diff --git a/data/plugin_vulns.json b/data/plugin_vulns.json
index 08e12ce3..a319f03b 100644
--- a/data/plugin_vulns.json
+++ b/data/plugin_vulns.json
@@ -1 +1 @@
-[{"theme-my-login":{"vulnerabilities":[{"id":6043,"title":"Theme My Login 6.3.9 - Local File Inclusion","url":"http://packetstormsecurity.com/files/127302/,http://seclists.org/fulldisclosure/2014/Jun/172,http://www.securityfocus.com/bid/68254,https://security.dxw.com/advisories/lfi-in-theme-my-login/","osvdb":"108517","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"6.3.10"}]}},{"login-rebuilder":{"vulnerabilities":[{"id":6044,"title":"Login Rebuilder \u003c 1.2.0 - Cross Site Request Forgery Vulnerability","osvdb":"108364","cve":"2014-3882","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"1.2.0"}]}},{"simple-share-buttons-adder":{"vulnerabilities":[{"id":6045,"title":"Simple Share Buttons Adder 4.4 - options-general.php Multiple Admin Actions CSRF","url":"https://security.dxw.com/advisories/csrf-and-stored-xss-in-simple-share-buttons-adder/,http://packetstormsecurity.com/files/127238/","osvdb":"108444","cve":"2014-4717","exploitdb":"33896","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"4.5"},{"id":6046,"title":"Simple Share Buttons Adder 4.4 - options-general.php ssba_share_text Parameter Stored XSS Weakness","url":"https://security.dxw.com/advisories/csrf-and-stored-xss-in-simple-share-buttons-adder/,http://packetstormsecurity.com/files/127238/","osvdb":"108445","exploitdb":"33896","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"4.5"}]}},{"content-slide":{"vulnerabilities":[{"id":6047,"title":"Content Slide \u003c= 1.4.2 - Cross Site Request Forgery Vulnerability","osvdb":"93871","cve":"2013-2708","secunia":"52949","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z"}]}},{"wp-cron-dashboard":{"vulnerabilities":[{"id":6048,"title":"WP Cron DashBoard \u003c= 1.1.5 - wp-cron-dashboard.php procname Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124602/,https://www.htbridge.com/advisory/HTB23189","osvdb":"100660","cve":"2013-6991","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z"}]}},{"wordpress-simple-paypal-shopping-cart":{"vulnerabilities":[{"id":6049,"title":"Simple Paypal Shopping Cart 3.5 - Cross-Site Request Forgery Vulnerability","osvdb":"93953","cve":"2013-2705","secunia":"52963","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"3.6"}]}},{"wp-sendsms":{"vulnerabilities":[{"id":6050,"title":"WP-SendSMS 1.0 - Setting Manipulation CSRF","osvdb":"94209","secunia":"53796","exploitdb":"26124","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z"},{"id":6051,"title":"WP-SendSMS 1.0 - wp-admin/admin.php Multiple Parameter XSS","osvdb":"94210","exploitdb":"26124","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z"}]}},{"mail-subscribe-list":{"vulnerabilities":[{"id":6052,"title":"Mail Subscribe List - Script Insertion Vulnerability","osvdb":"94197","secunia":"53732","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"2.1"}]}},{"s3-video":{"vulnerabilities":[{"id":6053,"title":"S3 Video \u003c= 0.97 - VideoJS Cross Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/66","secunia":"53437","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"0.98"},{"id":6054,"title":"S3 Video 0.982 - preview_video.php base Parameter XSS","osvdb":"101388","cve":"2013-7279","secunia":"56167","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"0.983"}]}},{"video-embed-thumbnail-generator":{"vulnerabilities":[{"id":6055,"title":"VideoJS Cross - Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/66","secunia":"53426","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"4.1"}]}},{"1player":{"vulnerabilities":[{"id":6055,"title":"VideoJS Cross - Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/66","secunia":"53426","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"1.4"}]}},{"external-video-for-everybody":{"vulnerabilities":[{"id":6055,"title":"VideoJS Cross - Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/66","secunia":"53426","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"2.1"}]}},{"EasySqueezePage":{"vulnerabilities":[{"id":6055,"title":"VideoJS Cross - Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/66","secunia":"53426","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z"}]}},{"crayon-syntax-highlighter":{"vulnerabilities":[{"id":6056,"title":"Crayon Syntax Highlighter - Remote File Inclusion Vulnerability","url":"http://ceriksen.com/2012/10/15/wordpress-crayon-syntax-highlighter-remote-file-inclusion-vulnerability/","osvdb":"86255,86256","secunia":"50804","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"1.13"}]}},{"ungallery":{"vulnerabilities":[{"id":6057,"title":"UnGallery \u003c= 1.5.8 - Local File Disclosure Vulnerability","exploitdb":"17704","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z"},{"id":6058,"title":"UnGallery - Arbitrary Command Execution","url":"http://ceriksen.com/2012/10/23/wordpress-ungallery-remote-command-injection-vulnerability/","secunia":"50875","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"2.1.6"}]}},{"thanks-you-counter-button":{"vulnerabilities":[{"id":6059,"title":"Thank You Counter Button 1.8.7 - wp-admin/options.php Multiple Parameter Stored XSS","url":"http://packetstormsecurity.com/files/125397/,http://www.securityfocus.com/bid/65805","osvdb":"103778","cve":"2014-2315","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z"},{"id":6060,"title":"Thank You Counter Button \u003c= 1.8.2 - XSS","secunia":"50977","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"1.8.3"}]}},{"bookings":{"vulnerabilities":[{"id":6061,"title":"Bookings \u003c= 1.8.2 - controlpanel.php error Parameter XSS","osvdb":"86613","secunia":"50975","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"1.8.3"}]}},{"cimy-user-manager":{"vulnerabilities":[{"id":6062,"title":"Cimy User Manager \u003c= 1.4.2 - Arbitrary File Disclosure","url":"http://ceriksen.com/2012/10/24/wordpress-cimy-user-manager-arbitrary-file-disclosure/","secunia":"50834","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"1.4.4"}]}},{"fs-real-estate-plugin":{"vulnerabilities":[{"id":6063,"title":"FireStorm Professional Real Estate 2.06.01 - xml/marker_listings.php id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/118232/,http://xforce.iss.net/xforce/xfdb/80261","osvdb":"86686","secunia":"51107","exploitdb":"22071","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"2.06.04"},{"id":6064,"title":"FireStorm Professional Real Estate - Multiple SQL Injection","url":"http://ceriksen.com/2012/10/25/wordpress-firestorm-professional-real-estate-plugin-sql-injection-vulnerability/","secunia":"50873","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"2.06.03"}]}},{"wp125":{"vulnerabilities":[{"id":6065,"title":"WP125 \u003c= 1.4.4 - Multiple XSS","secunia":"50976","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"1.4.5"},{"id":6066,"title":"WP125 \u003c= 1.4.9 - CSRF","url":"http://www.securityfocus.com/bid/58934","osvdb":"92113","cve":"2013-2700","secunia":"52876","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z","fixed_in":"1.5.0"}]}},{"all-video-gallery":{"vulnerabilities":[{"id":6067,"title":"All Video Gallery - Multiple SQL Injection Vulnerabilities","url":"http://ceriksen.com/2012/11/04/wordpress-all-video-gallery-plugin-sql-injection/","secunia":"50874","exploitdb":"22427","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z"}]}},{"buddystream":{"vulnerabilities":[{"id":6068,"title":"BuddyStream - XSS","secunia":"50972","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z"}]}},{"post-views":{"vulnerabilities":[{"id":6069,"title":"Post views 2.6.1 - wp-content/plugins/post-views/post-views.php search_input Parameter XSS","url":"http://www.securityfocus.com/bid/56555,http://xforce.iss.net/xforce/xfdb/80076","osvdb":"87349","secunia":"50982","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z"}]}},{"floating-social-media-links":{"vulnerabilities":[{"id":6070,"title":"Floating Social Media Links \u003c= 1.4.2 - fsml-admin.js.php wpp Parameter Remote File Inclusion","url":"http://www.securityfocus.com/bid/56913,http://xforce.iss.net/xforce/xfdb/80641,http://ceriksen.com/2013/01/12/wordpress-floating-social-media-link-plugins-remote-file-inclusion/","osvdb":"88383","secunia":"51346","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z","fixed_in":"1.4.3"},{"id":6071,"title":"Floating Social Media Links \u003c= 1.4.2 - fsml-hideshow.js.php wpp Parameter Remote File Inclusion","url":"http://www.securityfocus.com/bid/56913,http://ceriksen.com/2013/01/12/wordpress-floating-social-media-link-plugins-remote-file-inclusion/","osvdb":"88385","secunia":"51346","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z","fixed_in":"1.4.3"}]}},{"zingiri-forum":{"vulnerabilities":[{"id":6072,"title":"Zingiri Forum 1.4.2 - forum.php zing_forum_output Function url Parameter XSS","url":"http://www.securityfocus.com/bid/57224,http://xforce.iss.net/xforce/xfdb/81156,http://ceriksen.com/2013/01/12/wordpress-zingiri-forums-arbitrary-file-disclosure/","osvdb":"89069","cve":"2012-4920","secunia":"50833","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z","fixed_in":"1.4.4"}]}},{"google-document-embedder":{"vulnerabilities":[{"id":6073,"title":"Google Document Embedder - Arbitrary File Disclosure","url":"http://www.securityfocus.com/bid/57133,http://packetstormsecurity.com/files/119329/,http://ceriksen.com/2013/01/03/wordpress-google-document-embedder-arbitrary-file-disclosure/","cve":"2012-4915","secunia":"50832","exploitdb":"23970","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z","metasploit":"exploit/unix/webapp/wp_google_document_embedder_exec","fixed_in":"2.5.4"}]}},{"extended-user-profile":{"vulnerabilities":[{"id":6074,"title":"extended-user-profile - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20118","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"superslider-show":{"vulnerabilities":[{"id":6075,"title":"superslider-show - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20117","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"wordpress-multibox-plugin":{"vulnerabilities":[{"id":6076,"title":"multibox - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20119","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"openinviter-for-wordpress":{"vulnerabilities":[{"id":6077,"title":"OpenInviter - Information Disclosure","url":"http://packetstormsecurity.com/files/119265/","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"wp_rokbox":{"vulnerabilities":[{"id":6078,"title":"RokBox - Multiple Vulnerabilities","url":"http://1337day.com/exploit/19981","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"},{"id":6079,"title":"RokBox \u003c= 2.13 - thumb.php src Parameter Malformed Input Path Disclosure","url":"http://packetstormsecurity.com/files/118884/,http://xforce.iss.net/xforce/xfdb/80732,http://www.securityfocus.com/bid/56953,http://seclists.org/fulldisclosure/2012/Dec/159","osvdb":"88604","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"},{"id":6080,"title":"RokBox \u003c= 2.13 - thumb.php src Parameter XSS","url":"http://packetstormsecurity.com/files/118884/,http://xforce.iss.net/xforce/xfdb/80731,http://www.securityfocus.com/bid/56953,http://seclists.org/fulldisclosure/2012/Dec/159","osvdb":"88605","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"},{"id":6081,"title":"RokBox \u003c= 2.13 - rokbox.php Direct Request Path Disclosure","url":"http://packetstormsecurity.com/files/118884/,http://www.securityfocus.com/bid/56953,http://seclists.org/fulldisclosure/2012/Dec/159","osvdb":"88606","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"},{"id":6082,"title":"RokBox \u003c= 2.13 - error_log Direct Request Error Log Information Disclosure","url":"http://packetstormsecurity.com/files/118884/,http://xforce.iss.net/xforce/xfdb/80761,http://www.securityfocus.com/bid/56953,http://seclists.org/fulldisclosure/2012/Dec/159","osvdb":"88607","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"},{"id":6083,"title":"RokBox \u003c= 2.13 - jwplayer/jwplayer.swf abouttext Parameter XSS","url":"http://packetstormsecurity.com/files/118884/,http://xforce.iss.net/xforce/xfdb/80731,http://www.securityfocus.com/bid/56953,http://seclists.org/fulldisclosure/2012/Dec/159","osvdb":"88608","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"},{"id":6084,"title":"RokBox \u003c= 2.13 - thumb.php src Parameter Arbitrary File Upload","url":"http://packetstormsecurity.com/files/118884/,http://xforce.iss.net/xforce/xfdb/80733,http://xforce.iss.net/xforce/xfdb/80739,http://www.securityfocus.com/bid/56953,http://seclists.org/fulldisclosure/2012/Dec/159","osvdb":"88609","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"wp_rokintroscroller":{"vulnerabilities":[{"id":6085,"title":"RokIntroScroller \u003c= 1.8 - XSS,DoS,Disclosure,Upload Vulnerabilities","url":"http://packetstormsecurity.com/files/123302/,http://seclists.org/fulldisclosure/2013/Sep/121","osvdb":"97418","secunia":"54801","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"wp_rokmicronews":{"vulnerabilities":[{"id":6086,"title":"RokMicroNews \u003c= 1.5 - XSS,DoS,Disclosure,Upload Vulnerabilities","url":"http://packetstormsecurity.com/files/123312/,http://seclists.org/fulldisclosure/2013/Sep/124","osvdb":"97418","secunia":"54801","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"wp_roknewspager":{"vulnerabilities":[{"id":6087,"title":"RokNewsPager \u003c= 1.17 - XSS,DoS,Disclosure,Upload Vulnerabilities","url":"http://packetstormsecurity.com/files/123271/,http://seclists.org/fulldisclosure/2013/Sep/109","osvdb":"97418","secunia":"54801","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"wp_rokstories":{"vulnerabilities":[{"id":6088,"title":"RokStories \u003c= 1.25 - XSS,DoS,Disclosure,Upload Vulnerabilities","url":"http://packetstormsecurity.com/files/123270/,http://seclists.org/fulldisclosure/2013/Sep/108","osvdb":"97418","secunia":"54801","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"grou-random-image-widget":{"vulnerabilities":[{"id":6089,"title":"grou-random-image-widget - Full Path Disclosure","url":"http://1337day.com/exploit/20047","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"sintic_gallery":{"vulnerabilities":[{"id":6090,"title":"sintic_gallery - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/19993","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"},{"id":6091,"title":"sintic_gallery - Path Disclosure Vulnerability","url":"http://1337day.com/exploit/20020","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"wp-useronline":{"vulnerabilities":[{"id":6092,"title":"WP-UserOnline - Full Path Disclosure","url":"http://seclists.org/fulldisclosure/2010/Jul/8","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"},{"id":6093,"title":"Wp-UserOnline \u003c= 0.62 - Persistent XSS","url":"http://seclists.org/fulldisclosure/2010/Jul/8","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"levelfourstorefront":{"vulnerabilities":[{"id":6094,"title":"Shopping Cart 8.1.14 - Shell Upload, SQL Injection","url":"http://packetstormsecurity.com/files/119217/","secunia":"51690","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z","fixed_in":"8.1.15"},{"id":6095,"title":"Level Four Storefront - levelfourstorefront/getsortmanufacturers.php id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/120950/","osvdb":"91680","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"reflex-gallery":{"vulnerabilities":[{"id":6096,"title":"ReFlex Gallery 1.4.2 - Unspecified XSS","osvdb":"102585","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z","fixed_in":"1.4.3"},{"id":6097,"title":"ReFlex Gallery 1.4 - reflex-gallery.php Direct Request Path Disclosure","osvdb":"88869","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"},{"id":6098,"title":"ReFlex Gallery 1.3 - Shell Upload","url":"http://packetstormsecurity.com/files/119218/","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"uploader":{"vulnerabilities":[{"id":6099,"title":"Uploader 1.0.4 - Shell Upload","url":"http://packetstormsecurity.com/files/119219/","osvdb":"70648","secunia":"43075,52465","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"},{"id":6100,"title":"Uploader 1.0.4 - notify.php blog Parameter XSS","osvdb":"90840","cve":"2013-2287","secunia":"52465","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"},{"id":6101,"title":"Uploader 1.0.0 - wp-content/plugins/uploader/views/notify.php num Parameter XSS","osvdb":"70649","secunia":"43075","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"xerte-online":{"vulnerabilities":[{"id":6102,"title":"Xerte Online 0.32 - Shell Upload","url":"http://packetstormsecurity.com/files/119220/","created_at":"2014-08-01T10:58:36.000Z","updated_at":"2014-08-01T10:58:36.000Z"}]}},{"advanced-custom-fields":{"vulnerabilities":[{"id":6103,"title":"Advanced Custom Fields \u003c= 3.5.1 - Remote File Inclusion","url":"http://packetstormsecurity.com/files/119221/","osvdb":"87353","secunia":"51037","exploitdb":"23856","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z","metasploit":"exploit/unix/webapp/wp_advanced_custom_fields_exec","fixed_in":"3.5.2"}]}},{"sitepress-multilingual-cms":{"vulnerabilities":[{"id":6104,"title":"sitepress-multilingual-cms - Full Path Disclosure","url":"http://1337day.com/exploit/20067","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"asset-manager":{"vulnerabilities":[{"id":6105,"title":"Asset Manager 0.2 - Arbitrary File Upload","url":"http://www.securityfocus.com/bid/53809,http://packetstormsecurity.com/files/119133/","osvdb":"82653","secunia":"49378","exploitdb":"18993,23652","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6106,"title":"Asset Manager - upload.php Arbitrary Code Execution","url":"http://www.ethicalhack3r.co.uk/security/wordpress-plugin-asset-manager-upload-php-arbitrary-code-execution/,http://packetstormsecurity.com/files/113285/,http://xforce.iss.net/xforce/xfdb/80823","osvdb":"82653","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"apptha-banner":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"apptha-slider-gallery":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"blaze-slide-show-for-wordpress":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6108,"title":"Blaze Slideshow 2.1 - Unspecified Security Vulnerability","url":"http://www.securityfocus.com/bid/52677","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z","fixed_in":"2.2"}]}},{"comment-extra-field":{"vulnerabilities":[{"id":6109,"title":"Comment Extra Field 1.7 - CSRF / XSS","url":"http://packetstormsecurity.com/files/122625/,http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"fluid-accessible-rich-inline-edit":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"fluid-accessible-pager":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"fluid-accessible-uploader":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"fluid-accessible-ui-options":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"fresh-page":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"pdw-file-browser":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6110,"title":"PDW File Browser - upload.php Arbitrary File Upload Vulnerability","url":"http://www.securityfocus.com/bid/53895","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"power-zoomer":{"vulnerabilities":[{"id":6111,"title":"powerzoomer - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20253","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"slide-show-pro":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"smart-slide-show":{"vulnerabilities":[{"id":6112,"title":"Smart Slideshow - upload.php Multiple File Extension Upload Arbitrary Code Execution","osvdb":"87373","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"spotlightyour":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"sprapid":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"ultimate-tinymce":{"vulnerabilities":[{"id":6113,"title":"TinyMCE 3.5 - swfupload Cross-Site Scripting Vulnerability","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","secunia":"51224","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z","fixed_in":"3.6"}]}},{"wp-3dbanner-rotator":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-3dflick-slideshow":{"vulnerabilities":[{"id":6114,"title":"wp-3dflick-slideshow - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20255","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-bliss-gallery":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-carouselslideshow":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6115,"title":"Carousel Slideshow - Unspecified Vulnerabilities","secunia":"50377","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z","fixed_in":"3.10"}]}},{"wp-dreamworkgallery":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-ecommerce-cvs-importer":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-extended":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-flipslideshow":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-homepage-slideshow":{"vulnerabilities":[{"id":6116,"title":"wp-homepage-slideshow - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20260","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-image-news-slider":{"vulnerabilities":[{"id":6117,"title":"Image News Slider 3.3 - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20259","osvdb":"87375","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6118,"title":"Image News Slider 3.3 - Unspecified Vulnerabilities","osvdb":"84935","secunia":"50390","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z","fixed_in":"3.4"},{"id":6119,"title":"Image News Slider 3.2 - Multiple Unspecified Remote Issues","url":"http://www.securityfocus.com/bid/52977,http://xforce.iss.net/xforce/xfdb/74788","osvdb":"81314","cve":"2012-4327","secunia":"48747","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z","fixed_in":"3.3"},{"id":6120,"title":"Image News Slider 3.1 - Multiple Unspecified Remote Issues","osvdb":"80310","secunia":"48538","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z","fixed_in":"3.2"},{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-image-resizer":{"vulnerabilities":[{"id":6121,"title":"Image Resizer - Cross Site Scripting","url":"http://packetstormsecurity.com/files/123651/","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"}]}},{"wp-levoslideshow":{"vulnerabilities":[{"id":6122,"title":"wp-levoslideshow - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20250","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-matrix-gallery":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-powerplaygallery":{"vulnerabilities":[{"id":6123,"title":"wp-powerplaygallery - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20252","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-royal-gallery":{"vulnerabilities":[{"id":6124,"title":"wp-royal-gallery - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20261","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-superb-slideshow":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6125,"title":"wp superb Slideshow - Full Path Disclosure","url":"http://1337day.com/exploit/19979","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"}]}},{"wp-vertical-gallery":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"wp-yasslideshow":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"}]}},{"cardoza-ajax-search":{"vulnerabilities":[{"id":6126,"title":"Ajax - Post Search Sql Injection","url":"http://seclists.org/bugtraq/2012/Nov/33,http://www.girlinthemiddle.net/2012/10/sqli-vulnerability-in-ajax-post-search.html","secunia":"51205","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z","fixed_in":"1.3"}]}},{"answer-my-question":{"vulnerabilities":[{"id":6127,"title":"Answer My Question 1.1 - record_question.php Multiple Parameter XSS","url":"http://www.securityfocus.com/archive/1/524625/30/0/threaded,http://seclists.org/bugtraq/2012/Nov/24","osvdb":"85567","secunia":"50655","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z","fixed_in":"1.2"}]}},{"catalog":{"vulnerabilities":[{"id":6128,"title":"Spider Catalog - HTML Code Injection and Cross-site scripting","url":"http://packetstormsecurity.com/files/117820/","secunia":"51143","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6129,"title":"Spider Catalog - Multiple SQL Injection and Cross Site Scripting Vulnerabilities","url":"http://www.securityfocus.com/bid/60079","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6130,"title":"Spider Catalog 1.4.6 - Multiple Shortcode id Parameter SQL Injection","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93589","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6131,"title":"Spider Catalog 1.4.6 - catalog.php catalog_after_search_results Function s Parameter SQL Injection","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93590","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6132,"title":"Spider Catalog 1.4.6 - Categories.php Multiple Function id Parameter SQL Injection","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93591","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6133,"title":"Spider