diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 05388b34..1beb4395 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -3238,20 +3238,13 @@
- WP Symposium <= 0.64 - SQL Injection Vulnerability
+ WP Symposium 13.04 - invite.php u Parameter Arbitrary Site Redirect
- 17679
+ 92274
+ 2013-2694
+ 52925
- SQLI
-
-
- WP Symposium <= 12.12 - Multiple SQL Injection Vulnerabilities
-
- 89455
- 50674
- http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/
-
- SQLI
+ REDIRECT
WP Symposium 13.02 - wp-symposium/invite.php u Parameter XSS
@@ -3264,13 +3257,147 @@
13.04
- WP Symposium 13.02 - invite.php u Parameter Arbitrary Site Redirect
+ WP Symposium <= 12.09 - ajax/symposium_groups_functions.php gid Parameter SQL Injection
- 92274
- 2013-2694
- 52925
+ 89455
+ 50674
+ http://www.securityfocus.com/bid/57478
+ http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/
- REDIRECT
+ SQLI
+ 12.12
+
+
+ WP Symposium <= 12.09 - index.php uid Parameter SQL Injection
+
+ 89456
+ 50674
+ http://www.securityfocus.com/bid/57478
+ http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/
+
+ SQLI
+ 12.12
+
+
+ WP Symposium <= 12.09 - ajax/symposium_profile_functions.php friend_to Parameter SQL Injection
+
+ 89457
+ 50674
+ http://www.securityfocus.com/bid/57478
+ http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/
+
+ SQLI
+ 12.12
+
+
+ WP Symposium <= 12.09 - ajax/symposium_forum_functions.php Multiple Parameter SQL Injection
+
+ 89458
+ 50674
+ http://www.securityfocus.com/bid/57478
+ http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/
+
+ SQLI
+ 12.12
+
+
+ WP Symposium <= 12.09 - get_album_item.php size Parameter SQL Injection
+
+ 89459
+ 50674
+ http://www.securityfocus.com/bid/57478
+ http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/
+
+ SQLI
+ 12.12
+
+
+ WP Symposium <= 12.07.07 - ajax/symposium_ajax_functions.php Authentication Bypass
+
+ 83696
+ 49791
+
+ AUTHBYPASS
+
+
+ WP Symposium <= 12.06.16 - ajax/symposium_forum_functions.php tid Parameter SQL Injection
+
+ 83662
+ 49534
+
+ SQLI
+ 12.07.01
+
+
+ WP Symposium <= 12.06.16 - ajax/symposium_group_functions.php uid1 Parameter SQL Injection
+
+ 83663
+ 49534
+
+ SQLI
+ 12.07.01
+
+
+ WP Symposium <= 12.06.16 - ajax/symposium_bar_functions.php chat_to Parameter SQL Injection
+
+ 83668
+ 49534
+
+ SQLI
+ 12.07.01
+
+
+ WP Symposium <= 12.06.16 - ajax/symposium_mail_functions.php Multiple Parameter SQL Injection
+
+ 83675
+ 49534
+
+ SQLI
+ 12.07.01
+
+
+ WP Symposium <= 11.11.26 - uploadify/upload_admin_avatar.php File Upload Remote PHP Code Execution
+
+ 78041
+ 2011-5051
+ 46097
+ http://xforce.iss.net/xforce/xfdb/72012
+
+ RCE
+ 11.12.24
+
+
+ WP Symposium <= 11.11.26 - uploadify/upload_profile_avatar.php File Upload Remote PHP Code Execution
+
+ 78042
+ 2011-5051
+ 46097
+ http://xforce.iss.net/xforce/xfdb/72012
+
+ RCE
+ 11.12.24
+
+
+ WP Symposium <= 11.11.26 - uploadify/get_profile_avatar.php uid Parameter XSS
+
+ 77634
+ 2011-3841
+ 47243
+ http://www.securityfocus.com/bid/51017
+ http://xforce.iss.net/xforce/xfdb/71748
+
+ XSS
+ 11.12.08
+
+
+ WP Symposium <= 0.64 - uploadify/get_profile_avatar.php uid Parameter SQL Injection
+
+ 74664
+ 47243
+ 17679
+
+ SQLI
+ 11.08.18
@@ -4446,16 +4573,20 @@
- yolink Search - "s" Cross-Site Scripting Vulnerability
+ yolink Search 2.5 - "s" Cross-Site Scripting Vulnerability
+ 89756
52030
+ http://www.securityfocus.com/bid/57665
XSS
2.6
- yolink Search <= 1.1.4 - SQL Injection Vulnerability
+ yolink Search <= 1.1.4 - includes/bulkcrawl.php Multiple Parameter SQL Injection
+ 74832
+ 45801
17757
SQLI
@@ -5449,15 +5580,26 @@
- Developer Formatter - CSRF and XSS Vulnerability
+ Developer Formatter 2013.0.1.40 - devformatter.php Multiple Action CSRF
89475
24294
51912
- http://illsecure.com/code/Wordpress-DevFormatter-CSRF-Vulnerability.txt
+ http://packetstormsecurity.com/files/119731/
+ http://seclists.org/bugtraq/2013/Jan/91
http://1337day.com/exploit/20210
- MULTI
+ CSRF
+ 2013.0.1.41
+
+
+ Developer Formatter 2013.0.1.40 - devformatter.php Multiple Field XSS
+
+ 89474
+ http://seclists.org/bugtraq/2013/Jan/91
+
+ XSS
+ 2013.0.1.41
@@ -6127,9 +6269,10 @@
- RLSWordPressSearch - SQL Injection
+ RLSWordPressSearch - register.php agentid Parameter SQL Injection
- 24440
+ 89824
+ http://packetstormsecurity.com/files/119938/
SQLI
@@ -6198,7 +6341,10 @@
Gallery - "load" Remote File Inclusion Vulnerability
+ 89753
+ 2012-4919
51347
+ http://www.securityfocus.com/bid/57650
RFI
@@ -7851,11 +7997,11 @@
- Usernoise 3.7.8 - Persistent XSS Vulnerability
+ Usernoise 3.7.8 - Feedback Submission summary Field XSS
- http://wordpress.org/plugins/usernoise/changelog/
- 27403
96000
+ 27403
+ http://packetstormsecurity.com/files/122701/
XSS
3.7.9