From e11de682034676073c0b9be20c0322c1746ca95a Mon Sep 17 00:00:00 2001
From: Peter <vanderlaan.pm@gmail.com>
Date: Wed, 8 Jan 2014 14:36:08 +0100
Subject: [PATCH] Update plugin_vulns.xml

---
 data/plugin_vulns.xml | 102 +++++++++++++++++++++++++++---------------
 1 file changed, 67 insertions(+), 35 deletions(-)

diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index fd6ab056..845b6d7e 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -5627,39 +5627,13 @@
 
   <plugin name="events-manager">
     <vulnerability>
-      <title>Events Manager 5.3.3 - Multiple XSS Vulnerabilities</title>
+      <title>Events Manager 5.5.1 - Multiple Unspecified XSS Vulnerabilities</title>
       <references>
-        <secunia>51869</secunia>
+        <osvdb>98198</osvdb>
+        <secunia>55182</secunia>
       </references>
       <type>XSS</type>
-      <fixed_in>5.3.4</fixed_in>
-    </vulnerability>
-    <vulnerability>
-      <title>Events Manager 5.3.5 - wp-admin/admin-ajax.php dbem_phone Parameter XSS</title>
-      <references>
-        <osvdb>90913</osvdb>
-        <secunia>52475</secunia>
-      </references>
-      <type>XSS</type>
-      <fixed_in>5.3.6</fixed_in>
-    </vulnerability>
-    <vulnerability>
-      <title>Events Manager 5.3.5 - index.php event_owner_name Parameter XSS</title>
-      <references>
-        <osvdb>90914</osvdb>
-        <secunia>52475</secunia>
-      </references>
-      <type>XSS</type>
-      <fixed_in>5.3.6</fixed_in>
-    </vulnerability>
-    <vulnerability>
-      <title>Events Manager 5.3.5 - wp-admin/post.php Multiple Parameter XSS</title>
-      <references>
-        <osvdb>90915</osvdb>
-        <secunia>52475</secunia>
-      </references>
-      <type>XSS</type>
-      <fixed_in>5.3.6</fixed_in>
+      <fixed_in>5.5.2</fixed_in>
     </vulnerability>
     <vulnerability>
       <title>Events Manager 5.3.8 - Event Search Form em_search Parameter XSS</title>
@@ -5692,13 +5666,67 @@
       <fixed_in>5.3.9</fixed_in>
     </vulnerability>
     <vulnerability>
-      <title>Events Manager 5.5.1 - Multiple Unspecified XSS Vulnerabilities</title>
+      <title>Events Manager 5.3.5 - wp-admin/admin-ajax.php dbem_phone Parameter XSS</title>
       <references>
-        <osvdb>98198</osvdb>
-        <secunia>55182</secunia>
+        <osvdb>90913</osvdb>
+        <secunia>52475</secunia>
       </references>
       <type>XSS</type>
-      <fixed_in>5.5.2</fixed_in>
+      <fixed_in>5.3.6</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>Events Manager 5.3.5 - index.php event_owner_name Parameter XSS</title>
+      <references>
+        <osvdb>90914</osvdb>
+        <secunia>52475</secunia>
+      </references>
+      <type>XSS</type>
+      <fixed_in>5.3.6</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>Events Manager 5.3.5 - wp-admin/post.php Multiple Parameter XSS</title>
+      <references>
+        <osvdb>90915</osvdb>
+        <secunia>52475</secunia>
+      </references>
+      <type>XSS</type>
+      <fixed_in>5.3.6</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>Events Manager 5.3.3 - templates/forms/bookingform/booking-fields.php Multiple Parameter XSS</title>
+      <references>
+        <osvdb>89488</osvdb>
+        <cve>2013-1407</cve>
+        <secunia>51869</secunia>
+        <url>http://packetstormsecurity.com/files/120688/</url>
+        <url>http://www.securityfocus.com/bid/57477</url>
+      </references>
+      <type>XSS</type>
+      <fixed_in>5.3.4</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>Events Manager 5.3.3 - templates/templates/events-search.php Multiple Parameter XSS</title>
+      <references>
+        <osvdb>89487</osvdb>
+        <cve>2013-1407</cve>
+        <secunia>51869</secunia>
+        <url>http://packetstormsecurity.com/files/120688/</url>
+        <url>http://www.securityfocus.com/bid/57477</url>
+      </references>
+      <type>XSS</type>
+      <fixed_in>5.3.4</fixed_in>
+    </vulnerability>
+    <vulnerability>
+      <title>Events Manager 5.3.3 - XSS classes/em-bookings-table.php wp_nonce Parameter XSS</title>
+      <references>
+        <osvdb>89486</osvdb>
+        <cve>2013-1407</cve>
+        <secunia>51869</secunia>
+        <url>http://packetstormsecurity.com/files/120688/</url>
+        <url>http://www.securityfocus.com/bid/57477</url>
+      </references>
+      <type>XSS</type>
+      <fixed_in>5.3.4</fixed_in>
     </vulnerability>
   </plugin>
 
@@ -6529,9 +6557,13 @@
 
   <plugin name="marekkis-watermark">
     <vulnerability>
-      <title>Marekkis Watermark - Cross Site Scripting</title>
+      <title>Marekkis Watermark 0.9.2 - wp-admin/options-general.php pfad Parameter XSS</title>
       <references>
+        <osvdb>90362</osvdb>
+        <cve>2013-1758</cve>
+        <secunia>52227</secunia>
         <url>http://packetstormsecurity.com/files/120378/</url>
+        <url>http://seclists.org/bugtraq/2013/Feb/83</url>
       </references>
       <type>XSS</type>
     </vulnerability>