Update plugin_vulns.xml
This commit is contained in:
Peter van der Laan
@@ -2742,16 +2742,20 @@
|
||||
<type>SQLI</type>
|
||||
</vulnerability>
|
||||
<vulnerability>
|
||||
<title>WP Symposium - "u" XSS</title>
|
||||
<title>WP Symposium 13.02 - wp-symposium/invite.php u Parameter XSS</title>
|
||||
<references>
|
||||
<osvdb>92275</osvdb>
|
||||
<cve>2013-2695</cve>
|
||||
<secunia>52864</secunia>
|
||||
</references>
|
||||
<type>XSS</type>
|
||||
<fixed_in>13.04</fixed_in>
|
||||
</vulnerability>
|
||||
<vulnerability>
|
||||
<title>WP Symposium - "u" Redirection Weakness</title>
|
||||
<title>WP Symposium 13.02 - invite.php u Parameter Arbitrary Site Redirect</title>
|
||||
<references>
|
||||
<osvdb>92274</osvdb>
|
||||
<cve>2013-2694</cve>
|
||||
<secunia>52925</secunia>
|
||||
</references>
|
||||
<type>REDIRECT</type>
|
||||
@@ -6225,7 +6229,7 @@
|
||||
|
||||
<plugin name="social-media-widget">
|
||||
<vulnerability>
|
||||
<title>social-media-widget - malicious code</title>
|
||||
<title>Social Media Widget - malicious code</title>
|
||||
<references>
|
||||
<url>http://plugins.trac.wordpress.org/changeset?reponame=&old=691839%40social-media-widget%2Ftrunk&new=693941%40social-media-widget%2Ftrunk</url>
|
||||
<url>http://slashdot.org/submission/2592777/top-wordpress-widget-sold-off-turned-into-seo-spambot</url>
|
||||
@@ -6233,6 +6237,17 @@
|
||||
<type>UNKNOWN</type>
|
||||
<fixed_in>4.0.2</fixed_in>
|
||||
</vulnerability>
|
||||
<vulnerability>
|
||||
<title>Social Media Widget 4.0 - social-widget.php MITM Weakness Arbitrary Code Injection</title>
|
||||
<references>
|
||||
<osvdb>92312</osvdb>
|
||||
<cve>2013-1949</cve>
|
||||
<secunia>53020</secunia>
|
||||
<url>http://seclists.org/oss-sec/2013/q2/10</url>
|
||||
</references>
|
||||
<type>UNKNOWN</type>
|
||||
<fixed_in>4.0.1</fixed_in>
|
||||
</vulnerability>
|
||||
</plugin>
|
||||
|
||||
<plugin name="facebook-members">
|
||||
@@ -6327,8 +6342,9 @@
|
||||
|
||||
<plugin name="top-10">
|
||||
<vulnerability>
|
||||
<title>top-10 - CSRF</title>
|
||||
<title>top-10 1.9.2 - Setting Manipulation CSRF</title>
|
||||
<references>
|
||||
<osvdb>92849</osvdb>
|
||||
<secunia>53205</secunia>
|
||||
</references>
|
||||
<type>CSRF</type>
|
||||
@@ -6461,8 +6477,9 @@
|
||||
|
||||
<plugin name="contextual-related-posts">
|
||||
<vulnerability>
|
||||
<title>Contextual Related Posts - Cross-Site Request Forgery Vulnerability</title>
|
||||
<title>Contextual Related Posts 1.8.6 - Cross-Site Request Forgery Vulnerability</title>
|
||||
<references>
|
||||
<osvdb>93088</osvdb>
|
||||
<secunia>52960</secunia>
|
||||
</references>
|
||||
<type>CSRF</type>
|
||||
@@ -6472,8 +6489,10 @@
|
||||
|
||||
<plugin name="calendar">
|
||||
<vulnerability>
|
||||
<title>Calendar - Cross-Site Request Forgery Vulnerability</title>
|
||||
<title>Calendar 1.3.2 - Entry Addition CSRF</title>
|
||||
<references>
|
||||
<osvdb>93025</osvdb>
|
||||
<cve>2013-2698</cve>
|
||||
<secunia>52841</secunia>
|
||||
</references>
|
||||
<type>CSRF</type>
|
||||
@@ -7256,6 +7275,7 @@
|
||||
</references>
|
||||
<type>XSS</type>
|
||||
</vulnerability>
|
||||
<vulnerability>
|
||||
<title>LBG Zoominoutslider - add_banner.php Unspecified XSS</title>
|
||||
<references>
|
||||
<osvdb>99320</osvdb>
|
||||
|
||||
Reference in New Issue
Block a user