From df66a7496a6287326f2798c329745d9555caf8f1 Mon Sep 17 00:00:00 2001 From: Christian Mehlmauer Date: Wed, 30 Jan 2013 22:30:05 +0100 Subject: [PATCH] added vulns --- data/plugin_vulns.xml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index f1d3c2de..93c8b05b 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -511,6 +511,11 @@ + + wp-homepage-slideshow Arbitrary File Upload Vulnerability + http://www.1337day.com/exploit/20260 + UPLOAD + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -519,6 +524,11 @@ + + wp-image-news-slider Arbitrary File Upload Vulnerability + http://www.1337day.com/exploit/20259 + UPLOAD + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -566,6 +576,11 @@ + + wp-royal-gallery Arbitrary File Upload Vulnerability + http://www.1337day.com/exploit/20261 + UPLOAD + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html @@ -3555,5 +3570,13 @@ + + + Wordpress RLSWordPressSearch plugin SQL Injection + http://www.exploit-db.com/exploits/24440/ + SQLI + + +