Catalog 1.4.6 - products.php Multiple Function Multiple Parameter SQL Injection","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93592","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6134,"title":"Spider Catalog 1.4.6 - Category Entry Multiple Field XSS","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93593","secunia":"53491","exploitdb":"25723","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6135,"title":"Spider Catalog 1.4.6 - Categories.html.php Multiple Parameter XSS","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93594","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6136,"title":"Spider Catalog 1.4.6 - Products.html.php Multiple Parameter XSS","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93595","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6137,"title":"Spider Catalog 1.4.6 - spiderBox/spiderBox.js.php Multiple Parameter XSS","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93596","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6138,"title":"Spider Catalog 1.4.6 - catalog.php spider_box_js_php Function Multiple Parameter XSS","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93597","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"},{"id":6139,"title":"Spider Catalog 1.4.6 - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93598","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z"}]}},{"wordfence":{"vulnerabilities":[{"id":6140,"title":"Wordfence 3.8.6 - lib/IPTraf.php User-Agent Header Stored XSS","osvdb":"102445","secunia":"56558","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z","fixed_in":"3.8.7"},{"id":6141,"title":"Wordfence 3.8.1 - lib/wordfenceClass.php isStrongPasswd Function Password Creation Restriction Bypass Weakness","osvdb":"102478","created_at":"2014-08-01T10:58:38.000Z","updated_at":"2014-08-01T10:58:38.000Z","fixed_in":"3.8.3"},{"id":6142,"title":"Wordfence 3.8.1 - wp-admin/admin.php whois Parameter Stored XSS","url":"http://packetstormsecurity.com/files/122993/,http://www.securityfocus.com/bid/62053","osvdb":"97884","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z","fixed_in":"3.8.3"},{"id":6143,"title":"Wordfence 3.3.5 - XSS and IAA","url":"http://seclists.org/fulldisclosure/2012/Oct/139","osvdb":"86557","secunia":"51055","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z","fixed_in":"3.3.7"}]}},{"slideshow-jquery-image-gallery":{"vulnerabilities":[{"id":6144,"title":"Slideshow jQuery Image Gallery - Multiple Vulnerabilities","url":"http://www.waraxe.us/advisory-92.html","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"},{"id":6145,"title":"Slideshow - Multiple Script Insertion Vulnerabilities","secunia":"51135","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"social-discussions":{"vulnerabilities":[{"id":6146,"title":"Social Discussions 6.1.1 - Multiple Script Direct Request Path Disclosure","url":"http://xforce.iss.net/xforce/xfdb/79465,http://www.waraxe.us/advisory-93.html","osvdb":"86730","exploitdb":"22158","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"},{"id":6147,"title":"Social Discussions 6.1.1 - social-discussions-networkpub_ajax.php HTTP_ENV_VARS Parameter Remote File Inclusion","url":"http://xforce.iss.net/xforce/xfdb/79464,http://www.waraxe.us/advisory-93.html","osvdb":"86731","exploitdb":"22158","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"abtest":{"vulnerabilities":[{"id":6148,"title":"ABtest - Directory Traversal","url":"http://scott-herbert.com/?p=140","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"bbpress":{"vulnerabilities":[{"id":6149,"title":"BBPress - Multiple Script Malformed Input Path Disclosure","url":"http://xforce.iss.net/xforce/xfdb/78244,http://packetstormsecurity.com/files/116123/","osvdb":"86399","exploitdb":"22396","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"},{"id":6150,"title":"BBPress - forum.php page Parameter SQL Injection","url":"http://xforce.iss.net/xforce/xfdb/78244,http://packetstormsecurity.com/files/116123/","osvdb":"86400","exploitdb":"22396","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"nextgen_cu3er_gallery":{"vulnerabilities":[{"id":6151,"title":"NextGen Cu3er Gallery - Information Disclosure","url":"http://packetstormsecurity.com/files/116150/","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"rich-widget":{"vulnerabilities":[{"id":6152,"title":"Rich Widget - File Upload","url":"http://packetstormsecurity.com/files/115787/","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"monsters-editor-10-for-wp-super-edit":{"vulnerabilities":[{"id":6153,"title":"Monsters Editor - Shell Upload","url":"http://packetstormsecurity.com/files/115788/","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"quick-post-widget":{"vulnerabilities":[{"id":6154,"title":"Quick Post Widget 1.9.1 - Multiple Cross-site scripting vulnerabilities","url":"http://www.darksecurity.de/advisories/2012/SSCHADV2012-016.txt,http://seclists.org/bugtraq/2012/Aug/66","osvdb":"83640","cve":"2012-4226","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"threewp-email-reflector":{"vulnerabilities":[{"id":6155,"title":"ThreeWP Email Reflector 1.13 - Subject Field XSS","osvdb":"85134","cve":"2012-2572","exploitdb":"20365","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z","fixed_in":"1.16"}]}},{"wp-simplemail":{"vulnerabilities":[{"id":6156,"title":"SimpleMail 1.0.6 - Stored XSS","osvdb":"84534","cve":"2012-2579","secunia":"50208","exploitdb":"20361","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"postie":{"vulnerabilities":[{"id":6157,"title":"Postie 1.4.3 - Stored XSS","osvdb":"84532","cve":"2012-2580","secunia":"50207","exploitdb":"20360","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z","fixed_in":"1.5.15"}]}},{"rsvpmaker":{"vulnerabilities":[{"id":6158,"title":"RSVPMaker 2.5.4 - index.php RSVP Form Multiple Field XSS","osvdb":"84749","secunia":"50289","exploitdb":"20474","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z","fixed_in":"2.5.5"}]}},{"mz-jajak":{"vulnerabilities":[{"id":6159,"title":"Mz-jajak \u003c= 2.1 - index.php id Parameter SQL Injection","osvdb":"84698","secunia":"50217","exploitdb":"20416","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"resume-submissions-job-postings":{"vulnerabilities":[{"id":6160,"title":"Resume Submissions Job Posting 2.5.1 - Unrestricted File Upload","url":"http://packetstormsecurity.com/files/114716/","osvdb":"83807","secunia":"49896","exploitdb":"19791","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"wp-predict":{"vulnerabilities":[{"id":6161,"title":"WP-Predict 1.0 - Blind SQL Injection","osvdb":"83697","secunia":"49843","exploitdb":"19715","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"backup":{"vulnerabilities":[{"id":6162,"title":"Backup 2.0.1 - Information Disclosure","osvdb":"83701","secunia":"50038","exploitdb":"19524","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z","fixed_in":"2.1"}]}},{"moodthingy-mood-rating-widget":{"vulnerabilities":[{"id":6163,"title":"MoodThingy Widget 0.8.7 - admin-ajax.php Multiple Parameter lydl_store_results Function SQL Injection","osvdb":"83632","secunia":"49805","exploitdb":"19572","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"paid-business-listings":{"vulnerabilities":[{"id":6164,"title":"Paid Business Listings 1.0.2 - Form Submission pbl_listing_pkg_id Parameter SQL Injection","osvdb":"83768","exploitdb":"19481","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"website-faq":{"vulnerabilities":[{"id":6165,"title":"Website FAQ 1.0 - wp-admin/admin-ajax.php category Parameter SQL injection","osvdb":"83265","secunia":"49682","exploitdb":"19400","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"radykal-fancy-gallery":{"vulnerabilities":[{"id":6166,"title":"Fancy Gallery 1.2.4 - Shell Upload","url":"http://packetstormsecurity.com/files/114114/","osvdb":"83410","exploitdb":"19398","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"flipbook":{"vulnerabilities":[{"id":6167,"title":"Flip Book 1.0 - Shell Upload","url":"http://packetstormsecurity.com/files/114112/","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"ajax_multi_upload":{"vulnerabilities":[{"id":6168,"title":"Ajax Multi Upload 1.1 - Shell Upload","url":"http://packetstormsecurity.com/files/114109/","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"schreikasten":{"vulnerabilities":[{"id":6169,"title":"Schreikasten 0.14.13 - wp-admin/admin-ajax.php Multiple Parameter XSS","osvdb":"83152","secunia":"49600","exploitdb":"19294","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"wp-automatic":{"vulnerabilities":[{"id":6170,"title":"Automatic 2.0.3 - csv.php q Parameter SQL Injection","url":"http://packetstormsecurity.com/files/113763/","osvdb":"82971","secunia":"49573","exploitdb":"19187","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z","fixed_in":"2.0.4"}]}},{"videowhisper-video-conference-integration":{"vulnerabilities":[{"id":6171,"title":"VideoWhisper Video Conference 4.51 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/113580/","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"},{"id":6172,"title":"Video Whisper - XSS","url":"http://packetstormsecurity.com/files/122943/","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"}]}},{"videowhisper-live-streaming-integration":{"vulnerabilities":[{"id":6173,"title":"VideoWhisper Live Streaming Integration 4.29.6 - videowhisper_streaming.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/125430/","osvdb":"103871","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z"},{"id":6174,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/vc_chatlog.php msg Parameter Stored XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103821","cve":"2014-1906","created_at":"2014-08-01T10:58:39.000Z","updated_at":"2014-08-01T10:58:39.000Z","fixed_in":"4.29.5"},{"id":6175,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/v_status.php ct Parameter Reflected XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103820","cve":"2014-1906","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z","fixed_in":"4.29.5"},{"id":6176,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/lb_logout.php message Parameter Reflected XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103819","cve":"2014-1906","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z","fixed_in":"4.29.5"},{"id":6177,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/videotext.php n Parameter Reflected XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103818","cve":"2014-1906","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z","fixed_in":"4.29.5"},{"id":6178,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/video.php n Parameter Reflected XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103817","cve":"2014-1906","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z","fixed_in":"4.29.5"},{"id":6179,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/htmlchat.php n Parameter Reflected XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103816","cve":"2014-1906","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z","fixed_in":"4.29.5"},{"id":6180,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/rtmp_logout.php s Parameter Path Traversal Remote File Deletion","url":"http://packetstormsecurity.com/files/125454/,https://www.htbridge.com/advisory/HTB23199","osvdb":"103815","cve":"2014-1907","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z","fixed_in":"4.29.5"},{"id":6181,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/channel.php n Parameter Reflected XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103814","cve":"2014-1906","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z","fixed_in":"4.29.5"},{"id":6182,"title":"VideoWhisper Live Streaming Integration 4.27.3 - Error Message Unspecified Remote Information Disclosure","osvdb":"103428","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z","fixed_in":"4.29.5"},{"id":6183,"title":"VideoWhisper Live Streaming Integration 4.27.3 - Unspecified Path Traversal","osvdb":"103427","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z","fixed_in":"4.29.5"},{"id":6184,"title":"VideoWhisper Live Streaming Integration 4.27.3 - Unspecified XSS","osvdb":"103426","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z","fixed_in":"4.29.5"},{"id":6185,"title":"VideoWhisper Live Streaming Integration 4.27.3 - Unspecified File Upload Remote Code Execution","osvdb":"103425","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z","fixed_in":"4.29.5"},{"id":6186,"title":"VideoWhisper Live Streaming Integration \u003c 4.27.2 - XSS vulnerability in ls/vv_login.php via room_name parameter","url":"http://codevigilant.com/disclosure/wp-plugin-videowhisper-live-streaming-integration-a3-cross-site-scripting-xss/","cve":"2014-4569","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"},{"id":6187,"title":"VideoWhisper Live Streaming Integration - ls/htmlchat.php Multiple Parameter XSS","url":"http://www.securityfocus.com/bid/61977,http://seclists.org/bugtraq/2013/Aug/163","osvdb":"96593","cve":"2013-5714","secunia":"54619","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"auctionPlugin":{"vulnerabilities":[{"id":6188,"title":"Sitemile Auctions 2.0.1.3 - wp-content/plugins/auctionPlugin/upload.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113568/","osvdb":"83075","secunia":"49497","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"lb-mixed-slideshow":{"vulnerabilities":[{"id":6189,"title":"LB Mixed Slideshow 1.0 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/113844/","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"lim4wp":{"vulnerabilities":[{"id":6190,"title":"Lim4wp 1.1.1 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/113846/","osvdb":"83016","secunia":"49609","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"wp-imagezoom":{"vulnerabilities":[{"id":6191,"title":"Wp-ImageZoom 1.0.3 - download.php File Upload PHP Code Execution","url":"http://www.opensyscom.fr/Actualites/wordpress-plugins-wp-imagezoom-remote-file-disclosure-vulnerability.html","osvdb":"83015","secunia":"49612","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"},{"id":6192,"title":"Wp-ImageZoom 1.0.3 - Remote File Disclosure","url":"http://packetstormsecurity.com/files/113845/","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"},{"id":6193,"title":"Wp-ImageZoom - zoom.php id Parameter SQL Injection","url":"http://www.securityfocus.com/bid/56691,http://xforce.iss.net/xforce/xfdb/80285","osvdb":"87870","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"invit0r":{"vulnerabilities":[{"id":6194,"title":"Invit0r 0.22 - Shell Upload","url":"http://packetstormsecurity.com/files/113639/","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"announces":{"vulnerabilities":[{"id":6195,"title":"Annonces 1.2.0.1 - Shell Upload","url":"http://packetstormsecurity.com/files/113637/","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"contus-video-galleryversion-10":{"vulnerabilities":[{"id":6196,"title":"Contus Video Gallery 1.3 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/113571/","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"contus-hd-flv-player":{"vulnerabilities":[{"id":6197,"title":"Contus HD FLV Player \u003c= 1.3 - SQL Injection Vulnerability","exploitdb":"17678","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"},{"id":6198,"title":"Contus HD FLV Player 1.7 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/113570/","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"user-meta":{"vulnerabilities":[{"id":6199,"title":"User Meta Version 1.1.1 - Arbitrary File Upload Vulnerability","osvdb":"82902","exploitdb":"19052","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"topquark":{"vulnerabilities":[{"id":6200,"title":"Top Quark Architecture 2.1.0 - lib/js/fancyupload/showcase/batch/script.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113522/","osvdb":"82843","secunia":"49465","exploitdb":"19053","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"sfbrowser":{"vulnerabilities":[{"id":6201,"title":"SFBrowser 1.4.5 - connectors/php/sfbrowser.php File Upload PHP Code Execution","osvdb":"82845","secunia":"49466","exploitdb":"19054","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"pica-photo-gallery":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6202,"title":"Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability","exploitdb":"19055","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"},{"id":6203,"title":"PICA Photo Gallery 1.0 - Remote File Disclosure","url":"http://www.securityfocus.com/bid/53893","exploitdb":"19016","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"}]}},{"mac-dock-gallery":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6204,"title":"Mac Photo Gallery - Two Security Bypass Security Issues","secunia":"49923","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z"},{"id":6205,"title":"Mac Photo Gallery - Multiple Script Insertion Vulnerabilities","secunia":"49836","created_at":"2014-08-01T10:58:40.000Z","updated_at":"2014-08-01T10:58:40.000Z","fixed_in":"3.0"},{"id":6206,"title":"Mac Photo Gallery 2.7 - upload-file.php File Upload PHP Code Execution","osvdb":"82844","secunia":"49468","exploitdb":"19056","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"drag-drop-file-uploader":{"vulnerabilities":[{"id":6207,"title":"drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability","exploitdb":"19057","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"custom-content-type-manager":{"vulnerabilities":[{"id":6208,"title":"Custom Content Type Manager 0.9.5.13pl - upload_form.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113520/","osvdb":"82904","exploitdb":"19058","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"wp-gpx-map":{"vulnerabilities":[{"id":6209,"title":"wp-gpx-max version 1.1.21 - Arbitrary File Upload","url":"http://www.securityfocus.com/bid/53909,http://packetstormsecurity.org/files/113523/","osvdb":"82900","cve":"2012-6649","exploitdb":"19050","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z","fixed_in":"1.1.23"}]}},{"front-file-manager":{"vulnerabilities":[{"id":6210,"title":"Front File Manager 0.1 - Arbitrary File Upload","exploitdb":"19012","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"front-end-upload":{"vulnerabilities":[{"id":6211,"title":"Front End Upload 0.5.3 - Arbitrary File Upload","exploitdb":"19008","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"},{"id":6212,"title":"Front End Upload 0.5.4 - Arbitrary PHP File Upload","exploitdb":"20083","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"omni-secure-files":{"vulnerabilities":[{"id":6213,"title":"Omni Secure Files 0.1.13 - Arbitrary File Upload","url":"http://www.securityfocus.com/bid/53872","osvdb":"82790","secunia":"49441","exploitdb":"19009","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"easy-contact-forms-exporter":{"vulnerabilities":[{"id":6214,"title":"Easy Contact Forms Export 1.1.0 - Information Disclosure Vulnerability","exploitdb":"19013","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"plugin-newsletter":{"vulnerabilities":[{"id":6215,"title":"Plugin Newsletter 1.5 - Remote File Disclosure Vulnerability","url":"http://packetstormsecurity.org/files/113413/","osvdb":"82703","cve":"2012-3588","secunia":"49464","exploitdb":"19018","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"rbxgallery":{"vulnerabilities":[{"id":6216,"title":"RBX Gallery 2.1 - uploader.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113414/,http://xforce.iss.net/xforce/xfdb/76170","osvdb":"82796","cve":"2012-3575","secunia":"49463","exploitdb":"19019","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"simple-download-button-shortcode":{"vulnerabilities":[{"id":6217,"title":"Simple Download Button Shortcode 1.0 - Remote File Disclosure","exploitdb":"19020","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"thinkun-remind":{"vulnerabilities":[{"id":6218,"title":"Thinkun Remind 1.1.3 - Remote File Disclosure","exploitdb":"19021","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"tinymce-thumbnail-gallery":{"vulnerabilities":[{"id":6219,"title":"Tinymce Thumbnail Gallery 1.0.7 - download-image.php href Parameter Traversal Arbitrary File Access","url":"http://packetstormsecurity.org/files/113417/","osvdb":"82706","secunia":"49460","exploitdb":"19022","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"wpstorecart":{"vulnerabilities":[{"id":6220,"title":"wpStoreCart 2.5.27-2.5.29 - Arbitrary File Upload","exploitdb":"19023","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"gallery-plugin":{"vulnerabilities":[{"id":6221,"title":"Gallery 3.06 - gallery-plugin/upload/php.php File Upload PHP Code Execution","osvdb":"82661","exploitdb":"18998","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"},{"id":6222,"title":"Gallery Plugin 3.8.3 - gallery-plugin.php filename_1 Parameter Arbitrary File Access","url":"http://packetstormsecurity.com/files/119458/,http://www.securityfocus.com/bid/57256,http://seclists.org/bugtraq/2013/Jan/45","osvdb":"89124","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"font-uploader":{"vulnerabilities":[{"id":6223,"title":"Font Uploader 1.2.4 - Arbitrary File Upload","url":"http://www.securityfocus.com/bid/53853","osvdb":"82657","cve":"2012-3814","exploitdb":"18994","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"wp-property":{"vulnerabilities":[{"id":6224,"title":"WP Property \u003c= 1.38.3.2 - Non-administrative User XMLI Remote Information Disclosure","osvdb":"102709","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z","fixed_in":"1.38.4"},{"id":6225,"title":"WP Property \u003c= 1.35.0 - Arbitrary File Upload","url":"http://packetstormsecurity.com/files/113274/","osvdb":"82656","secunia":"49394","exploitdb":"18987,23651","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z","metasploit":"exploits/unix/webapp/wp_property_upload_exec"}]}},{"wpmarketplace":{"vulnerabilities":[{"id":6226,"title":"WP Marketplace 1.5.0-1.6.1 - Arbitrary File Upload","exploitdb":"18988","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"},{"id":6227,"title":"WP Marketplace 1.2.1 - File Enumeration Weakness and File Upload Vulnerabilities","url":"http://www.securityfocus.com/bid/52960","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z","fixed_in":"1.2.2"}]}},{"store-locator-le":{"vulnerabilities":[{"id":6228,"title":"Google Maps via Store Locator - Multiple Vulnerabilities","exploitdb":"18989","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"},{"id":6229,"title":"store-locator-le - SQL Injection","secunia":"51757","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z","fixed_in":"3.8.7"}]}},{"html5avmanager":{"vulnerabilities":[{"id":6230,"title":"HTML5 AV Manager 0.2.7 - Arbitrary File Upload","url":"http://www.securityfocus.com/bid/53804","exploitdb":"18990","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"}]}},{"foxypress":{"vulnerabilities":[{"id":6231,"title":"Foxypress 0.4.1.1-0.4.2.1 - Arbitrary File Upload","url":"http://packetstormsecurity.com/files/113576/,http://www.securityfocus.com/bid/53805","exploitdb":"18991,19100","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z","metasploit":"exploits/unix/webapp/php_wordpress_foxypress"},{"id":6232,"title":"FoxyPress 0.4.2.5 - XSS, CSRF, SQL Injection","url":"http://packetstormsecurity.com/files/117768/","secunia":"51109","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"},{"id":6233,"title":"FoxyPress 0.4.2.5 - documenthandler.php prefix Parameter SQL Injection","url":"http://xforce.iss.net/xforce/xfdb/79698","osvdb":"86804","exploitdb":"22374","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"},{"id":6234,"title":"FoxyPress 0.4.2.5 - foxypress-manage-emails.php id Parameter SQL Injection","url":"http://xforce.iss.net/xforce/xfdb/79697","osvdb":"86805","exploitdb":"22374","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"},{"id":6235,"title":"FoxyPress 0.4.2.5 - inventory-category.php Multiple Parameter SQL Injection","url":"http://xforce.iss.net/xforce/xfdb/79697","osvdb":"86806","exploitdb":"22374","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"},{"id":6236,"title":"FoxyPress 0.4.2.5 - reports.php Multiple Parameter XSS","url":"http://xforce.iss.net/xforce/xfdb/79699","osvdb":"86807","exploitdb":"22374","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"},{"id":6237,"title":"FoxyPress 0.4.2.5 - foxypress-affiliate.php aff_id Parameter XSS","url":"http://xforce.iss.net/xforce/xfdb/79699","osvdb":"86808","exploitdb":"22374","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"},{"id":6238,"title":"FoxyPress 0.4.2.5 - affiliate-management.php Multiple Parameter SQL Injection","url":"http://xforce.iss.net/xforce/xfdb/79697","osvdb":"86809","exploitdb":"22374","created_at":"2014-08-01T10:58:41.000Z","updated_at":"2014-08-01T10:58:41.000Z"},{"id":6239,"title":"FoxyPress 0.4.2.5 - foxypress-manage-emails.php id Parameter