garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update plugin_vulns.xml

Browse Source
This commit is contained in:
Peter van der Laan
2013-10-20 12:06:21 +02:00
parent 49883bbc3a
commit edf2ac481b
1 changed files with 52 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
data/plugin_vulns.xml
View File

@@ -870,6 +870,16 @@
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="wp-image-resizer">
<vulnerability>
<title>Image Resizer - Cross Site Scripting</title>
<references>
<url>http://packetstormsecurity.com/files/123651/</url>
</references>
<type>XSS</type>
</vulnerability>
</plugin>
<plugin name="wp-levoslideshow"> <plugin name="wp-levoslideshow">
<vulnerability> <vulnerability>
<title>wp-levoslideshow - Arbitrary File Upload Vulnerability</title> <title>wp-levoslideshow - Arbitrary File Upload Vulnerability</title>
@@ -4775,13 +4785,20 @@
<plugin name="woocommerce"> <plugin name="woocommerce">
<vulnerability> <vulnerability>
<title>WooCommerce - index.php calc_shipping_state Parameter XSS</title> <title>WooCommerce 2.0.12 - index.php calc_shipping_state Parameter XSS</title>
<references> <references>
<osvdb>95480</osvdb> <osvdb>95480</osvdb>
</references> </references>
<type>XSS</type> <type>XSS</type>
<fixed_in>2.0.13</fixed_in> <fixed_in>2.0.13</fixed_in>
</vulnerability> </vulnerability>
<vulnerability>
<title>WooCommerce 2.0.17 - Cross Site Scripting</title>
<references>
<url>http://packetstormsecurity.com/files/123684/</url>
</references>
<type>XSS</type>
</vulnerability>
</plugin> </plugin>
<plugin name="wp-e-commerce-predictive-search"> <plugin name="wp-e-commerce-predictive-search">
@@ -7114,6 +7131,18 @@
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="quick-paypal-payments">
<vulnerability>
<title>Quick Paypal Payments 3.0 - Payment Sending Multiple Parameter XSS</title>
<references>
<osvdb>98715</osvdb>
<secunia>55292</secunia>
<url>http://packetstormsecurity.com/files/123662/</url>
</references>
<type>XSS</type>
</vulnerability>
</plugin>
<plugin name="email-newsletter"> <plugin name="email-newsletter">
<vulnerability> <vulnerability>
<title>Email Newsletter 8.0 - 'option' Parameter Information Disclosure Vulnerability</title> <title>Email Newsletter 8.0 - 'option' Parameter Information Disclosure Vulnerability</title>
@@ -7415,4 +7444,26 @@
</vulnerability> </vulnerability>
</plugin> </plugin>
<plugin name="wp-realty">
<vulnerability>
<title>WP Realty - Blind SQL Injection</title>
<references>
<url>http://packetstormsecurity.com/files/123655/</url>
</references>
<type>SQLI</type>
</vulnerability>
</plugin>
<plugin name="social-sharing-toolkit">
<vulnerability>
<title>Social Sharing Toolkit 2.2.1 - Setting Manipulation CSRF</title>
<references>
<osvdb>98717</osvdb>
<cve>2013-2701</cve>
<secunia>52951</secunia>
</references>
<type>CSRF</type>
</vulnerability>
</plugin>
</vulnerabilities> </vulnerabilities>