From de2cb08a6be101872d4f8ae4bc2f8497d2c6f85c Mon Sep 17 00:00:00 2001
From: Pedro Worcel <pedro@worcel.com>
Date: Mon, 7 Apr 2014 12:07:13 +1200
Subject: [PATCH] Wordpress Templatic Themes CSRF

Add http://1337day.com/exploit/22091

Couldn't verify myself because themes are paid, but files seem to exist and are possibly vulnerable.
---
 data/theme_vulns.xml | 51 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)

diff --git a/data/theme_vulns.xml b/data/theme_vulns.xml
index 12fbff65..d1cc960f 100644
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -3028,5 +3028,56 @@
       <type>UPLOAD</type>
     </vulnerability>
   </theme>
+  
+  <theme name="Realestate">
+    <vulnerability>
+        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+        <references>
+            <url>http://1337day.com/exploit/22091</url>
+        </references>
+        <type>CSRF</type>
+    </vulnerability>
+</theme>
+
+<theme name="dailydeal">
+    <vulnerability>
+        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+        <references>
+            <url>http://1337day.com/exploit/22091</url>
+        </references>
+        <type>CSRF</type>
+    </vulnerability>
+</theme>
+
+<theme name="nightlife">
+    <vulnerability>
+        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+        <references>
+            <url>http://1337day.com/exploit/22091</url>
+        </references>
+        <type>CSRF</type>
+    </vulnerability>
+</theme>
+
+<theme name="5star">
+    <vulnerability>
+        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+        <references>
+            <url>http://1337day.com/exploit/22091</url>
+        </references>
+        <type>CSRF</type>
+    </vulnerability>
+</theme>
+
+<theme name="specialist">
+    <vulnerability>
+        <title>Wordpress Templatic Themes CSRF File Upload Vulnerability</title>
+        <references>
+            <url>http://1337day.com/exploit/22091</url>
+        </references>
+        <type>CSRF</type>
+    </vulnerability>
+</theme>
+
 
 </vulnerabilities>