XSS","url":"http://xforce.iss.net/xforce/xfdb/79699","osvdb":"86810","exploitdb":"22374","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6240,"title":"FoxyPress 0.4.2.5 - order-management.php status Parameter XSS","url":"http://xforce.iss.net/xforce/xfdb/79699","osvdb":"86811","exploitdb":"22374","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6241,"title":"FoxyPress 0.4.2.5 - affiliate-management.php page Parameter XSS","url":"http://xforce.iss.net/xforce/xfdb/79699","osvdb":"86812","exploitdb":"22374","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6242,"title":"FoxyPress 0.4.2.5 - foxypress-affiliate.php url Parameter Arbitrary Site Redirect","url":"http://xforce.iss.net/xforce/xfdb/79700","osvdb":"86813","exploitdb":"22374","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6243,"title":"FoxyPress 0.4.2.5 - Multiple CSV File Direct Request Information Disclosure","url":"http://xforce.iss.net/xforce/xfdb/79701","osvdb":"86814","exploitdb":"22374","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6244,"title":"FoxyPress 0.4.2.5 - ajax.php Access Restriction Multiple Command Execution","url":"http://xforce.iss.net/xforce/xfdb/79703","osvdb":"86815","exploitdb":"22374","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6245,"title":"FoxyPress 0.4.2.5 - Multiple Script Direct Request Path Disclosure","url":"http://xforce.iss.net/xforce/xfdb/79704","osvdb":"86816","exploitdb":"22374","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6246,"title":"FoxyPress 0.4.2.5 - Multiple Object Deletion CSRF","url":"http://xforce.iss.net/xforce/xfdb/79702","osvdb":"86817","exploitdb":"22374","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6247,"title":"FoxyPress 0.4.2.5 - documenthandler.php File Upload Arbitrary Code Execution","url":"http://xforce.iss.net/xforce/xfdb/79697","osvdb":"86818","exploitdb":"22374","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"}]}},{"track-that-stat":{"vulnerabilities":[{"id":6248,"title":"Track That Stat \u003c= 1.0.8 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112722/,http://www.securityfocus.com/bid/53551","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"}]}},{"wp-facethumb":{"vulnerabilities":[{"id":6249,"title":"WP-Facethumb Gallery \u003c= 0.1 - Reflected Cross Site Scripting","url":"http://packetstormsecurity.com/files/112658/","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"}]}},{"wp-survey-and-quiz-tool":{"vulnerabilities":[{"id":6250,"title":"Survey And Quiz Tool \u003c= 2.9.2 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112685/","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"}]}},{"wp-statistics":{"vulnerabilities":[{"id":6251,"title":"WP Statistics \u003c= 2.2.4 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112686/","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"}]}},{"wp-easy-gallery":{"vulnerabilities":[{"id":6252,"title":"WP Easy Gallery \u003c= 2.7 - CSRF","url":"https://plugins.trac.wordpress.org/changeset?reponame=\u0026old=669527@wp-easy-gallery\u0026new=669527@wp-easy-gallery","secunia":"49190","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z","fixed_in":"2.7.3"},{"id":6253,"title":"WP Easy Gallery 2.7 - admin/overview.php galleryId Parameter SQL Injection","osvdb":"105012","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z","fixed_in":"2.7.1"},{"id":6254,"title":"WP Easy Gallery 2.7 - admin/add-images.php Multiple Parameter SQL Injection","osvdb":"105013","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z","fixed_in":"2.7.1"},{"id":6255,"title":"WP Easy Gallery 2.7 - Multiple Admin Function CSRF","osvdb":"105014","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z","fixed_in":"2.7.1"},{"id":6256,"title":"WP Easy Gallery \u003c= 1.7 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112687/","secunia":"49190","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z","fixed_in":"2.7.3"}]}},{"subscribe2":{"vulnerabilities":[{"id":6257,"title":"Subscribe2 \u003c= 8.0 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112688/,http://www.securityfocus.com/bid/53538","secunia":"49189","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z","fixed_in":"8.1"}]}},{"soundcloud-is-gold":{"vulnerabilities":[{"id":6258,"title":"Soundcloud Is Gold \u003c= 2.1 - 'action' Parameter Cross Site Scripting Vulnerability","url":"http://packetstormsecurity.com/files/112689/,http://www.securityfocus.com/bid/53537","osvdb":"81919","cve":"2012-6624","secunia":"49188","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"}]}},{"sharebar":{"vulnerabilities":[{"id":6259,"title":"Sharebar \u003c= 1.2.5 - sharebar-admin.php page Parameter XSS","url":"http://packetstormsecurity.com/files/123365/","osvdb":"98078","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6260,"title":"Sharebar \u003c= 1.2.5 - Button Manipulation CSRF","url":"http://www.securityfocus.com/bid/60956","osvdb":"94843","cve":"2013-3491","secunia":"52948","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6261,"title":"Sharebar 1.2.3 - wp-admin/options-general.php status Parameter XSS","osvdb":"81465","secunia":"48908","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6262,"title":"Sharebar \u003c= 1.2.1 - SQL Injection / Cross Site Scripting","url":"http://packetstormsecurity.com/files/112690/","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z","fixed_in":"1.2.2"}]}},{"share-and-follow":{"vulnerabilities":[{"id":6263,"title":"Share And Follow \u003c= 1.80.3 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112691/","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"}]}},{"sabre":{"vulnerabilities":[{"id":6264,"title":"SABRE \u003c= 1.2.0 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112692/","osvdb":"82269","cve":"2012-2916","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z","fixed_in":"1.2.2"}]}},{"pretty-link":{"vulnerabilities":[{"id":6265,"title":"Pretty Link Lite \u003c= 1.5.2 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112693/","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6266,"title":"Pretty Link Lite \u003c= 1.6.1 - Cross Site Scripting","secunia":"50980","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"},{"id":6267,"title":"pretty-link - XSS in SWF","url":"http://seclists.org/bugtraq/2013/Feb/100,http://packetstormsecurity.com/files/120433/","cve":"2013-1636","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"}]}},{"newsletter-manager":{"vulnerabilities":[{"id":6268,"title":"Newsletter Manager \u003c= 1.0.2 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112694/","osvdb":"102186,102548,102549,102550,81920","cve":"2012-6628","secunia":"49183","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z","fixed_in":"1.0.2"},{"id":6269,"title":"Newsletter Manager 1.0.2 - Cross Site Scripting \u0026 Cross-Site Request Forgery","cve":"2012-6627,2012-6629","secunia":"49152","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"}]}},{"network-publisher":{"vulnerabilities":[{"id":6270,"title":"Network Publisher \u003c= 5.0.1 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112695/","created_at":"2014-08-01T10:58:42.000Z","updated_at":"2014-08-01T10:58:42.000Z"}]}},{"leaguemanager":{"vulnerabilities":[{"id":6271,"title":"LeagueManager \u003c= 3.7 - wp-admin/admin.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/112698/,http://www.securityfocus.com/bid/53525,http://xforce.iss.net/xforce/xfdb/75629","osvdb":"82266","secunia":"49949","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"},{"id":6272,"title":"LeagueManager 3.8 - SQL Injection","osvdb":"91442","cve":"2013-1852","exploitdb":"24789","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"}]}},{"leaflet":{"vulnerabilities":[{"id":6273,"title":"Leaflet \u003c= 0.0.1 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112699/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"}]}},{"joliprint":{"vulnerabilities":[{"id":6274,"title":"PDF And Print Button Joliprint \u003c= 1.3.0 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112700/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"}]}},{"iframe-admin-pages":{"vulnerabilities":[{"id":6275,"title":"IFrame Admin Pages \u003c= 0.1 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112701/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"}]}},{"ezpz-one-click-backup":{"vulnerabilities":[{"id":6276,"title":"EZPZ One Click Backup \u003c= 12.03.10 - OS Command Injection","url":"http://www.openwall.com/lists/oss-security/2014/05/01/11","osvdb":"106511","cve":"2014-3114","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"},{"id":6277,"title":"EZPZ One Click Backup \u003c= 12.03.10 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112705/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"}]}},{"dynamic-widgets":{"vulnerabilities":[{"id":6278,"title":"Dynamic Widgets \u003c= 1.5.1 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112706/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"}]}},{"download-monitor":{"vulnerabilities":[{"id":6279,"title":"Download Monitor \u003c= 3.3.6.1 - wp-admin/admin.php Multiple Parameter XSS (Note: This plugin changed its version numbering, this may produce false positive)","url":"http://www.securityfocus.com/bid/61407,http://xforce.iss.net/xforce/xfdb/85921","osvdb":"95613","cve":"2013-5098,2013-3262","secunia":"53116","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"3.3.6.2"},{"id":6280,"title":"Download Monitor \u003c= 3.3.5.7 - index.php dlsearch Parameter XSS (Note: This plugin changed its version numbering, this may produce false positive)","url":"http://www.reactionpenetrationtesting.co.uk/wordpress-download-monitor-xss.html","osvdb":"85319","cve":"2012-4768","secunia":"50511","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"3.3.5.9"},{"id":6281,"title":"Download Monitor \u003c= 3.3.5.4 - Cross Site Scripting (Note: This plugin changed its version numbering, this may produce false positive)","url":"http://packetstormsecurity.com/files/112707/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"},{"id":6282,"title":"Download Monitor 2.0.6 - wp-download_monitor/download.php id Parameter SQL Injection (Note: This plugin changed its version numbering, this may produce false positive)","osvdb":"44616","cve":"2008-2034","secunia":"29876","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"2.0.8"}]}},{"download-manager":{"vulnerabilities":[{"id":6283,"title":"Download Manager 2.5.8 - Download Package file Parameter Stored XSS","url":"http://www.securityfocus.com/bid/64159","osvdb":"101143","cve":"2013-7319","secunia":"55969","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"2.5.9"},{"id":6284,"title":"Download Manager \u003c= 2.2.2 - admin.php cid Parameter XSS","url":"http://packetstormsecurity.com/files/112708/","osvdb":"81449","secunia":"48927","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"2.2.3"}]}},{"codestyling-localization":{"vulnerabilities":[{"id":6285,"title":"Code Styling Localization \u003c= 1.99.17 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112709/","secunia":"49037","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"1.99.20"}]}},{"catablog":{"vulnerabilities":[{"id":6286,"title":"Catablog \u003c= 1.6 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112619/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"}]}},{"bad-behavior":{"vulnerabilities":[{"id":6287,"title":"Bad Behavior \u003c= 2.24 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112619/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"}]}},{"bulletproof-security":{"vulnerabilities":[{"id":6288,"title":"BulletProof Security \u003c= .47 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112618/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":".47.1"},{"id":6289,"title":"BulletProof Security - Security Log Script Insertion Vulnerability","osvdb":"95928,95929,95930","cve":"2013-3487","secunia":"53614","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":".49"}]}},{"better-wp-security":{"vulnerabilities":[{"id":6290,"title":"Better WP Security 3.6.3 - Online Backup Storage current_time Function Brute Force Disclosure","url":"http://packetstormsecurity.com/files/125219/","osvdb":"103358","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"},{"id":6291,"title":"Better WP Security 3.6.3 - /wp-admin/admin-ajax.php license Parameter Stored XSS Weakness","url":"http://packetstormsecurity.com/files/125219/","osvdb":"103357","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"},{"id":6292,"title":"Better WP Security 3.5.5 - inc/admin/content.php id_specialfile Parameter Stored XSS","osvdb":"101788","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"3.5.6"},{"id":6293,"title":"Better WP Security \u003c= 3.5.3 - inc/secure.php logevent Function URL Handling Stored XSS","url":"http://packetstormsecurity.com/files/122615/,https://github.com/wpscanteam/wpscan/issues/251,http://www.securityfocus.com/archive/1/527634/30/0/threaded","osvdb":"95884","secunia":"54299","exploitdb":"27290","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"3.5.4"},{"id":6294,"title":"Better WP Security 3.4.3 - Multiple XSS","url":"http://seclists.org/bugtraq/2012/Oct/9","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"3.4.4"},{"id":6295,"title":"Better WP Security \u003c= 3.2.4 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112617/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"3.2.5"}]}},{"custom-contact-forms":{"vulnerabilities":[{"id":6296,"title":"Custom Contact Forms \u003c= 5.0.0.1 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112616/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"}]}},{"2-click-socialmedia-button":{"vulnerabilities":[{"id":6297,"title":"2-Click-Socialmedia-Buttons \u003c= 0.34 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112615/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"},{"id":6298,"title":"2-Click-Socialmedia-Buttons \u003c= 0.32.2 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112711/","secunia":"49181","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"0.35"}]}},{"login-with-ajax":{"vulnerabilities":[{"id":6299,"title":"Login With Ajax - Cross Site Scripting","url":"http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-003/","osvdb":"81712","cve":"2012-2759","secunia":"49013","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"3.0.4.1"},{"id":6300,"title":"Login With Ajax - Cross-Site Request Forgery Vulnerability","osvdb":"93031","cve":"2013-2707","secunia":"52950","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z","fixed_in":"3.1"}]}},{"media-library-categories":{"vulnerabilities":[{"id":6301,"title":"Media Library Categories \u003c= 1.0.6 - SQL Injection Vulnerability","exploitdb":"17628","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"},{"id":6302,"title":"Media Library Categories \u003c= 1.1.1 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112697/","osvdb":"81916,109601","cve":"2012-6630","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"}]}},{"deans-fckeditor-with-pwwangs-code-plugin-for-wordpress":{"vulnerabilities":[{"id":6303,"title":"FCKeditor Deans With Pwwangs Code \u003c= 1.0.0 - Remote Shell Upload","url":"http://packetstormsecurity.com/files/111319/","created_at":"2014-08-01T10:58:43.000Z","updated_at":"2014-08-01T10:58:43.000Z"}]}},{"zingiri-web-shop":{"vulnerabilities":[{"id":6304,"title":"Zingiri Web Shop 2.6.5 - fwkfor/ajax/uploadfilexd.php Unspecified Issue","osvdb":"103554","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"2.6.6"},{"id":6305,"title":"Zingiri Web Shop 2.6.4 - mform.php Unspecified Issue","osvdb":"101717","secunia":"56230","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"2.6.5"},{"id":6306,"title":"Zingiri Web Shop 2.5.0 - ajaxfilemanager.php path Parameter File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/118318/,http://www.securityfocus.com/bid/56659,http://xforce.iss.net/xforce/xfdb/80257","osvdb":"87833","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z"},{"id":6307,"title":"Zingiri Web Shop 2.4.3 - Shell Upload","url":"http://packetstormsecurity.com/files/113668/","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z"},{"id":6308,"title":"Zingiri Web Shop - Cookie SQL Injection Vulnerability","secunia":"49398","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"2.4.8"},{"id":6309,"title":"Zingiri Web Shop \u003c= 2.4.0 - zing.inc.php page Parameter XSS","url":"http://www.securityfocus.com/bid/53278,http://xforce.iss.net/xforce/xfdb/75178","osvdb":"81492","cve":"2012-6506","secunia":"48991","exploitdb":"18787","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"2.4.2"},{"id":6310,"title":"Zingiri Web Shop \u003c= 2.4.0 - onecheckout.php notes Parameter XSS","url":"http://www.securityfocus.com/bid/53278,http://xforce.iss.net/xforce/xfdb/75179","osvdb":"81493","cve":"2012-6506","secunia":"48991","exploitdb":"18787","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"2.4.2"},{"id":6311,"title":"Zingiri Web Shop \u003c= 2.3.5 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112684/","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z"}]}},{"organizer":{"vulnerabilities":[{"id":6312,"title":"Organizer 1.2.1 - Cross Site Scripting / Path Disclosure","url":"http://packetstormsecurity.com/files/112086/,http://packetstormsecurity.com/files/113800/","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z"}]}},{"zingiri-tickets":{"vulnerabilities":[{"id":6313,"title":"Zingiri Tickets 2.1.2 - Unspecified Issue","osvdb":"105015","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"2.1.3"},{"id":6314,"title":"Zingiri Tickets - File Disclosure","url":"http://packetstormsecurity.com/files/111904/","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z"}]}},{"cms-tree-page-view":{"vulnerabilities":[{"id":6315,"title":"CMS Tree Page View 1.2.4 - Page Creation CSRF","osvdb":"91270","secunia":"52581","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.2.5"},{"id":6316,"title":"CMS Tree Page View 0.8.8 - XSS vulnerability","url":"https://www.htbridge.com/advisory/HTB23083,http://www.securityfocus.com/bid/52708,http://xforce.iss.net/xforce/xfdb/74337","osvdb":"80573","secunia":"48510","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"0.8.9"}]}},{"all-in-one-event-calendar":{"vulnerabilities":[{"id":6317,"title":"All-in-One Event Calendar 1.4 - Multiple XSS vulnerabilities","url":"http://seclists.org/bugtraq/2012/Apr/70","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z"},{"id":6318,"title":"All-in-One Event Calendar 1.9 - wp-admin/post-new.php Multiple Parameter XSS","url":"http://www.firefart.net/sql-injection-and-xss-in-all-in-one-event-calendar-wordpress-plugin/","osvdb":"96271","secunia":"54038","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.10"},{"id":6319,"title":"All-in-One Event Calendar 1.9 - index.php Multiple Parameter SQL Injection","url":"http://www.firefart.net/sql-injection-and-xss-in-all-in-one-event-calendar-wordpress-plugin/","osvdb":"96272","secunia":"54038","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.10"}]}},{"buddypress":{"vulnerabilities":[{"id":6320,"title":"Buddypress \u003c= 1.9.1 - Crafted bp_new_group_id Cookie Arbitrary Group Manipulation","url":"http://packetstormsecurity.com/files/125213/","osvdb":"103308","cve":"2014-1889","secunia":"56950","exploitdb":"31571","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.9.2"},{"id":6321,"title":"Buddypress \u003c= 1.9.1 - groups/create/step/group-details/ Group Name Field Stored XSS","url":"http://packetstormsecurity.com/files/125212/","osvdb":"103307","cve":"2014-1888","secunia":"56950","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.9.2"},{"id":6322,"title":"BuddyPress 1.7.1 - bp-activity-classes.php Multiple Parameter SQL Injection","osvdb":"104761","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.7.2"},{"id":6323,"title":"BuddyPress 1.7.1 - bp-blogs-classes.php Multiple Parameter SQL Injection","osvdb":"104761","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.7.2"},{"id":6324,"title":"BuddyPress 1.7.1 - bp-friends/bp-friends-classes.php Multiple Parameter SQL Injection","osvdb":"104760","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.7.2"},{"id":6325,"title":"BuddyPress 1.7.1 - bp-core/bp-core-classes.php Multiple Parameter SQL Injection","osvdb":"104759","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.7.2"},{"id":6326,"title":"BuddyPress 1.7.1 - bp-core/bp-core-functions.php page_ids Parameter SQL Injection","osvdb":"104758","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.7.2"},{"id":6327,"title":"BuddyPress 1.7.1 - bp-core/bp-core-filters.php user_ids Parameter SQL Injection","osvdb":"104757","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.7.2"},{"id":6328,"title":"BuddyPress 1.7.1 - bp-core/bp-core-cache.php object_ids Parameter SQL Injection","osvdb":"104755","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.7.2"},{"id":6329,"title":"Buddypress - player.swf / jwplayer.swf playerready Parameter XSS","url":"http://packetstormsecurity.com/files/119020/,http://xforce.iss.net/xforce/xfdb/80840","osvdb":"88886","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z"},{"id":6330,"title":"Buddypress \u003c= 1.5.4 - wp-load.php exclude Parameter SQL Injection","osvdb":"80763","cve":"2012-2109","exploitdb":"18690","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.5.5"},{"id":6331,"title":"BuddyPress 1.2.9 - groups/test-group/activity/ activity_ids Parameter SQL Injection","osvdb":"104756","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z","fixed_in":"1.2.10"}]}},{"register-plus-redux":{"vulnerabilities":[{"id":6332,"title":"Register Plus Redux \u003c= 3.8.3 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/111367/","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z"}]}},{"magn-html5-drag-and-drop-media-uploader":{"vulnerabilities":[{"id":6333,"title":"Magn WP Drag and Drop \u003c= 1.1.4 - Upload Shell Upload Vulnerability","url":"http://packetstormsecurity.com/files/110103/","created_at":"2014-08-01T10:58:44.000Z","updated_at":"2014-08-01T10:58:44.000Z"}]}},{"kish-guest-posting":{"vulnerabilities":[{"id":6334,"title":"Kish Guest Posting 1.0 - Arbitrary File Upload","exploitdb":"18412","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"}]}},{"allwebmenus-wordpress-menu-plugin":{"vulnerabilities":[{"id":6335,"title":"AllWebMenus Shell Upload \u003c= 1.1.9 - Shell Upload","url":"http://packetstormsecurity.com/files/108946/","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"},{"id":6336,"title":"AllWebMenus 1.1.3 - Remote File Inclusion","osvdb":"75615","cve":"2011-3981","secunia":"46068","exploitdb":"17861","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"1.1.4"}]}},{"shortcode-redirect":{"vulnerabilities":[{"id":6337,"title":"Shortcode Redirect \u003c= 1.0.01 - Stored Cross Site Scripting","url":"http://packetstormsecurity.com/files/108914/","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"}]}},{"ucan-post":{"vulnerabilities":[{"id":6338,"title":"uCan Post \u003c= 1.0.09 - Stored XSS","exploitdb":"18390","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"}]}},{"wp-cycle-playlist":{"vulnerabilities":[{"id":6339,"title":"WP Cycle Playlist - Multiple Vulnerabilities","url":"http://1337day.com/exploit/17396","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"}]}},{"myeasybackup":{"vulnerabilities":[{"id":6340,"title":"myEASYbackup 1.0.8.1 - Directory Traversal","url":"http://packetstormsecurity.com/files/108711/","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"}]}},{"count-per-day":{"vulnerabilities":[{"id":6341,"title":"Count per Day 3.2.5 - wp-admin/index.php daytoshow Parameter XSS","url":"http://packetstormsecurity.com/files/120649/","osvdb":"90893","secunia":"52436","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"},{"id":6342,"title":"Count per Day 3.2.5 - counter.php HTTP Referer Header XSS","url":"http://packetstormsecurity.com/files/120870/","osvdb":"91491","exploitdb":"24859","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"},{"id":6343,"title":"Count Per Day 3.2.3 - notes.php Malformed Requests Remote DoS","url":"http://packetstormsecurity.com/files/120631/,http://seclists.org/fulldisclosure/2013/Mar/43","osvdb":"90833","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"},{"id":6344,"title":"Count Per Day 3.2.3 - Multiple Script Direct Request Path Disclosure","url":"http://packetstormsecurity.com/files/120631/,http://seclists.org/fulldisclosure/2013/Mar/43","osvdb":"90832","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"},{"id":6345,"title":"Count Per Day 3.2.3 - notes.php note Parameter XSS","url":"http://packetstormsecurity.com/files/115904/","osvdb":"84933","secunia":"50450","exploitdb":"20862","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"},{"id":6346,"title":"Count Per Day 3.2.2 - notes.php note Parameter XSS","osvdb":"84920","secunia":"50419","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"3.2.3"},{"id":6347,"title":"Count Per Day 3.1.1 - userperspan.