Monitor <= 3.3.5.7 Cross Site Scripting</title>
|
||||
<reference>http://www.reactionpenetrationtesting.co.uk/wordpress-download-monitor-xss.html</reference>
|
||||
<reference>http://secunia.com/advisories/50511/</reference>
|
||||
<type>XSS</type>
|
||||
</vulnerability>
|
||||
<vulnerability>
|
||||
@@ -3243,6 +3251,118 @@ File Upload Vulnerability</title>
|
||||
<type>SQLI</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="form">
|
||||
<vulnerability>
|
||||
<title>WordPress Zingiri Form Builder Plugin < 1.2.1 "error" Cross-Site Scripting Vulnerability</title>
|
||||
<reference>http://secunia.com/advisories/50983/</reference>
|
||||
<type>XSS</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="white-label-cms">
|
||||
<vulnerability>
|
||||
<title>WordPress White Label CMS Plugin < 1.5.1 Cross-Site Request Forgery Vulnerability</title>
|
||||
<reference>http://secunia.com/advisories/50487/</reference>
|
||||
<type>CSRF</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="download-shortcode">
|
||||
<vulnerability>
|
||||
<title>Wordpress Download Shortcode Plugin < 0.2.1 "file" Arbitrary File Disclosure Vulnerability</title>
|
||||
<reference>http://secunia.com/advisories/50924/</reference>
|
||||
<type>LFI</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="crayon-syntax-hightlighter">
|
||||
<vulnerability>
|
||||
<title>WordPress Crayon Syntax Highlighter Plugin < 1.13"wp_load" Remote File Inclusion Vulnerability</title>
|
||||
<reference>http://secunia.com/advisories/50804/</reference>
|
||||
<type>RFI</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="eshop-magic">
|
||||
<vulnerability>
|
||||
<title>WordPress eShop Magic Plugin < 0.2 "file" Arbitrary File Disclosure Vulnerability</title>
|
||||
<reference>http://secunia.com/advisories/50933/</reference>
|
||||
<type>LFI</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="pinterest-pin-it-button">
|
||||
<vulnerability>
|
||||
<title>WordPress Pinterest "Pin It" Button Lite Plugin < 1.4.0 Multiple Unspecified Vulnerabilities</title>
|
||||
<reference>http://secunia.com/advisories/50868/</reference>
|
||||
<type>MULTI</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="css-plus">
|
||||
<vulnerability>
|
||||
<title>WordPress CSS Plus Plugin < 1.3.2 Unspecified Vulnerabilities</title>
|
||||
<reference>http://secunia.com/advisories/50793/</reference>
|
||||
<type>UNKNOWN</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="multisite-plugin-manager">
|
||||
<vulnerability>
|
||||
<title>WordPress Multisite Plugin Manager Plugin < 3.1.2 Two Cross-Site Scripting Vulnerabilities</title>
|
||||
<reference>http://secunia.com/advisories/50762/</reference>
|
||||
<type>XSS</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="abc-test">
|
||||
<vulnerability>
|
||||
<title>WordPress ABC Test Plugin "id" Cross-Site Scripting Vulnerability</title>
|
||||
<reference>http://secunia.com/advisories/50608/</reference>
|
||||
<type>XSS</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="token-manager">
|
||||
<vulnerability>
|
||||
<title>Wordpress Token Manager Plugin "tid" Cross-Site Scripting Vulnerabilities</title>
|
||||
<reference>http://secunia.com/advisories/50722/</reference>
|
||||
<type>XSS</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="sexy-add-template">
|
||||
<vulnerability>
|
||||
<title>WordPress Sexy Add Template Plugin Cross-Site Request Forgery Vulnerability</title>
|
||||
<reference>http://secunia.com/advisories/50709/</reference>
|
||||
<type>CSRF</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="notices">
|
||||
<vulnerability>
|
||||
<title>WordPress Notices Ticker Plugin Cross-Site Request Forgery Vulnerability</title>
|
||||
<reference>http://secunia.com/advisories/50717/</reference>
|
||||
<type>CSRF</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="mf-gig-calendar">
|
||||
<vulnerability>
|
||||
<title>WordPress MF Gig Calendar Plugin URL Cross-Site Scripting Vulnerability</title>
|
||||
<reference>http://secunia.com/advisories/50571/</reference>
|
||||
<type>XSS</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="wp-topbar">
|
||||
<vulnerability>
|
||||
<title>WordPress WP-TopBar Plugin < 4.0.3 Cross-Site Request Forgery Vulnerability</title>
|
||||
<reference>http://secunia.com/advisories/50693/</reference>
|
||||
<type>CSRF</type>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
</vulnerabilities>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user