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/114787/,http://www.securityfocus.com/bid/54258","osvdb":"83491","cve":"2012-3434","secunia":"49692","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"3.2"},{"id":6348,"title":"Count Per Day \u003c= 3.1 - download.php f Parameter Traversal Arbitrary File Access","url":"http://xforce.iss.net/xforce/xfdb/72385,http://packetstormsecurity.org/files/108631/","osvdb":"78270","secunia":"47529","exploitdb":"18355","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"3.1.1"},{"id":6349,"title":"Count Per Day \u003c= 3.1 - map.php map Parameter XSS","url":"http://xforce.iss.net/xforce/xfdb/72385,http://packetstormsecurity.org/files/108631/","osvdb":"78271","secunia":"47529","exploitdb":"18355","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"3.1.1"},{"id":6350,"title":"Count per Day \u003c= 2.17 - SQL Injection Vulnerability","osvdb":"75598","secunia":"46051","exploitdb":"17857","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"3.0"}]}},{"wp-autoyoutube":{"vulnerabilities":[{"id":6351,"title":"WP-AutoYoutube \u003c= 0.1 - Blind SQL Injection Vulnerability","url":"http://1337day.com/exploit/17368","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"}]}},{"age-verification":{"vulnerabilities":[{"id":6352,"title":"Age Verification \u003c= 0.4 - Open Redirect","osvdb":"82584","cve":"2012-6499","exploitdb":"18350","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"}]}},{"yousaytoo-auto-publishing-plugin":{"vulnerabilities":[{"id":6353,"title":"Yousaytoo Auto Publishing \u003c= 1.0 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/108470/","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"}]}},{"pay-with-tweet":{"vulnerabilities":[{"id":6354,"title":"Pay With Tweet \u003c= 1.1 - Multiple Vulnerabilities","exploitdb":"18330","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"}]}},{"wp-whois":{"vulnerabilities":[{"id":6355,"title":"Whois Search \u003c= 1.4.2 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/108271/","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"}]}},{"upm-polls":{"vulnerabilities":[{"id":6356,"title":"UPM-POLLS 1.0.4 - BLIND SQL injection","exploitdb":"18231","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"}]}},{"disqus-comment-system":{"vulnerabilities":[{"id":6357,"title":"Disqus \u003c= 2.75 - Remote Code Execution Vuln","url":"http://blog.sucuri.net/2014/06/anatomy-of-a-remote-code-execution-bug-on-disqus.html","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"2.76"},{"id":6358,"title":"Disqus Comment System \u003c= 2.68 - Reflected Cross-Site Scripting (XSS)","url":"http://www.ethicalhack3r.co.uk/security/wordpress-plugin-disqus-comment-system-xss/","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"2.69"},{"id":6359,"title":"Disqus Blog Comments - Blind SQL Injection Vulnerability","osvdb":"85935","exploitdb":"20913","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z"}]}},{"wp-recaptcha":{"vulnerabilities":[{"id":6360,"title":"Google reCAPTCHA \u003c= 3.1.3 - Reflected XSS Vulnerability","url":"http://security-sh3ll.blogspot.com/2011/12/google-recaptcha-wordpress-plugin.html","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"3.1.4"}]}},{"link-library":{"vulnerabilities":[{"id":6361,"title":"Link Library 5.8.0.9 - Multiple Unspecified Issues","osvdb":"102842","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"5.8.1"},{"id":6362,"title":"Link Library 5.1.6 - link-library-ajax.php Multiple Parameter SQL Injection","osvdb":"102804","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"5.1.7"},{"id":6363,"title":"Link Library 5.0.8 - wp-content/plugins/link-library/tracker.php id Parameter XSS","osvdb":"74561","secunia":"45588","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"5.0.9"},{"id":6364,"title":"Link Library 5.0.8 - wp-content/plugins/link-library/tracker.php id Parameter SQL Injection","osvdb":"74562","secunia":"45588","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"5.0.9"},{"id":6365,"title":"Link Library \u003c= 5.2.1 - SQL Injection","osvdb":"84579","exploitdb":"17887","created_at":"2014-08-01T10:58:45.000Z","updated_at":"2014-08-01T10:58:45.000Z","fixed_in":"5.7.9.7"}]}},{"cevhershare":{"vulnerabilities":[{"id":6366,"title":"CevherShare 2.0 - SQL Injection Vulnerability","exploitdb":"17891","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z"}]}},{"meenews":{"vulnerabilities":[{"id":6367,"title":"meenews 5.1 - Cross-Site Scripting Vulnerabilities","url":"http://seclists.org/bugtraq/2011/Nov/151","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z"}]}},{"clickdesk-live-support-chat":{"vulnerabilities":[{"id":6368,"title":"Click Desk Live Support Chat - Cross Site Scripting Vulnerability","url":"http://seclists.org/bugtraq/2011/Nov/148","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"2.0"}]}},{"adminimize":{"vulnerabilities":[{"id":6369,"title":"adminimize 1.7.21 - 'page' Parameter Cross Site Scripting Vulnerability","url":"http://www.securityfocus.com/bid/50745,http://seclists.org/bugtraq/2011/Nov/135","osvdb":"77472","cve":"2011-4926","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"1.7.22"}]}},{"advanced-text-widget":{"vulnerabilities":[{"id":6370,"title":"Advanced Text Widget \u003c= 2.0.0 - Cross Site Scripting Vulnerability","url":"http://seclists.org/bugtraq/2011/Nov/133","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z"}]}},{"mm-duplicate":{"vulnerabilities":[{"id":6371,"title":"MM Duplicate \u003c= 1.2 - SQL Injection Vulnerability","exploitdb":"17707","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z"}]}},{"wp-menu-creator":{"vulnerabilities":[{"id":6372,"title":"Menu Creator \u003c= 1.1.7 - SQL Injection Vulnerability","exploitdb":"17689","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z"}]}},{"allow-php-in-posts-and-pages":{"vulnerabilities":[{"id":6373,"title":"Allow PHP in Posts and Pages \u003c= 2.0.0.RC2 - SQL Injection Vulnerability","exploitdb":"17688","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"2.1.0"}]}},{"global-content-blocks":{"vulnerabilities":[{"id":6374,"title":"Global Content Blocks \u003c= 1.2 - SQL Injection Vulnerability","exploitdb":"17687","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z"}]}},{"ajaxgallery":{"vulnerabilities":[{"id":6375,"title":"Ajax Gallery \u003c= 3.0 - SQL Injection Vulnerability","exploitdb":"17686","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z"}]}},{"wp-ds-faq":{"vulnerabilities":[{"id":6376,"title":"WP DS FAQ \u003c= 1.3.2 - ajax.php id Parameter SQL Injection","osvdb":"74574","secunia":"45640","exploitdb":"17683","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z"}]}},{"wp-ds-faq-plus":{"vulnerabilities":[{"id":6377,"title":"WP DS FAQ Plus 1.0.12 - Multiple Unspecified Issues","osvdb":"106614","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"1.0.13"},{"id":6378,"title":"WP DS FAQ Plus 1.0.11 - Multiple Unspecified Issues","osvdb":"106615","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"1.0.12"},{"id":6379,"title":"WP DS FAQ Plus 1.0.3 - Multiple Unspecified CSRF","osvdb":"106618","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"1.0.3"},{"id":6380,"title":"WP DS FAQ Plus - Unspecified SQL Injection","osvdb":"106724","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"1.0.0"}]}},{"odihost-newsletter-plugin":{"vulnerabilities":[{"id":6381,"title":"OdiHost Newsletter \u003c= 1.0 - SQL Injection Vulnerability","exploitdb":"17681","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z"}]}},{"easy-contact-form-lite":{"vulnerabilities":[{"id":6382,"title":"Easy Contact Form Lite \u003c= 1.0.7 - SQL Injection Vulnerability","exploitdb":"17680","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z"}]}},{"wp-symposium":{"vulnerabilities":[{"id":6383,"title":"WP Symposium 13.04 - invite.php u Parameter Arbitrary Site Redirect","osvdb":"92274","cve":"2013-2694","secunia":"52925","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z"},{"id":6384,"title":"WP Symposium 13.02 - wp-symposium/invite.php u Parameter XSS","osvdb":"92275","cve":"2013-2695","secunia":"52864","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"13.04"},{"id":6385,"title":"WP Symposium \u003c= 12.09 - ajax/symposium_groups_functions.php gid Parameter SQL Injection","url":"http://www.securityfocus.com/bid/57478,http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/","osvdb":"89455","secunia":"50674","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"12.12"},{"id":6386,"title":"WP Symposium \u003c= 12.09 - index.php uid Parameter SQL Injection","url":"http://www.securityfocus.com/bid/57478,http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/","osvdb":"89456","secunia":"50674","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"12.12"},{"id":6387,"title":"WP Symposium \u003c= 12.09 - ajax/symposium_profile_functions.php friend_to Parameter SQL Injection","url":"http://www.securityfocus.com/bid/57478,http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/","osvdb":"89457","secunia":"50674","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"12.12"},{"id":6388,"title":"WP Symposium \u003c= 12.09 - ajax/symposium_forum_functions.php Multiple Parameter SQL Injection","url":"http://www.securityfocus.com/bid/57478,http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/","osvdb":"89458","secunia":"50674","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"12.12"},{"id":6389,"title":"WP Symposium \u003c= 12.09 - get_album_item.php size Parameter SQL Injection","url":"http://www.securityfocus.com/bid/57478,http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/","osvdb":"89459","secunia":"50674","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"12.12"},{"id":6390,"title":"WP Symposium \u003c= 12.07.07 - ajax/symposium_ajax_functions.php Authentication Bypass","osvdb":"83696","secunia":"49791","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z"},{"id":6391,"title":"WP Symposium \u003c= 12.06.16 - ajax/symposium_forum_functions.php tid Parameter SQL Injection","osvdb":"83662","secunia":"49534","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"12.07.01"},{"id":6392,"title":"WP Symposium \u003c= 12.06.16 - ajax/symposium_group_functions.php uid1 Parameter SQL Injection","osvdb":"83663","secunia":"49534","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"12.07.01"},{"id":6393,"title":"WP Symposium \u003c= 12.06.16 - ajax/symposium_bar_functions.php chat_to Parameter SQL Injection","osvdb":"83668","secunia":"49534","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"12.07.01"},{"id":6394,"title":"WP Symposium \u003c= 12.06.16 - ajax/symposium_mail_functions.php Multiple Parameter SQL Injection","osvdb":"83675","secunia":"49534","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"12.07.01"},{"id":6395,"title":"WP Symposium \u003c= 11.11.26 - uploadify/upload_admin_avatar.php File Upload Remote PHP Code Execution","url":"http://xforce.iss.net/xforce/xfdb/72012","osvdb":"78041","cve":"2011-5051","secunia":"46097","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"11.12.24"},{"id":6396,"title":"WP Symposium \u003c= 11.11.26 - uploadify/upload_profile_avatar.php File Upload Remote PHP Code Execution","url":"http://xforce.iss.net/xforce/xfdb/72012","osvdb":"78042","cve":"2011-5051","secunia":"46097","created_at":"2014-08-01T10:58:46.000Z","updated_at":"2014-08-01T10:58:46.000Z","fixed_in":"11.12.24"},{"id":6397,"title":"WP Symposium \u003c= 11.11.26 - uploadify/get_profile_avatar.php uid Parameter XSS","url":"http://www.securityfocus.com/bid/51017,http://xforce.iss.net/xforce/xfdb/71748","osvdb":"77634","cve":"2011-3841","secunia":"47243","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z","fixed_in":"11.12.08"},{"id":6398,"title":"WP Symposium \u003c= 0.64 - uploadify/get_profile_avatar.php uid Parameter SQL Injection","osvdb":"74664","secunia":"47243","exploitdb":"17679","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z","fixed_in":"11.08.18"}]}},{"file-groups":{"vulnerabilities":[{"id":6399,"title":"File Groups \u003c= 1.1.2 - SQL Injection Vulnerability","exploitdb":"17677","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"ip-logger":{"vulnerabilities":[{"id":6400,"title":"IP-Logger \u003c= 3.0 - SQL Injection Vulnerability","exploitdb":"17673","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"beer-recipes":{"vulnerabilities":[{"id":6401,"title":"Beer Recipes 1.0 - XSS","exploitdb":"17453","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"is-human":{"vulnerabilities":[{"id":6402,"title":"Is-human \u003c= 1.4.2 - Remote Command Execution Vulnerability","exploitdb":"17299","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"editormonkey":{"vulnerabilities":[{"id":6403,"title":"EditorMonkey - (FCKeditor) Arbitrary File Upload","exploitdb":"17284","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"sermon-browser":{"vulnerabilities":[{"id":6404,"title":"SermonBrowser 0.43 - SQL Injection","exploitdb":"17214","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"ajax-category-dropdown":{"vulnerabilities":[{"id":6405,"title":"Ajax Category Dropdown 0.1.5 - Multiple Vulnerabilities","exploitdb":"17207","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"wp-custom-pages":{"vulnerabilities":[{"id":6406,"title":"WP Custom Pages 0.5.0.1 - LFI Vulnerability","exploitdb":"17119","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"flash-album-gallery":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6407,"title":"GRAND Flash Album Gallery 2.70- \"s\" Cross-Site Scripting Vulnerability","osvdb":"93714","cve":"2013-3261","secunia":"53111","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z","fixed_in":"2.72"},{"id":6408,"title":"GRAND Flash Album Gallery 2.55 - \"gid\" SQL Injection Vulnerability","osvdb":"93087","secunia":"53356","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z","fixed_in":"2.56"},{"id":6409,"title":"GRAND Flash Album Gallery - Multiple Vulnerabilities","secunia":"51100","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z","fixed_in":"2.17"},{"id":6410,"title":"GRAND Flash Album Gallery 1.9.0 and 2.0.0 - Multiple Vulnerabilities","url":"http://packetstormsecurity.com/files/117665/,http://www.waraxe.us/advisory-94.html","secunia":"51601","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"},{"id":6411,"title":"GRAND Flash Album Gallery \u003c= 1.71 - wp-admin/admin.php skin Parameter XSS","url":"http://packetstormsecurity.com/files/112704/","osvdb":"81923","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z","fixed_in":"1.76"},{"id":6412,"title":"GRAND Flash Album Gallery \u003c= 1.56 - XSS Vulnerability","url":"http://seclists.org/bugtraq/2011/Nov/186","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"},{"id":6413,"title":"GRAND Flash Album Gallery 0.55 - lib/hitcounter.php pid Parameter SQL Injection","osvdb":"71072","secunia":"43648","exploitdb":"16947","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"},{"id":6414,"title":"GRAND Flash Album Gallery 0.55 - admin/news.php want2Read Parameter Traversal Arbitrary File Access","osvdb":"71073","secunia":"43648","exploitdb":"16947","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"php_speedy_wp":{"vulnerabilities":[{"id":6415,"title":"PHP Speedy \u003c= 0.5.2 - (admin_container.php) Remote Code Exec Exploit","exploitdb":"16273","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"old-post-spinner":{"vulnerabilities":[{"id":6416,"title":"OPS Old Post Spinner 2.2.1 - LFI Vulnerability","exploitdb":"16251","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"jquery-mega-menu":{"vulnerabilities":[{"id":6417,"title":"jQuery Mega Menu 1.0 - Local File Inclusion","exploitdb":"16250","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"iwant-one-ihave-one":{"vulnerabilities":[{"id":6418,"title":"IWantOneButton 3.0.1 - Multiple Vulnerabilities","exploitdb":"16236","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"forum-server":{"vulnerabilities":[{"id":6419,"title":"WP Forum Server \u003c= 1.7.3 - wpf-insert.php edit_post_id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/112703/","osvdb":"75463","cve":"2012-6625","secunia":"45974","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z","fixed_in":"1.7.4"},{"id":6420,"title":"WP Forum Server \u003c= 1.7.3 - fs-admin/wpf-add-forum.php groupid Parameter XSS","url":"http://packetstormsecurity.com/files/112703/,http://www.securityfocus.com/bid/65215","osvdb":"102185","cve":"2012-6623","secunia":"49167","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"},{"id":6421,"title":"WP Forum Server \u003c= 1.7.3 - fs-admin/fs-admin.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/112703/","osvdb":"81914","cve":"2012-6622","secunia":"49155","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"},{"id":6422,"title":"WP Forum Server \u003c= 1.7 - SQL Injection Vulnerability","exploitdb":"17828","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"},{"id":6423,"title":"WP Forum Server 1.6.5 - feed.php topic Parameter SQL Injection","url":"http://www.securityfocus.com/bid/46360,http://www.securityfocus.com/bid/46362","osvdb":"70994","cve":"2011-1047","secunia":"43306","exploitdb":"16235","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"},{"id":6424,"title":"WP Forum Server 1.6.5 - index.php Multiple Parameter SQL Injection","url":"http://www.securityfocus.com/bid/46362","osvdb":"70993","cve":"2011-1047","secunia":"43306","exploitdb":"16235","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"relevanssi":{"vulnerabilities":[{"id":6425,"title":"Relevanssi 3.2 - Unspecified SQL Injection","url":"http://www.securityfocus.com/bid/65960","osvdb":"104014","secunia":"56641","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z","fixed_in":"3.3"},{"id":6426,"title":"Relevanssi 2.7.2 - Stored XSS Vulnerability","osvdb":"71236","secunia":"43461","exploitdb":"16233","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z","fixed_in":"2.7.3"}]}},{"gigpress":{"vulnerabilities":[{"id":6427,"title":"GigPress 2.1.10 - Stored XSS Vulnerability","exploitdb":"16232","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"}]}},{"comment-rating":{"vulnerabilities":[{"id":6428,"title":"Comment Rating 2.9.32 - Security Bypass Weakness and SQL Injection","url":"http://packetstormsecurity.com/files/120569/","osvdb":"90676","secunia":"52348","exploitdb":"24552","created_at":"2014-08-01T10:58:47.000Z","updated_at":"2014-08-01T10:58:47.000Z"},{"id":6429,"title":"Comment Rating 2.9.23 - Multiple Vulnerabilities","osvdb":"71044","secunia":"43406","exploitdb":"16221","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"2.9.24"}]}},{"z-vote":{"vulnerabilities":[{"id":6430,"title":"Z-Vote 1.1 - SQL Injection Vulnerability","exploitdb":"16218","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"}]}},{"user-photo":{"vulnerabilities":[{"id":6431,"title":"User Photo - Component Remote File Upload Vulnerability","osvdb":"71071","cve":"2013-1916","exploitdb":"16181","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"0.9.5"}]}},{"enable-media-replace":{"vulnerabilities":[{"id":6432,"title":"Enable Media Replace - Multiple Vulnerabilities","exploitdb":"16144","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"}]}},{"mingle-forum":{"vulnerabilities":[{"id":6433,"title":"Mingle Forum \u003c= 1.0.32.1 - Cross Site Scripting / SQL Injection","url":"http://packetstormsecurity.com/files/108915/","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"},{"id":6434,"title":"Mingle Forum \u003c= 1.0.31 - SQL Injection Vulnerability","exploitdb":"17894","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"},{"id":6435,"title":"Mingle Forum \u003c= 1.0.26 - Multiple Vulnerabilities","exploitdb":"15943","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"},{"id":6436,"title":"Mingle Forum \u003c= 1.0.33 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112696/","secunia":"49171","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"1.0.33.2"},{"id":6437,"title":"Mingle Forum 1.0.33.3 - fs-admin.php togroupusers Parameter XSS","osvdb":"90432","cve":"2013-0734","secunia":"52167","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"1.0.34"},{"id":6438,"title":"Mingle Forum 1.0.33.3 - wpf.class.php search_words Parameter XSS","osvdb":"90433","cve":"2013-0734","secunia":"52167","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"1.0.34"},{"id":6439,"title":"Mingle Forum 1.0.33.3 - wpf.class.php Multiple Parameter SQL Injection","osvdb":"90434","cve":"2013-0735","secunia":"52167","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"1.0.34"},{"id":6440,"title":"Mingle Forum 1.0.35 - Privilege Escalation CSRF","osvdb":"96905","cve":"2013-0736","secunia":"47687","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"}]}},{"accept-signups":{"vulnerabilities":[{"id":6441,"title":"Accept Signups 0.1 - XSS","exploitdb":"15808","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"}]}},{"events-manager-extended":{"vulnerabilities":[{"id":6442,"title":"Events Manager Extended - Persistent XSS Vulnerability","exploitdb":"14923","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"}]}},{"nextgen-smooth-gallery":{"vulnerabilities":[{"id":6443,"title":"NextGEN Smooth Gallery - Blind SQL Injection Vulnerability","exploitdb":"14541","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"},{"id":6444,"title":"NextGen Smooth Gallery - XSS","url":"http://packetstormsecurity.com/files/123074/","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"}]}},{"mylinksdump":{"vulnerabilities":[{"id":6445,"title":"myLDlinker - SQL Injection Vulnerability","exploitdb":"14441","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"}]}},{"firestats":{"vulnerabilities":[{"id":6446,"title":"Firestats - Remote Configuration File Download","exploitdb":"14308","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"}]}},{"simple-press":{"vulnerabilities":[{"id":6447,"title":"Simple Press - SQL Injection Vulnerability","exploitdb":"14198","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"}]}},{"cimy-counter":{"vulnerabilities":[{"id":6448,"title":"Cimy Counter - Vulnerabilities","exploitdb":"14057","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"}]}},{"nextgen-gallery":{"vulnerabilities":[{"id":6449,"title":"NextGEN Gallery \u0026 2.0.66 - Arbitrary File Upload (the user must have upload privileges)","url":"http://packetstormsecurity.com/files/127340/wpnextgen2063-shell.txt","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"2.0.66"},{"id":6450,"title":"NextGEN Gallery 2.0.0 - Directory Traversal","url":"http://seclists.org/fulldisclosure/2014/Feb/171,https://security.dxw.com/advisories/directory-traversal-in-nextgen-gallery-2-0-0/","osvdb":"103473","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"2.0.7"},{"id":6451,"title":"NextGEN Gallery - SWF Vulnerable to XSS","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","secunia":"51271","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"1.9.8"},{"id":6452,"title":"NextGEN Gallery - swfupload.swf Multiple Cross Site Scripting Vulnerabilities","url":"http://www.securityfocus.com/bid/60433","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"},{"id":6453,"title":"NextGEN Gallery 1.9.12 - Arbitrary File Upload","url":"http://wordpress.org/plugins/nextgen-gallery/changelog/","osvdb":"94232","cve":"2013-3684","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"1.9.13"},{"id":6454,"title":"NextGEN Gallery 1.9.11 - xml/json.php Crafted Request Parsing Path Disclosure","osvdb":"90242","cve":"2013-0291","secunia":"52137","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"},{"id":6455,"title":"NextGEN Gallery 1.9.5 - gallerypath Parameter Stored XSS","osvdb":"97690","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z"},{"id":6456,"title":"NextGEN Gallery \u003c= 1.9.0 - admin/manage-galleries.php paged Parameter XSS","osvdb":"78363","secunia":"47588","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"1.9.1"},{"id":6457,"title":"NextGEN Gallery \u003c= 1.9.0 - admin/manage-images.php paged Parameter XSS","osvdb":"78364","secunia":"47588","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"1.9.1"},{"id":6458,"title":"NextGEN Gallery \u003c= 1.9.0 - admin/manage.php Multiple Parameter XSS","osvdb":"78365","secunia":"47588","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"1.9.1"},{"id":6459,"title":"NextGEN Gallery \u003c= 1.8.3 - wp-admin/admin.php search Parameter XSS","osvdb":"76576","secunia":"46602","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"1.8.4"},{"id":6460,"title":"NextGEN Gallery \u003c= 1.8.3 - Tag Deletion CSRF","osvdb":"76577","secunia":"46602","created_at":"2014-08-01T10:58:48.000Z","updated_at":"2014-08-01T10:58:48.000Z","fixed_in":"1.8.4"},{"id":6461,"title":"NextGEN Gallery \u003c= 1.7.3 - xml/ajax.php Path Disclosure","osvdb":"72023","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z","fixed_in":"1.7.4"},{"id":6462,"title":"NextGEN Gallery \u003c= 1.5.1 - xml/media-rss.php mode Parameter XSS","url":"http://www.securityfocus.com/bid/39250","osvdb":"63574","secunia":"39341","exploitdb":"12098","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z","fixed_in":"1.5.2"}]}},{"cpl":{"vulnerabilities":[{"id":6463,"title":"Copperleaf Photolog - SQL injection","exploitdb":"11458","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"events-calendar":{"vulnerabilities":[{"id":6464,"title":"Events Calendar - SQL Injection Vulnerability","osvdb":"95677","exploitdb":"10929","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z","fixed_in":"6.7.10"},{"id":6465,"title":"Events Calendar - wp-admin/admin.php EC_id Parameter XSS","osvdb":"74705","secunia":"45717","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z","fixed_in":"6.7.12a"}]}},{"ImageManager":{"vulnerabilities":[{"id":6466,"title":"Image Manager - Shell Upload Vulnerability","exploitdb":"10325","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"wp-cumulus":{"vulnerabilities":[{"id":6467,"title":"WP-Cumulus \u003c= 1.20 - Vulnerabilities","exploitdb":"10228","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"},{"id":6468,"title":"WP-Cumulus - Cross Site Scripting Vulnerabily","url":"http://seclists.org/fulldisclosure/2011/Nov/340","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z","fixed_in":"1.23"}]}},{"wp-syntax":{"vulnerabilities":[{"id":6469,"title":"WP-Syntax \u003c 0.9.10 - Remote Command Execution","exploitdb":"9431","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z","fixed_in":"0.9.10"}]}},{"my-category-order":{"vulnerabilities":[{"id":6470,"title":"My Category Order \u003c= 2.8 - SQL Injection Vulnerability","exploitdb":"9150","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"related-sites":{"vulnerabilities":[{"id":6471,"title":"Related Sites 2.1 - Blind SQL Injection Vulnerability","exploitdb":"9054","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"dm-albums":{"vulnerabilities":[{"id":6107,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:58:37.000Z","updated_at":"2014-08-01T10:58:37.000Z"},{"id":6472,"title":"DM Albums 1.9.2 - Remote File Disclosure Vulnerability","exploitdb":"9048","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"},{"id":6473,"title":"DM Albums 1.9.2 - Remote File Inclusion Vuln","exploitdb":"9043","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"photoracer":{"vulnerabilities":[{"id":6474,"title":"Photoracer 1.0 - (id) SQL Injection Vulnerability","exploitdb":"8961","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"},{"id":6475,"title":"Photoracer \u003c= 1.0 - SQL Injection Vulnerability","exploitdb":"17720","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"},{"id":6476,"title":"Photoracer \u003c= 1.0 - Multiple Vulnerabilities","exploitdb":"17731","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"wp-lytebox":{"vulnerabilities":[{"id":6477,"title":"Lytebox - Local File Inclusion Vulnerability","exploitdb":"8791","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"fmoblog":{"vulnerabilities":[{"id":6478,"title":"fMoblog 2.1 - (id) SQL Injection Vulnerability","exploitdb":"8229","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"page-flip-image-gallery":{"vulnerabilities":[{"id":6479,"title":"Page Flip Image Gallery \u003c= 0.2.2 - Remote FD Vuln","url":"http://www.securityfocus.com/bid/32966,http://xforce.iss.net/xforce/xfdb/47568","osvdb":"50902","cve":"2008-5752","secunia":"33274","exploitdb":"7543","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"wp-shopping-cart":{"vulnerabilities":[{"id":6480,"title":"e-Commerce \u003c= 3.4 - Arbitrary File Upload Exploit","exploitdb":"6867","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"downloads-manager":{"vulnerabilities":[{"id":6481,"title":"Download Manager 0.2 - Arbitrary File Upload Exploit","exploitdb":"6127","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"wpSS":{"vulnerabilities":[{"id":6482,"title":"Spreadsheet \u003c= 0.6 - SQL Injection Vulnerability","exploitdb":"5486","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"wp-download":{"vulnerabilities":[{"id":6483,"title":"Download - (dl_id) SQL Injection Vulnerability","exploitdb":"5326","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"sniplets":{"vulnerabilities":[{"id":6484,"title":"Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities","exploitdb":"5194","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"wp-photo-album":{"vulnerabilities":[{"id":6485,"title":"Photo album - Remote SQL Injection Vulnerability","exploitdb":"5135","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"sf-forum":{"vulnerabilities":[{"id":6486,"title":"Simple Forum 2.0-2.1 - SQL Injection Vulnerability","exploitdb":"5126","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"},{"id":6487,"title":"Simple Forum 1.10-1.11 - SQL Injection Vulnerability","exploitdb":"5127","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"st_newsletter":{"vulnerabilities":[{"id":6488,"title":"st_newsletter - Remote SQL Injection Vulnerability","exploitdb":"5053","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"},{"id":6489,"title":"st_newsletter - (stnl_iframe.php) SQL Injection Vulnerability","exploitdb":"6777","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"wordspew":{"vulnerabilities":[{"id":6490,"title":"Wordspew - Remote SQL Injection Vulnerability","exploitdb":"5039","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"dmsguestbook":{"vulnerabilities":[{"id":6491,"title":"dmsguestbook 1.7.0 - Multiple Remote Vulnerabilities","exploitdb":"5035","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"wassup":{"vulnerabilities":[{"id":6492,"title":"WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit","exploitdb":"5017","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"wp-adserve":{"vulnerabilities":[{"id":6493,"title":"Adserve 0.2 - adclick.php SQL Injection Exploit","exploitdb":"5013","created_at":"2014-08-01T10:58:49.000Z","updated_at":"2014-08-01T10:58:49.000Z"}]}},{"fgallery":{"vulnerabilities":[{"id":6494,"title":"fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability","exploitdb":"4993","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"wp-cal":{"vulnerabilities":[{"id":6495,"title":"WP-Cal 0.3 - editevent.php SQL Injection Vulnerability","exploitdb":"4992","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"wpforum":{"vulnerabilities":[{"id":6496,"title":"plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability","exploitdb":"4939","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"},{"id":6497,"title":"plugin WP-Forum 1.7.8 - Remote SQL Injection Vulnerability","exploitdb":"7738","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"wp-filemanager":{"vulnerabilities":[{"id":6498,"title":"wp-FileManager 1.2 - Remote Upload Vulnerability","exploitdb":"4844","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"},{"id":6499,"title":"wp-FileManager 1.3.0 - File Download Vulnerability","osvdb":"93446","secunia":"53421","exploitdb":"25440","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z","fixed_in":"1.4.0"}]}},{"pictpress":{"vulnerabilities":[{"id":6500,"title":"PictPress \u003c= 0.91 - Remote File Disclosure Vulnerability","exploitdb":"4695","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"backupwordpress":{"vulnerabilities":[{"id":6501,"title":"BackUp \u003c= 0.4.2b - RFI Vulnerability","exploitdb":"4593","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z","fixed_in":"0.4.3"}]}},{"myflash":{"vulnerabilities":[{"id":6502,"title":"Myflash \u003c= 1.00 - (wppath) RFI Vulnerability","exploitdb":"3828","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"},{"id":6503,"title":"Myflash - myextractXML.php path Parameter Arbitrary File Access","url":"http://packetstormsecurity.com/files/118400/","osvdb":"88260","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"wordtube":{"vulnerabilities":[{"id":6504,"title":"plugin wordTube \u003c= 1.43 - (wpPATH) RFI Vulnerability","exploitdb":"3825","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"wp-table":{"vulnerabilities":[{"id":6505,"title":"plugin wp-Table \u003c= 1.43 - (inc_dir) RFI Vulnerability","exploitdb":"3824","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"mygallery":{"vulnerabilities":[{"id":6506,"title":"myGallery \u003c= 1.4b4 - Remote File Inclusion Vulnerability","exploitdb":"3814","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"sendit":{"vulnerabilities":[{"id":6507,"title":"SendIt \u003c= 1.5.9 - Blind SQL Injection Vulnerability","exploitdb":"17716","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"js-appointment":{"vulnerabilities":[{"id":6508,"title":"Js-appointment \u003c= 1.5 - SQL Injection Vulnerability","exploitdb":"17724","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"mm-forms-community":{"vulnerabilities":[{"id":6509,"title":"MM Forms Community \u003c= 1.2.3 - SQL Injection Vulnerability","exploitdb":"17725","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"},{"id":6510,"title":"MM Forms Community 2.2.6 - Arbitrary File Upload","exploitdb":"18997","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"super-captcha":{"vulnerabilities":[{"id":6511,"title":"Super CAPTCHA \u003c= 2.2.4 - SQL Injection Vulnerability","exploitdb":"17728","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"collision-testimonials":{"vulnerabilities":[{"id":6512,"title":"Collision Testimonials \u003c= 3.0 - SQL Injection Vulnerability","exploitdb":"17729","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"oqey-headers":{"vulnerabilities":[{"id":6513,"title":"Oqey Headers \u003c= 0.3 - SQL Injection Vulnerability","exploitdb":"17730","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"fbpromotions":{"vulnerabilities":[{"id":6514,"title":"Facebook Promotions \u003c= 1.3.3 - SQL Injection Vulnerability","exploitdb":"17737","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"evarisk":{"vulnerabilities":[{"id":6515,"title":"Evarisk 5.1.5.4 - include/lib/actionsCorrectives/activite/uploadPhotoApres.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113638/","osvdb":"82960","secunia":"49521","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"},{"id":6516,"title":"Evarisk \u003c= 5.1.3.6 - SQL Injection Vulnerability","exploitdb":"17738","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"profiles":{"vulnerabilities":[{"id":6517,"title":"Profiles \u003c= 2.0RC1 - SQL Injection Vulnerability","exploitdb":"17739","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"mystat":{"vulnerabilities":[{"id":6518,"title":"mySTAT \u003c= 2.6 - SQL Injection Vulnerability","exploitdb":"17740","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"sh-slideshow":{"vulnerabilities":[{"id":6519,"title":"SH Slideshow \u003c= 3.1.4 - SQL Injection Vulnerability","exploitdb":"17748","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"copyright-licensing-tools":{"vulnerabilities":[{"id":6520,"title":"iCopyright(R) Article Tools \u003c= 1.1.4 - SQL Injection Vulnerability","exploitdb":"17749","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"advertizer":{"vulnerabilities":[{"id":6521,"title":"Advertizer \u003c= 1.0 - SQL Injection Vulnerability","exploitdb":"17750","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"event-registration":{"vulnerabilities":[{"id":6522,"title":"Event Registration \u003c= 5.44 - SQL Injection Vulnerability","exploitdb":"17814","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"},{"id":6523,"title":"Event Registration \u003c= 5.43 - SQL Injection Vulnerability","exploitdb":"17751","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"},{"id":6524,"title":"Event Registration 5.32 - SQL Injection Vulnerability","exploitdb":"15513","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"crawlrate-tracker":{"vulnerabilities":[{"id":6525,"title":"Craw Rate Tracker \u003c= 2.0.2 - SQL Injection Vulnerability","exploitdb":"17755","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"wp-audio-gallery-playlist":{"vulnerabilities":[{"id":6526,"title":"wp audio gallery playlist \u003c= 0.12 - SQL Injection Vulnerability","exploitdb":"17756","created_at":"2014-08-01T10:58:50.000Z","updated_at":"2014-08-01T10:58:50.000Z"}]}},{"yolink-search":{"vulnerabilities":[{"id":6527,"title":"yolink Search 2.5 - \"s\" Cross-Site Scripting Vulnerability","url":"http://www.securityfocus.com/bid/57665","osvdb":"89756","secunia":"52030","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z","fixed_in":"2.6"},{"id":6528,"title":"yolink Search \u003c= 1.1.4 - includes/bulkcrawl.php Multiple Parameter SQL Injection","osvdb":"74832","secunia":"45801","exploitdb":"17757","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"pure-html":{"vulnerabilities":[{"id":6529,"title":"PureHTML \u003c= 1.0.0 - SQL Injection Vulnerability","exploitdb":"17758","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"couponer":{"vulnerabilities":[{"id":6530,"title":"Couponer \u003c= 1.2 - SQL Injection Vulnerability","exploitdb":"17759","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"grapefile":{"vulnerabilities":[{"id":6531,"title":"grapefile \u003c= 1.1 - Arbitrary File Upload","exploitdb":"17760","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"image-gallery-with-slideshow":{"vulnerabilities":[{"id":6532,"title":"image-gallery-with-slideshow \u003c= 1.5 - Arbitrary File Upload / SQL Injection","exploitdb":"17761","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"wordpress-donation-plugin-with-goals-and-paypal-ipn-by-nonprofitcmsorg":{"vulnerabilities":[{"id":6533,"title":"Donation \u003c= 1.0 - SQL Injection Vulnerability","exploitdb":"17763","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"wp-bannerize":{"vulnerabilities":[{"id":6534,"title":"WP Bannerize \u003c= 2.8.6 - SQL Injection Vulnerability","osvdb":"74835","secunia":"45811","exploitdb":"17764","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z","fixed_in":"2.8.7"},{"id":6535,"title":"WP Bannerize \u003c= 2.8.7 - SQL Injection Vulnerability","osvdb":"76658","secunia":"46236","exploitdb":"17906","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z","fixed_in":"2.8.8"}]}},{"search-autocomplete":{"vulnerabilities":[{"id":6536,"title":"SearchAutocomplete \u003c= 1.0.8 - SQL Injection Vulnerability","exploitdb":"17767","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"videowhisper-video-presentation":{"vulnerabilities":[{"id":6537,"title":"VideoWhisper Video Presentation \u003c= 1.1 - SQL Injection Vulnerability","exploitdb":"17771","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"},{"id":6538,"title":"VideoWhisper Video Presentation 3.17 - 'vw_upload.php' Arbitrary File Upload Vulnerability","url":"http://www.securityfocus.com/bid/53851","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"facebook-opengraph-meta-plugin":{"vulnerabilities":[{"id":6539,"title":"Facebook Opengraph Meta \u003c= 1.0 - SQL Injection Vulnerability","exploitdb":"17773","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"zotpress":{"vulnerabilities":[{"id":6540,"title":"Zotpress \u003c= 4.4 - SQL Injection Vulnerability","exploitdb":"17778","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"oqey-gallery":{"vulnerabilities":[{"id":6541,"title":"oQey Gallery \u003c= 0.4.8 - SQL Injection Vulnerability","exploitdb":"17779","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"tweet-old-post":{"vulnerabilities":[{"id":6542,"title":"Tweet Old Post \u003c= 3.2.5 - SQL Injection Vulnerability","exploitdb":"17789","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"post-highlights":{"vulnerabilities":[{"id":6543,"title":"post highlights \u003c= 2.2 - SQL Injection Vulnerability","exploitdb":"17790","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"knr-author-list-widget":{"vulnerabilities":[{"id":6544,"title":"KNR Author List Widget \u003c= 2.0.0 - SQL Injection Vulnerability","exploitdb":"17791","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"scormcloud":{"vulnerabilities":[{"id":6545,"title":"SCORM Cloud \u003c= 1.0.6.6 - SQL Injection Vulnerability","osvdb":"77679","exploitdb":"17793","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z","fixed_in":"1.0.7"}]}},{"eventify":{"vulnerabilities":[{"id":6546,"title":"Eventify - Simple Events \u003c= 1.7.f - SQL Injection Vulnerability","exploitdb":"17794","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"paid-downloads":{"vulnerabilities":[{"id":6547,"title":"Paid Downloads \u003c= 2.01 - SQL Injection Vulnerability","exploitdb":"17797","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"community-events":{"vulnerabilities":[{"id":6548,"title":"Community Events \u003c= 1.2.1 - SQL Injection Vulnerability","exploitdb":"17798","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"1-flash-gallery":{"vulnerabilities":[{"id":6549,"title":"1-flash-gallery \u003c= 1.9.0 - XSS in ZeroClipboard.swf","url":"http://1337day.com/exploit/20396","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"},{"id":6550,"title":"1 Flash Gallery - Arbiraty File Upload Exploit (MSF)","exploitdb":"17801","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"wp-filebase":{"vulnerabilities":[{"id":6551,"title":"WP-Filebase Download Manager 0.3.0.02 - class/Admin.php GetFileHash Function Remote Command Execution","url":"http://www.securityfocus.com/bid/66341","osvdb":"105039","secunia":"57456","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z","fixed_in":"0.3.0.03"},{"id":6552,"title":"WP-Filebase 0.2.9.24- Unspecified Vulnerabilities","url":"http://xforce.iss.net/xforce/xfdb/80034","osvdb":"87294","secunia":"51269","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z","fixed_in":"0.2.9.25"},{"id":6553,"title":"WP-Filebase Download Manager \u003c= 0.2.9 - wpfb-ajax.php base Parameter SQL Injection","osvdb":"75308","secunia":"45931","exploitdb":"17808","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"a-to-z-category-listing":{"vulnerabilities":[{"id":6554,"title":"A to Z Category Listing \u003c= 1.3 - SQL Injection Vulnerability","exploitdb":"17809","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"}]}},{"wp-e-commerce":{"vulnerabilities":[{"id":6555,"title":"WP-e-Commerce 3.8.9.5 - Cross Site Scripting Vulnerability","url":"http://1337day.com/exploit/20517","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"},{"id":6556,"title":"WP-e-Commerce 3.8.9.5 - display-sales-logs.php c Parameter Remote Code Execution","url":"http://packetstormsecurity.com/files/124921/","osvdb":"102484","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"},{"id":6557,"title":"WP-e-Commerce 3.8.9.5 - misc.functions.php image_name Parameter Local File Inclusion","url":"http://packetstormsecurity.com/files/124921/","osvdb":"102485","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"},{"id":6558,"title":"WP-e-Commerce 3.8.9.5 - ajax.php wpsc_action Parameter Remote Code Execution","url":"http://packetstormsecurity.com/files/124921/","osvdb":"102486","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"},{"id":6559,"title":"WP-e-Commerce 3.8.9.5 - save-data.functions.php GIF File Upload","url":"http://packetstormsecurity.com/files/124921/","osvdb":"102497","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z"},{"id":6560,"title":"WP-e-Commerce 3.8.9 - purchase-log-list-table-class.php m Parameter XSS","url":"http://www.securityfocus.com/bid/56499,http://xforce.iss.net/xforce/xfdb/80048","osvdb":"88231","created_at":"2014-08-01T10:58:51.000Z","updated_at":"2014-08-01T10:58:51.000Z","fixed_in":"3.8.9.1"},{"id":6561,"title":"WP-e-Commerce 3.8.9 - purchaselogs.class.php view_purchlogs_by_status Parameter SQL Injection","url":"http://www.securityfocus.com/bid/56499,http://xforce.iss.net/xforce/xfdb/80042","osvdb":"88232","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z","fixed_in":"3.8.9.1"},{"id":6562,"title":"WP e-Commerce 3.8.6 - wpsc-cart_widget.php cart_messages Parameter XSS","osvdb":"74295","secunia":"45513","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z","fixed_in":"3.8.8"},{"id":6563,"title":"WP e-Commerce \u003c= 3.8.6 - SQL Injection Vulnerability","exploitdb":"17832","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"filedownload":{"vulnerabilities":[{"id":6564,"title":"Filedownload 0.1 - (download.php) Remote File Disclosure Vulnerability","exploitdb":"17858","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"thecartpress":{"vulnerabilities":[{"id":6565,"title":"TheCartPress \u003c= 1.6 - Cross Site Sripting","url":"http://packetstormsecurity.com/files/108272/","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"},{"id":6566,"title":"TheCartPress 1.1.1 - Remote File Inclusion","osvdb":"75616","exploitdb":"17860","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z","fixed_in":"1.1.2"}]}},{"wpeasystats":{"vulnerabilities":[{"id":6567,"title":"WPEasyStats 1.8 - Remote File Inclusion","exploitdb":"17862","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"annonces":{"vulnerabilities":[{"id":6568,"title":"Annonces 1.2.0.1 - admin/theme.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113637/","osvdb":"82948","secunia":"49488","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"livesig":{"vulnerabilities":[{"id":6569,"title":"Livesig 0.4 - Remote File Inclusion","exploitdb":"17864","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"disclosure-policy-plugin":{"vulnerabilities":[{"id":6570,"title":"Disclosure Policy 1.0 - Remote File Inclusion","exploitdb":"17865","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"mailz":{"vulnerabilities":[{"id":6571,"title":"Mailing List 1.3.2 - Remote File Inclusion","osvdb":"75617","exploitdb":"17866","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z","fixed_in":"1.3.4"},{"id":6572,"title":"Mailing List - Arbitrary file download","exploitdb":"18276","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z","fixed_in":"1.4.1"}]}},{"g-web-shop":{"vulnerabilities":[{"id":6573,"title":"Zingiri Web Shop 2.2.0 - Remote File Inclusion","exploitdb":"17867","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"},{"id":6574,"title":"Zingiri Web Shop \u003c= 2.2.3 - Remote Code Execution","exploitdb":"18111","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"mini-mail-dashboard-widget":{"vulnerabilities":[{"id":6575,"title":"Mini Mail Dashboard Widget 1.36 - wp-mini-mail.php abspath Parameter Remote File Inclusion","osvdb":"75402","secunia":"45953","exploitdb":"17868","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z","fixed_in":"1.37"},{"id":6576,"title":"Mini Mail Dashboard Widget 1.42 - Message Body XSS","osvdb":"85135","exploitdb":"20358","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z","fixed_in":"1.43"}]}},{"relocate-upload":{"vulnerabilities":[{"id":6577,"title":"Relocate Upload 0.14 - Remote File Inclusion","exploitdb":"17869","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"category-grid-view-gallery":{"vulnerabilities":[{"id":6578,"title":"Category Grid View Gallery 0.1.1 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"},{"id":6579,"title":"Category Grid View Gallery 2.3.1 - CatGridPost.php ID Parameter XSS","url":"http://packetstormsecurity.com/files/122259/","osvdb":"94805","cve":"2013-4117","secunia":"54035","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z","fixed_in":"2.3.3"}]}},{"auto-attachments":{"vulnerabilities":[{"id":6580,"title":"Auto Attachments 0.2.9 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"wp-marketplace":{"vulnerabilities":[{"id":6581,"title":"WP Marketplace 1.1.0 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"dp-thumbnail":{"vulnerabilities":[{"id":6582,"title":"DP Thumbnail 1.0 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"vk-gallery":{"vulnerabilities":[{"id":6583,"title":"Vk Gallery 1.1.0 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"rekt-slideshow":{"vulnerabilities":[{"id":6584,"title":"Rekt Slideshow 1.0.5 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"cac-featured-content":{"vulnerabilities":[{"id":6585,"title":"CAC Featured Content 0.8 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"rent-a-car":{"vulnerabilities":[{"id":6586,"title":"Rent A Car 1.0 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"lisl-last-image-slider":{"vulnerabilities":[{"id":6587,"title":"LISL Last Image Slider 1.0 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"islidex":{"vulnerabilities":[{"id":6588,"title":"Islidex 2.7 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"kino-gallery":{"vulnerabilities":[{"id":6589,"title":"Kino Gallery 1.0 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"cms-pack-cache":{"vulnerabilities":[{"id":6590,"title":"Cms Pack 1.3 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"a-gallery":{"vulnerabilities":[{"id":6591,"title":"A Gallery 0.9 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"category-list-portfolio-page":{"vulnerabilities":[{"id":6592,"title":"Category List Portfolio Page 0.9 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"really-easy-slider":{"vulnerabilities":[{"id":6593,"title":"Really Easy Slider 0.1 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:52.000Z","updated_at":"2014-08-01T10:58:52.000Z"}]}},{"verve-meta-boxes":{"vulnerabilities":[{"id":6594,"title":"Verve Meta Boxes 1.2.8 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"}]}},{"user-avatar":{"vulnerabilities":[{"id":6595,"title":"User Avatar 1.3.7 - shell upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"}]}},{"extend-wordpress":{"vulnerabilities":[{"id":6596,"title":"Extend 1.3.7 - Shell Upload vulnerability","url":"http://markmaunder.com/2011/08/01/zero-day-vulnerability-in-many-wordpress-themes/","osvdb":"75638","cve":"2011-4106","exploitdb":"17872","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"}]}},{"adrotate":{"vulnerabilities":[{"id":6597,"title":"AdRotate \u003c= 3.9.4 - clicktracker.php track Parameter SQL Injection","url":"http://packetstormsecurity.com/files/125330/","osvdb":"103578","cve":"2014-1854","secunia":"57079","exploitdb":"31834","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"3.9.5"},{"id":6598,"title":"AdRotate \u003c= 3.6.6 - SQL Injection Vulnerability","osvdb":"77507","cve":"2011-4671","secunia":"46814","exploitdb":"18114","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"3.6.8"},{"id":6599,"title":"AdRotate \u003c= 3.6.5 - SQL Injection Vulnerability","url":"http://unconciousmind.blogspot.com/2011/09/wordpress-adrotate-plugin-365-sql.html","osvdb":"77507","cve":"2011-4671","exploitdb":"17888","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"3.6.8"}]}},{"wp-spamfree":{"vulnerabilities":[{"id":6600,"title":"WP-SpamFree 3.2.1 - Spam SQL Injection Vulnerability","exploitdb":"17970","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"}]}},{"gd-star-rating":{"vulnerabilities":[{"id":6601,"title":"GD Star Rating 1.9.22 - gd-star-rating-stats.php s Parameter SQL Injection","url":"http://packetstormsecurity.com/files/125932/,http://seclists.org/fulldisclosure/2014/Mar/399,https://security.dxw.com/advisories/xss-csrf-and-blind-sql-injection-in-gd-star-rating-1-9-22/","osvdb":"105085","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"},{"id":6602,"title":"GD Star Rating 1.9.22 - gd-star-rating-stats.php Setting Manipulation CSRF","url":"http://packetstormsecurity.com/files/125932/,http://seclists.org/fulldisclosure/2014/Mar/399,https://security.dxw.com/advisories/xss-csrf-and-blind-sql-injection-in-gd-star-rating-1-9-22/","osvdb":"105086","secunia":"57667","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"},{"id":6603,"title":"GD Star Rating 1.9.18 - Export Security Bypass Security Issue","osvdb":"105086","secunia":"49850","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"1.9.19"},{"id":6604,"title":"GD Star Rating \u003c= 1.9.16 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112702/","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"},{"id":6605,"title":"GD Star Rating \u003c= 1.9.10 - gd-star-rating/export.php de Parameter SQL Injection","osvdb":"83466","exploitdb":"17973","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"},{"id":6606,"title":"GD Star Rating 1.9.7 - gd-star-rating/widgets/widget_top.php wpfn Parameter XSS","url":"http://seclists.org/bugtraq/2011/Feb/219","osvdb":"71060","secunia":"43403","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"}]}},{"contact-form-wordpress":{"vulnerabilities":[{"id":6607,"title":"Contact Form \u003c= 2.7.5 - SQL Injection","exploitdb":"17980","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"}]}},{"wp-photo-album-plus":{"vulnerabilities":[{"id":6608,"title":"WP Photo Album Plus \u003c= 4.1.1 - SQL Injection","exploitdb":"17983","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"},{"id":6609,"title":"WP Photo Album Plus \u003c= 4.8.12 - wp-photo-album-plus.php wppa-searchstring XSS","osvdb":"88851","secunia":"51669,51679","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"},{"id":6610,"title":"WP Photo Album Plus - Full Path Disclosure","url":"http://1337day.com/exploit/20125","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"4.9.1"},{"id":6611,"title":"WP Photo Album Plus - index.php wppa-tag Parameter XSS","osvdb":"89165","secunia":"51829","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"4.9.3"},{"id":6612,"title":"WP Photo Album Plus - \"commentid\" Cross-Site Scripting Vulnerability","osvdb":"93033","cve":"2013-3254","secunia":"53105","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"5.0.3"},{"id":6613,"title":"WP Photo Album Plus - wp-admin/admin.php edit_id Parameter XSS","osvdb":"94465","secunia":"53915","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"5.0.11"}]}},{"backwpup":{"vulnerabilities":[{"id":6614,"title":"BackWPUp 2.1.4 - Code Execution","exploitdb":"17987","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"},{"id":6615,"title":"plugin BackWPup 1.5.2, 1.6.1, 1.7.1 - Remote and Local Code Execution Vulnerability","osvdb":"71481","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"},{"id":6616,"title":"BackWPup 3.0.12 - wp-admin/admin.php tab Parameter XSS","url":"https://www.htbridge.com/advisory/HTB23161,http://packetstormsecurity.com/files/122916/","osvdb":"96505","cve":"2013-4626","secunia":"54515","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"3.0.13"}]}},{"portable-phpmyadmin":{"vulnerabilities":[{"id":6617,"title":"portable-phpMyAdmin - Authentication Bypass","osvdb":"88391","cve":"2012-5469","secunia":"51520","exploitdb":"23356","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"1.3.1"},{"id":6618,"title":"Portable phpMyAdmin - /pma/phpinfo.php Direct Request System Information Disclosure","url":"http://www.securityfocus.com/bid/63249,http://seclists.org/oss-sec/2013/q4/138","osvdb":"98766","cve":"2013-4454","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"},{"id":6619,"title":"Portable phpMyAdmin 1.4.1 - Multiple Script Direct Request Authentication Bypass","url":"http://seclists.org/oss-sec/2013/q4/138","osvdb":"98767","cve":"2013-4462","secunia":"55270","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z"}]}},{"super-refer-a-friend":{"vulnerabilities":[{"id":6620,"title":"super-refer-a-friend - Full Path Disclosure","url":"http://1337day.com/exploit/20126","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"1.0"}]}},{"w3-total-cache":{"vulnerabilities":[{"id":6621,"title":"W3 Total Cache - Username and Hash Extract","url":"http://seclists.org/fulldisclosure/2012/Dec/242,https://github.com/FireFart/W3TotalCacheExploit","osvdb":"92742,92741","cve":"2012-6079,2012-6078","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","metasploit":"auxiliary/gather/wp_w3_total_cache_hash_extract","fixed_in":"0.9.2.5"},{"id":6622,"title":"W3 Total Cache - Remote Code Execution","url":"http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/,http://wordpress.org/support/topic/pwn3d,http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html","osvdb":"92652","cve":"2013-2010","secunia":"53052","exploitdb":"25137","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","metasploit":"exploits/unix/webapp/php_wordpress_total_cache","fixed_in":"0.9.2.9"}]}},{"wp-super-cache":{"vulnerabilities":[{"id":6623,"title":"WP-Super-Cache 1.3 - Remote Code Execution","url":"http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/,http://wordpress.org/support/topic/pwn3d,http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"1.3.1"},{"id":6624,"title":"WP Super Cache 1.3 - trunk/wp-cache.php wp_nonce_url Function URI XSS","osvdb":"92832","cve":"2013-2008","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"1.3.1"},{"id":6625,"title":"WP Super Cache 1.3 - trunk/plugins/wptouch.php URI XSS","osvdb":"92831","cve":"2013-2008","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"1.3.1"},{"id":6626,"title":"WP Super Cache 1.3 - trunk/plugins/searchengine.php URI XSS","osvdb":"92830","cve":"2013-2008","created_at":"2014-08-01T10:58:53.000Z","updated_at":"2014-08-01T10:58:53.000Z","fixed_in":"1.3.1"},{"id":6627,"title":"WP Super Cache 1.3 - trunk/plugins/domain-mapping.php URI XSS","osvdb":"92829","cve":"2013-2008","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"1.3.1"},{"id":6628,"title":"WP Super Cache 1.3 - trunk/plugins/badbehaviour.php URI XSS","osvdb":"92828","cve":"2013-2008","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"1.3.1"},{"id":6629,"title":"WP Super Cache 1.3 - trunk/plugins/awaitingmoderation.php URI XSS","osvdb":"92827","cve":"2013-2008","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"1.3.1"}]}},{"ripe-hd-player":{"vulnerabilities":[{"id":6630,"title":"ripe-hd-player 1.0 - ripe-hd-player/config.php id Parameter SQL Injection","url":"http://xforce.iss.net/xforce/xfdb/81415","osvdb":"89437","exploitdb":"24229","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z"},{"id":6631,"title":"ripe-hd-player 1.0 - Multiple Script Direct Request Path Disclosure","url":"http://www.securityfocus.com/bid/57473,http://xforce.iss.net/xforce/xfdb/81414","osvdb":"89438","exploitdb":"24229","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z"}]}},{"floating-tweets":{"vulnerabilities":[{"id":6632,"title":"floating-tweets - persistent XSS","url":"http://packetstormsecurity.com/files/119499/,http://websecurity.com.ua/6023/","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z"},{"id":6633,"title":"floating-tweets - directory traversal","url":"http://packetstormsecurity.com/files/119499/,http://websecurity.com.ua/6023/","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z"}]}},{"ipfeuilledechou":{"vulnerabilities":[{"id":6634,"title":"ipfeuilledechou - SQL Injection Vulnerability","url":"http://www.exploit4arab.com/exploits/377,http://1337day.com/exploit/20206","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z"}]}},{"simple-login-log":{"vulnerabilities":[{"id":6635,"title":"Simple Login Log - XSS","secunia":"51780","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"0.9.4"},{"id":6636,"title":"Simple Login Log - SQL Injection","secunia":"51780","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"0.9.4"}]}},{"wp-slimstat":{"vulnerabilities":[{"id":6637,"title":"WP SlimStat 3.5.5 - Overview URI Stored XSS","osvdb":"104428","secunia":"57305","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"3.5.6"},{"id":6638,"title":"WP SlimStat 2.8.4 - wp-content/plugins/wp-slimstat/admin/view/panel1.php s Parameter XSS","osvdb":"89052","secunia":"51721","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"2.8.5"}]}},{"wp-slimstat-ex":{"vulnerabilities":[{"id":6639,"title":"SlimStat-Ex - Open Flash Chart Arbitrary File Creation Vulnerability","url":"http://packetstormsecurity.com/files/123494/","secunia":"55160","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z"}]}},{"browser-rejector":{"vulnerabilities":[{"id":6640,"title":"Browser Rejector - Remote and Local File Inclusion","osvdb":"89053","secunia":"51739","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"2.11"}]}},{"wp-file-uploader":{"vulnerabilities":[{"id":6641,"title":"File Uploader - PHP File Upload Vulnerability","url":"http://la.usch.io/2013/01/21/wordpress-file-uploader-plugin-php-file-upload-vulnerability/","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z"}]}},{"cardoza-wordpress-poll":{"vulnerabilities":[{"id":6642,"title":"Cardoza WordPress poll 34.05 - Multiple External Function Remote Poll Manipulation","url":"http://seclists.org/bugtraq/2013/Jan/86,http://packetstormsecurity.com/files/119736/","osvdb":"89443","cve":"2013-1401","secunia":"51925","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"34.06"},{"id":6643,"title":"Cardoza WordPress poll - CWPPoll.js Multiple Method pollid Parameter SQL Injection","url":"http://packetstormsecurity.com/files/119736/,http://www.girlinthemiddle.net/2013/01/multiple-sql-injection-vulnerabilities.html,http://seclists.org/bugtraq/2013/Jan/86","osvdb":"89444","cve":"2013-1400","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z"},{"id":6644,"title":"Cardoza WordPress poll - Multiple SQL Injection Vulnerabilities","secunia":"50910","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"33.6"}]}},{"devformatter":{"vulnerabilities":[{"id":6645,"title":"Developer Formatter 2013.0.1.40 - devformatter.php Multiple Action CSRF","url":"http://packetstormsecurity.com/files/119731/,http://seclists.org/bugtraq/2013/Jan/91,http://1337day.com/exploit/20210","osvdb":"89475","secunia":"51912","exploitdb":"24294","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"2013.0.1.41"},{"id":6646,"title":"Developer Formatter 2013.0.1.40 - devformatter.php Multiple Field XSS","url":"http://seclists.org/bugtraq/2013/Jan/91","osvdb":"89474","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"2013.0.1.41"}]}},{"dvs-custom-notification":{"vulnerabilities":[{"id":6647,"title":"DVS Custom Notification - Cross-Site Request Forgery Vulnerability","osvdb":"89441","cve":"2012-4921","secunia":"51531","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"1.0.1"}]}},{"events-manager":{"vulnerabilities":[{"id":6648,"title":"Events Manager 5.5.1 - Multiple Unspecified XSS Vulnerabilities","osvdb":"98198","secunia":"55182","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"5.5.2"},{"id":6649,"title":"Events Manager 5.3.8 - Event Search Form em_search Parameter XSS","url":"http://www.securityfocus.com/bid/60078","osvdb":"93556","secunia":"53478","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"5.3.9"},{"id":6650,"title":"Events Manager 5.3.8 - wp-admin/edit.php author Parameter XSS","url":"http://www.securityfocus.com/bid/60078","osvdb":"93557","secunia":"53478","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"5.3.9"},{"id":6651,"title":"Events Manager 5.3.8 - Event Editing redirect_to Parameter XSS","url":"http://www.securityfocus.com/bid/60078","osvdb":"93558","secunia":"53478","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"5.3.9"},{"id":6652,"title":"Events Manager 5.3.5 - wp-admin/admin-ajax.php dbem_phone Parameter XSS","osvdb":"90913","secunia":"52475","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"5.3.6"},{"id":6653,"title":"Events Manager 5.3.5 - index.php event_owner_name Parameter XSS","osvdb":"90914","secunia":"52475","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"5.3.6"},{"id":6654,"title":"Events Manager 5.3.5 - wp-admin/post.php Multiple Parameter XSS","osvdb":"90915","secunia":"52475","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"5.3.6"},{"id":6655,"title":"Events Manager 5.3.3 - templates/forms/bookingform/booking-fields.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/120688/,http://www.securityfocus.com/bid/57477","osvdb":"89488","cve":"2013-1407","secunia":"51869","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"5.3.4"},{"id":6656,"title":"Events Manager 5.3.3 - templates/templates/events-search.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/120688/,http://www.securityfocus.com/bid/57477","osvdb":"89487","cve":"2013-1407","secunia":"51869","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"5.3.4"},{"id":6657,"title":"Events Manager 5.3.3 - XSS classes/em-bookings-table.php wp_nonce Parameter XSS","url":"http://packetstormsecurity.com/files/120688/,http://www.securityfocus.com/bid/57477","osvdb":"89486","cve":"2013-1407","secunia":"51869","created_at":"2014-08-01T10:58:54.000Z","updated_at":"2014-08-01T10:58:54.000Z","fixed_in":"5.3.4"}]}},{"solvemedia":{"vulnerabilities":[{"id":6658,"title":"SolveMedia 1.1.0 - plugins.php API Key Manipulation CSRF","url":"http://1337day.com/exploit/20222","osvdb":"89585","secunia":"51927","exploitdb":"24364","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"1.1.1"},{"id":6659,"title":"SolveMedia 1.1.0 -  solvemedia.admin.inc Admin Options Page CSRF","osvdb":"106320","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"1.1.1"}]}},{"usc-e-shop":{"vulnerabilities":[{"id":6660,"title":"Welcart e-Commerce 1.3.12 - wp-admin/admin-ajax.php Multiple Parameter DOM-Based XSS","url":"http://packetstormsecurity.com/files/125513/,http://www.securityfocus.com/bid/65954","osvdb":"103956","secunia":"57222","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z"},{"id":6661,"title":"Welcart e-Commerce 1.3.12 - purchase_limit Parameter DOM-based XSS","url":"http://packetstormsecurity.com/files/125513/,http://www.securityfocus.com/bid/65954","osvdb":"103955","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z"},{"id":6662,"title":"Welcart e-Commerce 1.3.12 - wp-admin/admin.php Multiple Parameter SQL Injection","url":"http://packetstormsecurity.com/files/125513/,http://www.securityfocus.com/bid/65954","osvdb":"103954","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z"},{"id":6663,"title":"Welcart e-Commerce - wp-admin/admin.php Multiple Parameter SQL Injection","url":"http://packetstormsecurity.com/files/125513/,http://www.securityfocus.com/bid/65954","osvdb":"103954","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z"},{"id":6664,"title":"Welcart e-Commerce - Cross-Site Scripting and Request Forgery Vulnerabilities","secunia":"51581","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z"}]}},{"knews":{"vulnerabilities":[{"id":6665,"title":"Knews 1.2.5 - Multilingual Newsletters Cross-Site Request Forgery Vulnerability","url":"http://www.securityfocus.com/bid/56926,http://xforce.iss.net/xforce/xfdb/80661","osvdb":"88427","secunia":"51543","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"1.2.6"},{"id":6666,"title":"Knews 1.2.5 - Unspecified XSS","osvdb":"88426","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"1.2.6"},{"id":6667,"title":"Knews 1.1.0 - wysiwyg/fontpicker/index.php ff Parameter XSS","osvdb":"83643","secunia":"49825","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"1.1.1"}]}},{"video-lead-form":{"vulnerabilities":[{"id":6668,"title":"Video Lead Form - \"errMsg\" Cross-Site Scripting Vulnerability","osvdb":"88002","cve":"2012-6312","secunia":"51419","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z"}]}},{"sagepay-direct-for-woocommerce-payment-gateway":{"vulnerabilities":[{"id":6669,"title":"WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DRedirect.php Multiple Parameter Reflected XSS","osvdb":"102882","secunia":"56801","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"0.1.6.7"},{"id":6670,"title":"WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DCallBack.php Multiple Parameter Reflected XSS","osvdb":"102746","secunia":"56801","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"0.1.6.7"},{"id":6671,"title":"WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DComplete.php Multiple Parameter Reflected XSS","osvdb":"102747","secunia":"56801","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"0.1.6.7"}]}},{"woocommerce-predictive-search":{"vulnerabilities":[{"id":6672,"title":"WooCommerce Predictive Search - index.php rs Parameter XSS","url":"http://www.securityfocus.com/bid/56703","osvdb":"87890","secunia":"51385","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"1.0.6"}]}},{"woocommerce":{"vulnerabilities":[{"id":6673,"title":"WooCommerce 2.0.17 - hide-wc-extensions-message Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123684/,http://www.securityfocus.com/bid/63228","osvdb":"98754","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"2.0.17"},{"id":6674,"title":"WooCommerce 2.0.12 - index.php calc_shipping_state Parameter XSS","url":"http://packetstormsecurity.com/files/122465/","osvdb":"95480","secunia":"53930","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"2.0.13"}]}},{"wp-e-commerce-predictive-search":{"vulnerabilities":[{"id":6675,"title":"WP e-Commerce Predictive Search - \"rs\" Cross-Site Scripting Vulnerability","secunia":"51384","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z"}]}},{"wp-tiger":{"vulnerabilities":[{"id":6676,"title":"vTiger - CRM Lead Capture Unspecified Vulnerability","secunia":"51305","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"1.1.0"}]}},{"wp-postviews":{"vulnerabilities":[{"id":6677,"title":"WP-PostViews - \"search_input\" Cross-Site Scripting Vulnerability","secunia":"50982","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z"},{"id":6678,"title":"WP-PostViews 1.62 - Setting Manipulation CSRF","osvdb":"93096","cve":"2013-3252","secunia":"53127","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"1.63"}]}},{"dx-contribute":{"vulnerabilities":[{"id":6679,"title":"DX-Contribute - Cross-Site Request Forgery Vulnerability","secunia":"51082","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z"}]}},{"wysija-newsletters":{"vulnerabilities":[{"id":6680,"title":"MailPoet (Wysija Newsletters) - Remote File Upload","url":"http://blog.sucuri.net/2014/07/remote-file-upload-vulnerability-on-mailpoet-wysija-newsletters.html,http://www.openwall.com/lists/oss-security/2014/07/02/1","cve":"2014-4725","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","metasploit":"exploit/unix/webapp/wp_wysija_newsletters_upload","fixed_in":"2.6.8"},{"id":6681,"title":"Wysija Newsletters 2.2 - SQL Injection Vulnerability","url":"https://www.htbridge.com/advisory/HTB23140,http://packetstormsecurity.com/files/120089/,http://seclists.org/bugtraq/2013/Feb/29,http://cxsecurity.com/issue/WLB-2013020039","osvdb":"89924","cve":"2013-1408","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"2.2.1"},{"id":6682,"title":"Wysija Newsletters - swfupload Cross-Site Scripting Vulnerability","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","secunia":"51249","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"2.1.7"}]}},{"hitasoft_player":{"vulnerabilities":[{"id":6683,"title":"Hitasoft FLV Player - \"id\" SQL Injection Vulnerability","secunia":"51179","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z"}]}},{"spider-calendar":{"vulnerabilities":[{"id":6684,"title":"Spider Calendar 1.3.0 - Multiple Vulnerabilities","osvdb":"93584","secunia":"53481","exploitdb":"25723","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z"},{"id":6685,"title":"Spider Calendar 1.1.0 - \"many_sp_calendar\" Cross-Site Scripting Vulnerability","osvdb":"86604","secunia":"50981","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"1.1.1"},{"id":6686,"title":"Spider Calendar 1.0.1 - front_end/spidercalendarbig.php date Parameter XSS","url":"http://packetstormsecurity.org/files/117078/","osvdb":"85897","secunia":"50812","exploitdb":"21715","created_at":"2014-08-01T10:58:55.000Z","updated_at":"2014-08-01T10:58:55.000Z","fixed_in":"1.1.3"},{"id":6687,"title":"Spider Calendar 1.0.1 - spidercalendarbig_seemore.php calendar_id Parameter SQL Injection","url":"http://packetstormsecurity.org/files/117078/","osvdb":"85898","secunia":"50812","exploitdb":"21715","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"1.1.3"}]}},{"dynamic-font-replacement-4wp":{"vulnerabilities":[{"id":6688,"title":"Dynamic Font Replacement 1.3 - SQL Injection Vulnerability","url":"http://1337day.com/exploit/20239","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z"}]}},{"form":{"vulnerabilities":[{"id":6689,"title":"Zingiri Form Builder - \"error\" Cross-Site Scripting Vulnerability","secunia":"50983","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"1.2.1"}]}},{"white-label-cms":{"vulnerabilities":[{"id":6690,"title":"White Label CMS - Cross-Site Request Forgery Vulnerability","secunia":"50487","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"1.5.1"}]}},{"download-shortcode":{"vulnerabilities":[{"id":6691,"title":"Download Shortcode - \"file\" Arbitrary File Disclosure Vulnerability","secunia":"50924","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"0.2.1"}]}},{"eshop-magic":{"vulnerabilities":[{"id":6692,"title":"eShop Magic 0.1 - eshop-magic/download.php file Parameter Traversal Arbitrary File Access","url":"http://xforce.iss.net/xforce/xfdb/79222","osvdb":"86155","secunia":"50933","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"0.2"}]}},{"pinterest-pin-it-button":{"vulnerabilities":[{"id":6693,"title":"Pinterest \"Pin It\" Button Lite 1.3.1 - Multiple Unspecified Vulnerabilities","osvdb":"85956","secunia":"50868","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"1.4.0"}]}},{"css-plus":{"vulnerabilities":[{"id":6694,"title":"CSS Plus 1.3.1 - Unspecified Vulnerabilities","osvdb":"85875","secunia":"50793","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"1.3.2"}]}},{"multisite-plugin-manager":{"vulnerabilities":[{"id":6695,"title":"Multisite plugin Manager 3.1.1 - Two Cross-Site Scripting Vulnerabilities","osvdb":"85818","secunia":"50762","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"3.1.2"}]}},{"abc-test":{"vulnerabilities":[{"id":6696,"title":"ABC Test - \"id\" Cross-Site Scripting Vulnerability","url":"http://scott-herbert.com/?p=142","osvdb":"85773","secunia":"50608","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z"}]}},{"token-manager":{"vulnerabilities":[{"id":6697,"title":"Token Manager 1.0.2 - \"tid\" Cross-Site Scripting Vulnerabilities","osvdb":"85738","secunia":"50722","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z"}]}},{"sexy-add-template":{"vulnerabilities":[{"id":6698,"title":"Sexy Add Template 1.0 - PHP Code Execution CSRF","osvdb":"85730","secunia":"50709","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z"}]}},{"notices":{"vulnerabilities":[{"id":6699,"title":"Notices Ticker 5.0 - Cross-Site Request Forgery Vulnerability","url":"http://packetstormsecurity.org/files/116774/","osvdb":"85729","secunia":"50717","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z"}]}},{"mf-gig-calendar":{"vulnerabilities":[{"id":6700,"title":"MF Gig Calendar 0.9.4.1 - URL Cross-Site Scripting Vulnerability","url":"http://packetstormsecurity.org/files/116713/","osvdb":"85682","cve":"2012-4242","secunia":"50571","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z"}]}},{"wp-topbar":{"vulnerabilities":[{"id":6701,"title":"WP-TopBar 4.02 - wp-topbar.php wptbbartext Parameter XSS","osvdb":"85659","secunia":"50693","exploitdb":"21393","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"4.03"},{"id":6702,"title":"WP-TopBar 4.02 - TopBar Message Manipulation CSRF","osvdb":"85660","secunia":"50693","exploitdb":"21393","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"4.03"},{"id":6703,"title":"wp-topbar \u003c= 3.04 - XSS in ZeroClipboard.swf","url":"http://1337day.com/exploit/20396","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z"}]}},{"webplayer":{"vulnerabilities":[{"id":6704,"title":"HD Webplayer - Two SQL Injection Vulnerabilities","osvdb":"87832","secunia":"50466","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z"}]}},{"cloudsafe365-for-wp":{"vulnerabilities":[{"id":6705,"title":"Cloudsafe365 - Multiple Vulnerabilities","secunia":"50392","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"1.47"}]}},{"vitamin":{"vulnerabilities":[{"id":6706,"title":"Vitamin 1.0 - add_headers.php path Parameter Traversal Arbitrary File Access","osvdb":"84463","cve":"2012-6651","secunia":"50176","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"1.1"},{"id":6707,"title":"Vitamin 1.0 - minify.php path Parameter Traversal Arbitrary File Access","osvdb":"84464","cve":"2012-6651","secunia":"50176","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"1.1"}]}},{"featured-post-with-thumbnail":{"vulnerabilities":[{"id":6708,"title":"Featured Post with thumbnail 1.4 - Unspecified timthumb Vulnerability","osvdb":"84460","secunia":"50161","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"1.5"}]}},{"wp-effective-lead-management":{"vulnerabilities":[{"id":6709,"title":"WP Lead Management 3.0.0 - Script Insertion Vulnerabilities","osvdb":"84462","secunia":"50166","exploitdb":"20270","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z"}]}},{"xve-various-embed":{"vulnerabilities":[{"id":6710,"title":"XVE Various Embed - JW Player Multiple Cross-Site Scripting Vulnerabilities","secunia":"50173","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"1.0.4"}]}},{"g-lock-double-opt-in-manager":{"vulnerabilities":[{"id":6711,"title":"G-Lock Double Opt-in Manager - Two Security Bypass Vulnerabilities","url":"http://packetstormsecurity.org/files/115173/","osvdb":"84434","secunia":"50100","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z"}]}},{"kau-boys-backend-localization":{"vulnerabilities":[{"id":6712,"title":"Backend Localization 1.6.1 - options-general.php kau-boys_backend_localization_language Parameter XSS","osvdb":"84418","secunia":"50099","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"2.0"},{"id":6713,"title":"Backend Localization 1.6.1 - wp-login.php kau-boys_backend_localization_language Parameter XSS","osvdb":"84419","secunia":"50099","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"2.0"}]}},{"flexi-quote-rotator":{"vulnerabilities":[{"id":6714,"title":"Flexi Quote Rotator - Cross-Site Request Forgery and SQL Injection Vulnerabilities","secunia":"49910","created_at":"2014-08-01T10:58:56.000Z","updated_at":"2014-08-01T10:58:56.000Z","fixed_in":"0.9.2"}]}},{"gotmls":{"vulnerabilities":[{"id":6715,"title":"Get Off Malicious Scripts - Cross-Site Scripting Vulnerability","secunia":"50030","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z","fixed_in":"1.2.07.20"}]}},{"cimy-user-extra-fields":{"vulnerabilities":[{"id":6716,"title":"Cimy User Extra Fields - Arbitrary File Upload Vulnerability","secunia":"49975","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z","fixed_in":"2.3.9"}]}},{"nmedia-user-file-uploader":{"vulnerabilities":[{"id":6717,"title":"Nmedia Users File Uploader - Arbitrary File Upload Vulnerability","secunia":"49996","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z","fixed_in":"2.0"}]}},{"wp-explorer-gallery":{"vulnerabilities":[{"id":6718,"title":"wp-explorer-gallery - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20251","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"accordion":{"vulnerabilities":[{"id":6719,"title":"accordion - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20254","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"wp-catpro":{"vulnerabilities":[{"id":6720,"title":"wp-catpro - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20256","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"RLSWordPressSearch":{"vulnerabilities":[{"id":6721,"title":"RLSWordPressSearch - register.php agentid Parameter SQL Injection","url":"http://packetstormsecurity.com/files/119938/","osvdb":"89824","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"wordpress-simple-shout-box":{"vulnerabilities":[{"id":6722,"title":"wordpress-simple-shout-box - SQL Injection","url":"http://cxsecurity.com/issue/WLB-2013010235","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"portfolio-slideshow-pro":{"vulnerabilities":[{"id":6723,"title":"portfolio-slideshow-pro v3 - SQL Injection","url":"http://cxsecurity.com/issue/WLB-2013010236","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"simple-history":{"vulnerabilities":[{"id":6724,"title":"Simple History - RSS Feed \"rss_secret\" Disclosure Weakness","url":"http://www.securityfocus.com/bid/57628","osvdb":"89640","secunia":"51998","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z","fixed_in":"1.0.8"}]}},{"p1m-media-manager":{"vulnerabilities":[{"id":6725,"title":"p1m media manager - SQL Injection Vulnerability","url":"http://1337day.com/exploit/20270","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"wp-table-reloaded":{"vulnerabilities":[{"id":6726,"title":"wp-table-reloaded \u003c= 1.9.3 - zeroclipboard.swf id Parameter XSS","url":"http://packetstormsecurity.com/files/119968/,http://seclists.org/bugtraq/2013/Feb/28,http://www.securityfocus.com/bid/57664","osvdb":"89754","cve":"2013-1463","secunia":"52027","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z","fixed_in":"1.9.4"}]}},{"wordpress-gallery":{"vulnerabilities":[{"id":6727,"title":"Gallery - \"load\" Remote File Inclusion Vulnerability","url":"http://www.securityfocus.com/bid/57650","osvdb":"89753","cve":"2012-4919","secunia":"51347","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"forumconverter":{"vulnerabilities":[{"id":6728,"title":"ForumConverter - SQL Injection Vulnerability","url":"http://1337day.com/exploit/20275","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"newsletter":{"vulnerabilities":[{"id":6729,"title":"Newsletter - SQL Injection Vulnerability","url":"http://1337day.com/exploit/20287","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z","fixed_in":"3.0.9"},{"id":6730,"title":"Newsletter 3.2.6 - \"alert\" Cross-Site Scripting Vulnerability","url":"http://packetstormsecurity.com/files/121634/,http://www.securityfocus.com/bid/59856,http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5141.php","osvdb":"93421","secunia":"53398","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z","fixed_in":"3.2.7"}]}},{"commentluv":{"vulnerabilities":[{"id":6731,"title":"CommentLuv 2.92.3 - Cross Site Scripting Vulnerability","url":"https://www.htbridge.com/advisory/HTB23138,http://packetstormsecurity.com/files/120090/,http://seclists.org/bugtraq/2013/Feb/30,http://cxsecurity.com/issue/WLB-2013020040","osvdb":"89925","cve":"2013-1409","secunia":"52092","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z","fixed_in":"2.92.4"}]}},{"wp-forum":{"vulnerabilities":[{"id":6732,"title":"wp-forum - SQL Injection","url":"http://cxsecurity.com/issue/WLB-2013020035","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"wp-ecommerce-shop-styling":{"vulnerabilities":[{"id":6733,"title":"WP ecommerce Shop Styling 1.7.2 - generate-pdf.php dompdf Parameter Remote File Inclusion","osvdb":"89921","cve":"2013-0724","secunia":"51707","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z","fixed_in":"1.8"}]}},{"audio-player":{"vulnerabilities":[{"id":6734,"title":"Audio Player - player.swf playerID Parameter XSS","url":"http://packetstormsecurity.com/files/120129/,http://seclists.org/bugtraq/2013/Feb/35","osvdb":"89963","cve":"2013-1464","secunia":"52083","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z","fixed_in":"2.0.4.6"}]}},{"ckeditor-for-wordpress":{"vulnerabilities":[{"id":6735,"title":"CKEditor 4.0 - Arbitrary File Upload Exploit","url":"http://1337day.com/exploit/20318","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"myftp-ftp-like-plugin-for-wordpress":{"vulnerabilities":[{"id":6736,"title":"myftp-ftp-like-plugin-for-wordpress v2 - SQL Injection","url":"http://cxsecurity.com/issue/WLB-2013020061","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"password-protected":{"vulnerabilities":[{"id":6737,"title":"Password Protected 1.4 - Login Process redirect_to Parameter Arbitrary Site Redirect","osvdb":"90559","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"contact-form-plugin":{"vulnerabilities":[{"id":6738,"title":"Contact Form 3.34 - contact_form.php cntctfrm_contact_message Parameter XSS","osvdb":"90502","secunia":"52179","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z","fixed_in":"3.35"},{"id":6739,"title":"Contact Form 3.36 - contact_form.php cntctfrm_contact_email Parameter XSS","osvdb":"90503","secunia":"52250","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"smart-flv":{"vulnerabilities":[{"id":6740,"title":"smart-flv - jwplayer.swf XSS","url":"http://www.openwall.com/lists/oss-security/2013/02/24/7,http://packetstormsecurity.com/files/115100/","osvdb":"90606","cve":"2013-1765","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"GoogleAlertandtwitterplugin":{"vulnerabilities":[{"id":6741,"title":"Google Alert And Twitter 3.1.5 - XSS Exploit, SQL Injection","url":"http://1337day.com/exploit/20433","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"php-shell":{"vulnerabilities":[{"id":6742,"title":"PHP Shell Plugin","url":"https://github.com/wpscanteam/wpscan/issues/138,http://plugins.svn.wordpress.org/php-shell/trunk/shell.php","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"marekkis-watermark":{"vulnerabilities":[{"id":6743,"title":"Marekkis Watermark 0.9.2 - wp-admin/options-general.php pfad Parameter XSS","url":"http://packetstormsecurity.com/files/120378/,http://seclists.org/bugtraq/2013/Feb/83","osvdb":"90362","cve":"2013-1758","secunia":"52227","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"responsive-logo-slideshow":{"vulnerabilities":[{"id":6744,"title":"Responsive Logo Slideshow - URL and Image Field XSS","url":"http://packetstormsecurity.com/files/120379/,http://seclists.org/bugtraq/2013/Feb/84","osvdb":"90406","cve":"2013-1759","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"zopim-live-chat":{"vulnerabilities":[{"id":6745,"title":"zopim-live-chat \u003c= 1.2.5 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","osvdb":"90374","cve":"2013-1808","created_at":"2014-08-01T10:58:57.000Z","updated_at":"2014-08-01T10:58:57.000Z"}]}},{"ed2k-link-selector":{"vulnerabilities":[{"id":6746,"title":"ed2k-link-selector \u003c= 1.1.7 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"wppygments":{"vulnerabilities":[{"id":6747,"title":"wppygments \u003c= 0.3.2 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","osvdb":"90374","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"copy-in-clipboard":{"vulnerabilities":[{"id":6748,"title":"copy-in-clipboard \u003c= 0.8 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"search-and-share":{"vulnerabilities":[{"id":6749,"title":"search-and-share 0.9.3 - SearchAndShare.php Direct Request Path Disclosure","url":"http://packetstormsecurity.com/files/121595/,http://seclists.org/fulldisclosure/2013/May/49","osvdb":"93260","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"},{"id":6750,"title":"search-and-share \u003c= 0.9.3 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"placester":{"vulnerabilities":[{"id":6751,"title":"placester \u003c= 0.3.12 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"drp-coupon":{"vulnerabilities":[{"id":6752,"title":"drp-coupon \u003c= 2.1 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"coupon-code-plugin":{"vulnerabilities":[{"id":6753,"title":"coupon-code-plugin \u003c= 2.1 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"q2w3-inc-manager":{"vulnerabilities":[{"id":6754,"title":"q2w3-inc-manager \u003c= 2.3.1 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"scorerender":{"vulnerabilities":[{"id":6755,"title":"scorerender \u003c= 0.3.4 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"wp-link-to-us":{"vulnerabilities":[{"id":6756,"title":"wp-link-to-us \u003c= 2.0 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"buckets":{"vulnerabilities":[{"id":6757,"title":"buckets \u003c= 0.1.9.2 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"java-trackback":{"vulnerabilities":[{"id":6758,"title":"java-trackback \u003c= 0.2 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"slidedeck2":{"vulnerabilities":[{"id":6759,"title":"slidedeck2 2.3.3 - Unspecified File Inclusion","osvdb":"105132","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z","fixed_in":"2.3.5"},{"id":6760,"title":"slidedeck2 \u003c= 2.1.20130228 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"wp-clone-by-wp-academy":{"vulnerabilities":[{"id":6761,"title":"wp-clone-by-wp-academy \u003c= 2.1.1 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"tiny-url":{"vulnerabilities":[{"id":6762,"title":"tiny-url \u003c= 1.3.2 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"thethe-layout-grid":{"vulnerabilities":[{"id":6763,"title":"thethe-layout-grid \u003c= 1.0.0 - XSS in ZeroClipboard.","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"paypal-digital-goods-monetization-powered-by-cleeng":{"vulnerabilities":[{"id":6764,"title":"paypal-digital-goods-monetization-powered-by-cleeng \u003c= 2.2.13 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"mobileview":{"vulnerabilities":[{"id":6765,"title":"mobileview \u003c= 1.0.7 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"jaspreetchahals-coupons-lite":{"vulnerabilities":[{"id":6766,"title":"jaspreetchahals-coupons-lite \u003c= 2.1 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"geshi-source-colorer":{"vulnerabilities":[{"id":6767,"title":"geshi-source-colorer \u003c= 0.13 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"click-to-copy-grab-box":{"vulnerabilities":[{"id":6768,"title":"click-to-copy-grab-box \u003c= 0.1.1 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"cleeng":{"vulnerabilities":[{"id":6769,"title":"cleeng \u003c= 2.3.2 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"bp-code-snippets":{"vulnerabilities":[{"id":6770,"title":"bp-code-snippets \u003c= 2.0 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"snazzy-archives":{"vulnerabilities":[{"id":6771,"title":"snazzy-archives \u003c= 1.7.1 - swf/tagcloud.swf tagcloud Parameter XSS","url":"http://www.openwall.com/lists/oss-security/2013/03/10/3","osvdb":"91127","cve":"2009-4168","secunia":"52527","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z","fixed_in":"1.7.2"}]}},{"vkontakte-api":{"vulnerabilities":[{"id":6772,"title":"vkontakte-api - vkontakte-api/swf/tagcloud.swf tagcloud Parameter XSS","url":"http://seclists.org/oss-sec/2013/q1/616,http://www.openwall.com/lists/oss-security/2013/03/11/1","osvdb":"91128","cve":"2009-4168","secunia":"52539","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"terillion-reviews":{"vulnerabilities":[{"id":6773,"title":"Terillion Reviews \u003c 1.2 - Profile Id Field XSS","url":"http://packetstormsecurity.com/files/120730/,http://www.securityfocus.com/bid/58415,http://xforce.iss.net/xforce/xfdb/82727","osvdb":"91123","cve":"2013-2501","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"o2s-gallery":{"vulnerabilities":[{"id":6774,"title":"o2s-gallery - Cross Site Scripting Vulnerability","url":"http://1337day.com/exploit/20516","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"bp-gallery":{"vulnerabilities":[{"id":6775,"title":"bp-gallery 1.2.5 - Cross Site Scripting Vulnerability","url":"http://1337day.com/exploit/20518","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"simply-poll":{"vulnerabilities":[{"id":6776,"title":"Simply Poll 1.4.1 - wp-admin/admin.php question Parameter XSS","url":"http://packetstormsecurity.com/files/120833/","osvdb":"91446","exploitdb":"24850","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"},{"id":6777,"title":"Simply Poll 1.4.1 - wp-admin/admin.php Poll Manipulation CSRF","url":"http://packetstormsecurity.com/files/120833/","osvdb":"91447","secunia":"52681","exploitdb":"24850","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"occasions":{"vulnerabilities":[{"id":6778,"title":"Occasions 1.0.4 - Manipulation CSRF","url":"http://packetstormsecurity.com/files/120871/","osvdb":"91489","secunia":"52651","exploitdb":"24858","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"},{"id":6779,"title":"Occasions 1.0.4 - occasions/occasions.php occ_content1 Parameter XSS","url":"http://packetstormsecurity.com/files/120871/","osvdb":"91490","exploitdb":"24858","created_at":"2014-08-01T10:58:58.000Z","updated_at":"2014-08-01T10:58:58.000Z"}]}},{"mathjax-latex":{"vulnerabilities":[{"id":6780,"title":"Mathjax Latex 1.1 - Setting Manipulation CSRF","url":"http://packetstormsecurity.com/files/120931/,http://1337day.com/exploit/20566","osvdb":"91737","exploitdb":"24889","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"1.2"}]}},{"wp-banners-lite":{"vulnerabilities":[{"id":6781,"title":"WP-Banners-Lite 1.4.0 - XSS vulnerability","url":"http://packetstormsecurity.com/files/120928/,http://seclists.org/fulldisclosure/2013/Mar/209,http://threatpost.com/en_us/blogs/xss-flaw-wordpress-plugin-allows-injection-malicious-code-032513","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z"}]}},{"backupbuddy":{"vulnerabilities":[{"id":6782,"title":"Backupbuddy - importbuddy.php Direct Request Remote Backup File Disclosure","url":"http://packetstormsecurity.com/files/120923/,http://seclists.org/fulldisclosure/2013/Mar/206","osvdb":"91631","cve":"2013-2741","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z"},{"id":6783,"title":"Backupbuddy - importbuddy.php step Parameter Manipulation Authentication Bypass","url":"http://packetstormsecurity.com/files/120923/,http://seclists.org/fulldisclosure/2013/Mar/206","osvdb":"91890","cve":"2013-2743","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z"},{"id":6784,"title":"Backupbuddy - importbuddy.php step Parameter Remote PHP Information Disclosure","url":"http://packetstormsecurity.com/files/120923/,http://seclists.org/fulldisclosure/2013/Mar/206,http://archives.neohapsis.com/archives/fulldisclosure/2013-03/0205.html","osvdb":"91891","cve":"2013-2744","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z"},{"id":6785,"title":"Backupbuddy - importbuddy.php Restore Operation Persistence Weakness","url":"http://packetstormsecurity.com/files/120923/,http://seclists.org/fulldisclosure/2013/Mar/206","osvdb":"91892","cve":"2013-2742","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z"}]}},{"wp-funeral-press":{"vulnerabilities":[{"id":6786,"title":"FuneralPress 1.1.6 - Persistent XSS","url":"http://seclists.org/fulldisclosure/2013/Mar/282","osvdb":"91868","cve":"2013-3529","exploitdb":"24914","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z"}]}},{"chikuncount":{"vulnerabilities":[{"id":6787,"title":"chikuncount - ofc_upload_image.php Arbitrary File Upload Vulnerability","exploitdb":"24492","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","metasploit":"exploit/unix/webapp/open_flash_chart_upload_exec"}]}},{"open-flash-chart-core-wordpress-plugin":{"vulnerabilities":[{"id":6788,"title":"open-flash-chart-core - ofc_upload_image.php Arbitrary File Upload Vulnerability","cve":"2009-4140","secunia":"37903","exploitdb":"24492","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","metasploit":"exploit/unix/webapp/open_flash_chart_upload_exec","fixed_in":"0.5"}]}},{"spamtask":{"vulnerabilities":[{"id":6789,"title":"spamtask - ofc_upload_image.php Arbitrary File Upload Vulnerability","exploitdb":"24492","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","metasploit":"exploit/unix/webapp/open_flash_chart_upload_exec"}]}},{"php-analytics":{"vulnerabilities":[{"id":6790,"title":"php-analytics - ofc_upload_image.php Arbitrary File Upload Vulnerability","exploitdb":"24492","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","metasploit":"exploit/unix/webapp/open_flash_chart_upload_exec"}]}},{"seo-spy-google-wordpress-plugin":{"vulnerabilities":[{"id":6791,"title":"seo-spy-google - ofc_upload_image.php Arbitrary File Upload Vulnerability","exploitdb":"24492","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","metasploit":"exploit/unix/webapp/open_flash_chart_upload_exec"}]}},{"wp-seo-spy-google":{"vulnerabilities":[{"id":6792,"title":"wp-seo-spy-google - ofc_upload_image.php Arbitrary File Upload Vulnerability","exploitdb":"24492","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","metasploit":"exploit/unix/webapp/open_flash_chart_upload_exec"}]}},{"podpress":{"vulnerabilities":[{"id":6793,"title":"podPress 8.8.10.13 - players/1pixelout/1pixelout_player.swf playerID Parameter XSS","url":"http://packetstormsecurity.com/files/121011/","osvdb":"91129","cve":"2013-2714","secunia":"52544","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"8.8.10.17"}]}},{"fbsurveypro":{"vulnerabilities":[{"id":6794,"title":"fbsurveypro - XSS Vulnerability","url":"http://1337day.com/exploit/20623","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z"}]}},{"timelineoptinpro":{"vulnerabilities":[{"id":6795,"title":"timelineoptinpro - XSS Vulnerability","url":"http://1337day.com/exploit/20620","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z"}]}},{"kioskprox":{"vulnerabilities":[{"id":6796,"title":"kioskprox - XSS Vulnerability","url":"http://1337day.com/exploit/20624","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z"}]}},{"bigcontact":{"vulnerabilities":[{"id":6797,"title":"bigcontact - SQLI","url":"http://plugins.trac.wordpress.org/changeset/689798","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"1.4.7"}]}},{"drawblog":{"vulnerabilities":[{"id":6798,"title":"drawblog - CSRF","url":"http://plugins.trac.wordpress.org/changeset/691178","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"0.81"}]}},{"social-media-widget":{"vulnerabilities":[{"id":6799,"title":"Social Media Widget - malicious code","url":"https://plugins.trac.wordpress.org/changeset?reponame=\u0026old=691839@social-media-widget/trunk\u0026new=693941@social-media-widget/trunk,http://slashdot.org/submission/2592777/top-wordpress-widget-sold-off-turned-into-seo-spambot","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"4.0.2"},{"id":6800,"title":"Social Media Widget 4.0 - social-widget.php MITM Weakness Arbitrary Code Injection","url":"http://seclists.org/oss-sec/2013/q2/10","osvdb":"92312","cve":"2013-1949","secunia":"53020","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"4.0.1"}]}},{"facebook-members":{"vulnerabilities":[{"id":6801,"title":"facebook-members 5.0.4 - Setting Manipulation CSRF","osvdb":"92642","cve":"2013-2703","secunia":"52962","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"5.0.5"}]}},{"foursquare-checkins":{"vulnerabilities":[{"id":6802,"title":"foursquare-checkins - CSRF","osvdb":"92641","cve":"2013-2709","secunia":"53151","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"1.3"}]}},{"formidable":{"vulnerabilities":[{"id":6803,"title":"Formidable Forms 1.06.03 - ofc_upload_image.php Shell Upload Remote Code Execution","url":"http://www.securityfocus.com/bid/67390,http://packetstormsecurity.com/files/126583/","osvdb":"106985","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z"},{"id":6804,"title":"formidable Pro - Unspecified Vulnerabilities","secunia":"53121","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"1.06.09"}]}},{"all-in-one-webmaster":{"vulnerabilities":[{"id":6805,"title":"All in one webmaster 8.2.3 - Script Insertion CSRF","osvdb":"92640","cve":"2013-2696","secunia":"52877","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"8.2.4"}]}},{"background-music":{"vulnerabilities":[{"id":6806,"title":"background-music 1.0 - jPlayer.swf XSS","secunia":"53057","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z"}]}},{"haiku-minimalist-audio-player":{"vulnerabilities":[{"id":6807,"title":"haiku-minimalist-audio-player \u003c= 1.1.0 - jPlayer.swf XSS","osvdb":"92254","secunia":"51336","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"1.1.0"}]}},{"jammer":{"vulnerabilities":[{"id":6808,"title":"jammer \u003c= 0.2 - jPlayer.swf XSS","osvdb":"92254","secunia":"53106","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z"}]}},{"syntaxhighlighter":{"vulnerabilities":[{"id":6809,"title":"SyntaxHighlighter Evolved 3.1.9 - Unspecified XSS","osvdb":"106587","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"3.1.10"},{"id":6810,"title":"SyntaxHighlighter Evolved 3.1.5 - clipboard.swf Unspecified XSS","osvdb":"92848","secunia":"53235","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"3.1.6"}]}},{"top-10":{"vulnerabilities":[{"id":6811,"title":"top-10 1.9.2 - Setting Manipulation CSRF","osvdb":"92849","secunia":"53205","created_at":"2014-08-01T10:58:59.000Z","updated_at":"2014-08-01T10:58:59.000Z","fixed_in":"1.9.3"}]}},{"easy-adsense-lite":{"vulnerabilities":[{"id":6812,"title":"Easy AdSense Lite 6.06 - Setting Manipulation CSRF","osvdb":"92910","cve":"2013-2702","secunia":"52953","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"6.10"}]}},{"uk-cookie":{"vulnerabilities":[{"id":6813,"title":"uk-cookie - XSS","url":"http://seclists.org/bugtraq/2012/Nov/50","osvdb":"87561","cve":"2012-5856","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z"},{"id":6814,"title":"uk-cookie - CSRF","url":"http://www.openwall.com/lists/oss-security/2013/06/06/10","osvdb":"94032","cve":"2013-2180","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z"}]}},{"wp-cleanfix":{"vulnerabilities":[{"id":6815,"title":"wp-cleanfix - Remote Command Execution, CSRF and XSS","url":"https://github.com/wpscanteam/wpscan/issues/186,http://wordpress.org/support/topic/plugin-wp-cleanfix-remote-code-execution-warning","osvdb":"93450,93468","cve":"2013-2108,2013-2109","secunia":"53395","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"3.0.2"}]}},{"mail-on-update":{"vulnerabilities":[{"id":6816,"title":"Mail On Update 5.1.0 - Email Option Manipulation CSRF","url":"http://www.openwall.com/lists/oss-security/2013/05/16/8","osvdb":"93452","secunia":"53449","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"5.2.0"}]}},{"advanced-xml-reader":{"vulnerabilities":[{"id":6817,"title":"Advanced XML Reader 0.3.4 - XML External Entity (XXE) Injection","url":"http://packetstormsecurity.com/files/121492/","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z"},{"id":6818,"title":"Advanced XML Reader 0.1.1 - XML External Entity (XXE) Data Parsing Arbitrary File Disclosure","url":"http://seclists.org/bugtraq/2013/May/5","osvdb":"92904","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z"}]}},{"related-posts-by-zemanta":{"vulnerabilities":[{"id":6819,"title":"Related Posts by Zemanta 1.3.1 - Cross-Site Request Forgery Vulnerability","osvdb":"93364","cve":"2013-3477","secunia":"53321","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"1.3.2"}]}},{"wordpress-23-related-posts-plugin":{"vulnerabilities":[{"id":6820,"title":"WordPress Related Posts 2.6.1 - Cross-Site Request Forgery Vulnerability","osvdb":"93362","cve":"2013-3476","secunia":"53279","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"2.7.2"}]}},{"related-posts":{"vulnerabilities":[{"id":6821,"title":"Related Posts 2.7.1 - Cross-Site Request Forgery Vulnerability","url":"http://www.securityfocus.com/bid/59836","osvdb":"93363","cve":"2013-3257","secunia":"53122","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"2.7.2"}]}},{"wp-print-friendly":{"vulnerabilities":[{"id":6822,"title":"WP Print Friendly 3.3.7 - wp-admin/options.php printfriendly_option custom_image Parameter XSS","url":"http://packetstormsecurity.com/files/125420/","osvdb":"103874","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"0.5.3"},{"id":6823,"title":"WP Print Friendly \u003c= 0.5.2 - Security Bypass Vulnerability","osvdb":"93243","secunia":"53371","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"0.5.3"}]}},{"contextual-related-posts":{"vulnerabilities":[{"id":6824,"title":"Contextual Related Posts 1.8.10.1 - contextual-related-posts.php Multiple Parameter SQL Injection","url":"http://www.securityfocus.com/bid/67853","osvdb":"104655","cve":"2014-3937","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"1.8.10.2"},{"id":6825,"title":"Contextual Related Posts 1.8.6 - Cross-Site Request Forgery Vulnerability","osvdb":"93088","cve":"2013-2710","secunia":"52960","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"1.8.7"}]}},{"calendar":{"vulnerabilities":[{"id":6826,"title":"Calendar 1.3.2 - Entry Addition CSRF","osvdb":"93025","cve":"2013-2698","secunia":"52841","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"1.3.3"}]}},{"feedweb":{"vulnerabilities":[{"id":6827,"title":"Feedweb 2.4 - feedweb_settings.php _wp_http_referer Parameter DOM-based XSS","url":"http://www.securityfocus.com/bid/65800","osvdb":"103788","secunia":"57108","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z"},{"id":6828,"title":"Feedweb 1.8.8 - widget_remove.php wp_post_id Parameter XSS","url":"http://www.securityfocus.com/bid/58771","osvdb":"91951","cve":"2013-3720","secunia":"52855","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"1.9"}]}},{"wp-print":{"vulnerabilities":[{"id":6829,"title":"WP-Print 2.51 - Setting Manipulation CSRF","url":"http://www.securityfocus.com/bid/58900","osvdb":"92053","cve":"2013-2693","secunia":"52878","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"2.52"}]}},{"trafficanalyzer":{"vulnerabilities":[{"id":6830,"title":"Traffic Analyzer 3.3.2 - js/ta_loaded.js.php aoid Parameter XSS","url":"http://packetstormsecurity.com/files/121167/","osvdb":"92197","cve":"2013-3526","secunia":"52929","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z"}]}},{"wp-download-manager":{"vulnerabilities":[{"id":6831,"title":"WP-DownloadManager 1.60 - Script Insertion CSRF","url":"http://www.securityfocus.com/bid/58937","osvdb":"92119","cve":"2013-2697","secunia":"52863","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"1.61"}]}},{"digg-digg":{"vulnerabilities":[{"id":6832,"title":"Digg Digg 5.3.4 - Setting Manipulation CSRF","url":"http://www.securityfocus.com/bid/60046,http://xforce.iss.net/xforce/xfdb/84418","osvdb":"93544","cve":"2013-3258","secunia":"53120","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"5.3.5"}]}},{"ssquiz":{"vulnerabilities":[{"id":6833,"title":"SS Quiz - Multiple Unspecified Vulnerabilities","url":"http://wordpress.org/plugins/ssquiz/changelog/","osvdb":"93531","secunia":"53378","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"2.0"}]}},{"funcaptcha":{"vulnerabilities":[{"id":6834,"title":"FunCaptcha 0.3.2- Setting Manipulation CSRF","url":"http://wordpress.org/extend/plugins/funcaptcha/changelog/","osvdb":"92272","secunia":"53021","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"0.3.3"},{"id":6835,"title":"FunCaptcha 0.4.3 - wp_funcaptcha_admin_activate.php URI XSS","osvdb":"100392","secunia":"55863","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"0.4.4"}]}},{"xili-language":{"vulnerabilities":[{"id":6836,"title":"xili-language - index.php lang Parameter XSS","osvdb":"93233","secunia":"53364","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"2.8.6"}]}},{"wordpress-seo":{"vulnerabilities":[{"id":6837,"title":"WordPress SEO - Security issue which allowed any user to reset settings","url":"http://wordpress.org/plugins/wordpress-seo/changelog/","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z","fixed_in":"1.4.5"},{"id":6838,"title":"WordPress SEO 1.14.15 - index.php s Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123028/","osvdb":"97885","created_at":"2014-08-01T10:59:00.000Z","updated_at":"2014-08-01T10:59:00.000Z"},{"id":6839,"title":"WordPress SEO 1.4.6 - Reset Settings Feature Access Restriction Bypass","osvdb":"92147","secunia":"52949","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"underconstruction":{"vulnerabilities":[{"id":6840,"title":"Under Construction 1.09 - Authenticated Single Page Viewing Unspecified Issue","osvdb":"102507","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"1.10"},{"id":6841,"title":"Under Construction 1.08 - Setting Manipulation CSRF","url":"http://wordpress.org/plugins/underconstruction/changelog/","osvdb":"93857","cve":"2013-2699","secunia":"52881","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"1.09"}]}},{"adif-log-search-widget":{"vulnerabilities":[{"id":6842,"title":"ADIF Log Search Widget - XSS Arbitrary Vulnerability","url":"http://packetstormsecurity.com/files/121777/","osvdb":"93721","secunia":"53599","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"exploit-scanner":{"vulnerabilities":[{"id":6843,"title":"Exploit Scanner - FPD and Security bypass vulnerabilities","url":"http://seclists.org/fulldisclosure/2013/May/216","osvdb":"93799","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"ga-universal":{"vulnerabilities":[{"id":6844,"title":"GA Universal 1.0 - Setting Manipulation CSRF","url":"http://wordpress.org/plugins/ga-universal/changelog/","osvdb":"92237","secunia":"52976","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"1.0.1"}]}},{"export-to-text":{"vulnerabilities":[{"id":6845,"title":"Export to text - Remote File Inclusion Vulnerability","osvdb":"93715","secunia":"51348","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"2.3"}]}},{"qtranslate":{"vulnerabilities":[{"id":6846,"title":"qTranslate 2.5.34 - Setting Manipulation CSRF","osvdb":"93873","cve":"2013-3251","secunia":"53126","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"image-slider-with-description":{"vulnerabilities":[{"id":6847,"title":"Image slider with description - Unspecified Vulnerability","osvdb":"93691","secunia":"53588","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"7.0"}]}},{"user-role-editor":{"vulnerabilities":[{"id":6848,"title":"User Role Editor - Cross-Site Request Forgery Vulnerability","osvdb":"93699","secunia":"53593","exploitdb":"25721","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"3.14"}]}},{"eelv-newsletter":{"vulnerabilities":[{"id":6849,"title":"EELV Newsletter 3.4.3 - lettreinfo.php Unspecified XSS","osvdb":"104875","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"3.5.0"},{"id":6850,"title":"EELV Newsletter - Cross-Site Scripting Vulnerability","osvdb":"93685","secunia":"53546","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"3.3.1"}]}},{"frontier-post":{"vulnerabilities":[{"id":6851,"title":"Frontier Post - Publishing Posts Security Bypass","osvdb":"93639","secunia":"53474","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"spider-catalog":{"vulnerabilities":[{"id":6852,"title":"Spider Catalog - Cross-Site Scripting and SQL Injection Vulnerabilities","osvdb":"93591,93593,93594,93595,93596,93597,93598","secunia":"53491","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"spider-event-calendar":{"vulnerabilities":[{"id":6853,"title":"Spider Event Calendar - Security Bypass, Cross-Site Scripting and SQLi Vulnerabilities","osvdb":"93582,93583,93584,93585,93586,93587,93588","secunia":"53481","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"antivirus":{"vulnerabilities":[{"id":6854,"title":"AntiVirus 1.0 - PHP Backdoor Detection Bypass","url":"http://packetstormsecurity.com/files/121833/,http://seclists.org/fulldisclosure/2013/Jun/0","osvdb":"95134","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"},{"id":6855,"title":"AntiVirus 1.0 - uninstall.php Direct Request Path Disclosure","url":"http://packetstormsecurity.com/files/121833/,http://seclists.org/fulldisclosure/2013/Jun/0","osvdb":"95135","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"1.1"}]}},{"wp-maintenance-mode":{"vulnerabilities":[{"id":6856,"title":"WP Maintenance Mode 1.8.7 - Setting Manipulation CSRF","osvdb":"94450","cve":"2013-3250","secunia":"53125","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"1.8.8"}]}},{"ultimate-auction":{"vulnerabilities":[{"id":6857,"title":"Ultimate Auction 1.0 - CSRF Vulnerability","osvdb":"94407","exploitdb":"26240","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"mapsmarker":{"vulnerabilities":[{"id":6858,"title":"Leaflet Maps Marker - Multiple security issues","url":"http://www.mapsmarker.com/2012/06/06/leaflet-maps-marker-v2-4-is-available/","secunia":"49845","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"2.4"},{"id":6859,"title":"Leaflet Maps Marker - Tag Multiple Parameter SQL Injection","url":"http://www.mapsmarker.com/2013/05/24/v3-5-4-with-lots-of-translation-updates-bugfixes-is-available/","osvdb":"94388","secunia":"53855","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"3.5.4"}]}},{"leaflet-maps-marker-pro":{"vulnerabilities":[{"id":6860,"title":"Leaflet Maps Marker Pro - SQLI, XSS, Shell Upload, file delete","url":"http://www.mapsmarker.com/2014/03/26/pro-v1-5-8-with-wordpress-3-9-compatibility-improvements-based-on-a-security-audit-by-the-city-of-vienna-is-available/","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"1.5.8"}]}},{"xorbin-analog-flash-clock":{"vulnerabilities":[{"id":6861,"title":"Xorbin Analog Flash Clock 1.0 - Flash-based XSS","url":"http://packetstormsecurity.com/files/122222/","cve":"2013-4692","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"xorbin-digital-flash-clock":{"vulnerabilities":[{"id":6862,"title":"Xorbin Digital Flash Clock 1.0 - Flash-based XSS","url":"http://packetstormsecurity.com/files/122223/","cve":"2013-4693","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"dropdown-menu-widget":{"vulnerabilities":[{"id":6863,"title":"Dropdown Menu Widget 1.9.1 - Script Insertion CSRF","osvdb":"94771","cve":"2013-2704","secunia":"52958","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"buddypress-extended-friendship-request":{"vulnerabilities":[{"id":6864,"title":"BuddyPress Extended Friendship Request - wp-admin/admin-ajax.php friendship_request_message Parameter XSS","osvdb":"94807","cve":"2013-4944","secunia":"54048","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z","fixed_in":"1.0.2"}]}},{"wp-private-messages":{"vulnerabilities":[{"id":6865,"title":"wp-private-messages - /wp-admin/profile.php msgid Parameter SQL Injection","osvdb":"94702","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"stream-video-player":{"vulnerabilities":[{"id":6866,"title":"Stream Video Player \u003c= 1.4.0 - Setting Manipulation CSRF","osvdb":"94466","cve":"2013-2706","secunia":"52954","created_at":"2014-08-01T10:59:01.000Z","updated_at":"2014-08-01T10:59:01.000Z"}]}},{"duplicator":{"vulnerabilities":[{"id":6867,"title":"Duplicator - installer.cleanup.php package Parameter XSS","url":"http://packetstormsecurity.com/files/122535/","osvdb":"95627","cve":"2013-4625","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"0.4.5"}]}},{"citizen-space":{"vulnerabilities":[{"id":6868,"title":"Citizen Space 1.0 - Script Insertion CSRF","osvdb":"95570","secunia":"54256","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"1.1"}]}},{"spicy-blogroll":{"vulnerabilities":[{"id":6869,"title":"Spicy Blogroll - spicy-blogroll-ajax.php Multiple Parameter Remote File Inclusion","url":"http://packetstormsecurity.com/files/122396/","osvdb":"95557","exploitdb":"26804","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"}]}},{"pie-register":{"vulnerabilities":[{"id":6870,"title":"Pie Register - wp-login.php Multiple Parameter XSS","url":"http://www.securityfocus.com/bid/61140,http://xforce.iss.net/xforce/xfdb/85604","osvdb":"95160","cve":"2013-4954","secunia":"54123","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"1.31"}]}},{"xhanch-my-twitter":{"vulnerabilities":[{"id":6871,"title":"Xhanch my Twitter - CSRF in admin/setting.php","osvdb":"96027","cve":"2013-3253","secunia":"53133","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"2.7.7"}]}},{"sexybookmarks":{"vulnerabilities":[{"id":6872,"title":"SexyBookmarks - Setting Manipulation CSRF","osvdb":"95908","cve":"2013-3256","secunia":"53138","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"6.1.5.0"}]}},{"hms-testimonials":{"vulnerabilities":[{"id":6873,"title":"HMS Testimonials 2.0.10 - CSRF","url":"http://wordpress.org/plugins/hms-testimonials/changelog/,http://packetstormsecurity.com/files/122761/","osvdb":"96107,96108,96109,96110,96111","cve":"2013-4240","secunia":"54402","exploitdb":"27531","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"2.0.11"},{"id":6874,"title":"HMS Testimonials 2.0.10 - XSS","url":"http://wordpress.org/plugins/hms-testimonials/changelog/,http://packetstormsecurity.com/files/122761/","osvdb":"96107,96108,96109,96110,96111","cve":"2013-4241","secunia":"54402","exploitdb":"27531","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"2.0.11"}]}},{"indianic-testimonial":{"vulnerabilities":[{"id":6875,"title":"IndiaNIC Testimonial 2.2 - Setting Manipulation CSRF","url":"http://packetstormsecurity.com/files/123036/,http://seclists.org/fulldisclosure/2013/Sep/5","osvdb":"96792","cve":"2013-5672","exploitdb":"28054","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"},{"id":6876,"title":"IndiaNIC Testimonial 2.2 - testimonial.php custom_query Parameter SQL Injection","url":"http://packetstormsecurity.com/files/123036/,http://seclists.org/fulldisclosure/2013/Sep/5","osvdb":"96793","cve":"2013-5673","exploitdb":"28054","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"},{"id":6877,"title":"IndiaNIC Testimonial 2.2 - iNIC_testimonial_save Action Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/123036/,http://seclists.org/fulldisclosure/2013/Sep/5","osvdb":"96795","exploitdb":"28054","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"}]}},{"usernoise":{"vulnerabilities":[{"id":6878,"title":"Usernoise 3.7.8 - Feedback Submission summary Field XSS","url":"http://packetstormsecurity.com/files/122701/","osvdb":"96000","exploitdb":"27403","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"3.7.9"}]}},{"platinum-seo-pack":{"vulnerabilities":[{"id":6879,"title":"platinum_seo_pack.php - s Parameter Reflected XSS","osvdb":"97263","cve":"2013-5918","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"1.3.8"}]}},{"design-approval-system":{"vulnerabilities":[{"id":6880,"title":"Design Approval System 3.6 - XSS Vulnerability","url":"http://seclists.org/bugtraq/2013/Sep/54,http://packetstormsecurity.com/files/123227/","osvdb":"97192,97279","cve":"2013-5711","secunia":"54704","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"3.7"}]}},{"event-easy-calendar":{"vulnerabilities":[{"id":6881,"title":"Event Easy Calendar 1.0.0 - Multiple Administrator Action CSRF","url":"http://packetstormsecurity.com/files/123132/","osvdb":"97042","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"},{"id":6882,"title":"Event Easy Calendar 1.0.0 - Multiple Unspecified XSS","url":"http://packetstormsecurity.com/files/123132/","osvdb":"97041","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"}]}},{"bradesco-gateway":{"vulnerabilities":[{"id":6883,"title":"Bradesco - falha.php URI Reflected XSS","url":"http://packetstormsecurity.com/files/123356/","osvdb":"97624","cve":"2013-5916","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"}]}},{"social-hashtags":{"vulnerabilities":[{"id":6884,"title":"Social Hashtags 2.0.0 - New Post Title Field Stored XSS","url":"http://packetstormsecurity.com/files/123485/","osvdb":"98027","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"}]}},{"simple-flickr-display":{"vulnerabilities":[{"id":6885,"title":"Simple Flickr Display - Username Field Stored XSS","osvdb":"97991","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"}]}},{"lazy-seo":{"vulnerabilities":[{"id":6886,"title":"Lazy SEO 1.1.9 - lazyseo.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/123349/,http://xforce.iss.net/xforce/xfdb/87384","osvdb":"97662","cve":"2013-5961","exploitdb":"28452","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"}]}},{"seo-watcher":{"vulnerabilities":[{"id":6887,"title":"SEO Watcher - Open Flash Chart Arbitrary File Creation Vulnerability","url":"http://packetstormsecurity.com/files/123493/","secunia":"55162","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"}]}},{"all-in-one-seo-pack":{"vulnerabilities":[{"id":6888,"title":"All in One SEO Pack \u003c= 2.1.5 - aioseop_functions.php new_meta Parameter XSS","url":"http://blog.sucuri.net/2014/05/vulnerability-found-in-the-all-in-one-seo-pack-wordpress-plugin.html","osvdb":"107640","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"2.1.6"},{"id":6889,"title":"All in One SEO Pack \u003c= 2.1.5 - Unspecified Privilege Escalation","url":"http://blog.sucuri.net/2014/05/vulnerability-found-in-the-all-in-one-seo-pack-wordpress-plugin.html","osvdb":"107641","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"2.1.6"},{"id":6890,"title":"All in One SEO Pack \u003c= 2.0.3 - XSS Vulnerability","url":"http://archives.neohapsis.com/archives/bugtraq/2013-10/0006.html,http://packetstormsecurity.com/files/123490/,http://www.securityfocus.com/bid/62784,http://seclists.org/bugtraq/2013/Oct/8","osvdb":"98023","cve":"2013-5988","secunia":"55133","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"2.0.3.1"}]}},{"simple-dropbox-upload-form":{"vulnerabilities":[{"id":6891,"title":"Simple Dropbox Upload - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123235/,http://xforce.iss.net/xforce/xfdb/87166","osvdb":"97457","cve":"2013-5963","secunia":"54856","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"1.8.8.1"}]}},{"wp-ultimate-email-marketer":{"vulnerabilities":[{"id":6892,"title":"WP Ultimate Email Marketer - Multiple Vulnerabilities","url":"http://www.securityfocus.com/bid/62621","osvdb":"97648,97649,97650,97651,97652,97653,97654,97655,97656","cve":"2013-3263,2013-3264","secunia":"53170","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"}]}},{"wp-miniaudioplayer":{"vulnerabilities":[{"id":6893,"title":"mb.miniAudioPlayer 1.4.2 - TinyMCE Popup Unspecified Issue","osvdb":"101718","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"1.4.3"},{"id":6894,"title":"miniAudioPlayer 1.3.8 - maplayertinymce.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/123372/,http://www.securityfocus.com/bid/62629","osvdb":"97768","secunia":"54979","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z"}]}},{"simple-custom-website-data":{"vulnerabilities":[{"id":6895,"title":"Custom Website Data 1.2 - Record Deletion CSRF","osvdb":"101642","secunia":"54823","created_at":"2014-08-01T10:59:02.000Z","updated_at":"2014-08-01T10:59:02.000Z","fixed_in":"1.3"},{"id":6896,"title":"Custom Website Data 1.0 - wp-admin/admin.php ref Parameter XSS","url":"http://www.securityfocus.com/bid/62624","osvdb":"97668","secunia":"54865","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z","fixed_in":"1.1"}]}},{"complete-gallery-manager":{"vulnerabilities":[{"id":6897,"title":"Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123303/,http://xforce.iss.net/xforce/xfdb/87172","osvdb":"97481","cve":"2013-5962","secunia":"54894","exploitdb":"28377","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z","fixed_in":"3.3.4"}]}},{"lbg_zoominoutslider":{"vulnerabilities":[{"id":6898,"title":"LBG Zoominoutslider - add_banner.php name Parameter Stored XSS","url":"http://packetstormsecurity.com/files/123367/","osvdb":"97887","secunia":"54983","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"},{"id":6899,"title":"LBG Zoominoutslider - settings_form.php Multiple Parameter Stored XSS","url":"http://packetstormsecurity.com/files/123914/,http://seclists.org/fulldisclosure/2013/Nov/30","osvdb":"99339","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"},{"id":6900,"title":"LBG Zoominoutslider - add_playlist_record.php Multiple Parameter Stored XSS","url":"http://packetstormsecurity.com/files/123914/,http://seclists.org/fulldisclosure/2013/Nov/30","osvdb":"99340","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"},{"id":6901,"title":"LBG Zoominoutslider - add_banner.php Unspecified XSS","url":"http://packetstormsecurity.com/files/123367/","osvdb":"99320","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"},{"id":6902,"title":"LBG Zoominoutslider - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Nov/30","osvdb":"99341","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"woopra":{"vulnerabilities":[{"id":6903,"title":"Woopra - Remote Code Execution","url":"http://packetstormsecurity.com/files/123525/","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"fgallery_plus":{"vulnerabilities":[{"id":6904,"title":"fGallery_Plus - fim_rss.php album Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123347/,http://seclists.org/bugtraq/2013/Sep/105,http://seclists.org/bugtraq/2013/Sep/107,http://seclists.org/bugtraq/2013/Sep/108","osvdb":"97625","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"nospampti":{"vulnerabilities":[{"id":6905,"title":"NOSpamPTI 2.1 - wp-comments-post.php comment_post_ID Parameter SQL Injection","url":"http://packetstormsecurity.com/files/123331/","osvdb":"97528","cve":"2013-5917","exploitdb":"28485","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"comment-attachment":{"vulnerabilities":[{"id":6906,"title":"Comment Attachment 1.0 - XSS Vulnerability","url":"http://packetstormsecurity.com/files/123327/,http://www.securityfocus.com/bid/62438","osvdb":"97600","cve":"2013-6010","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"mukioplayer-for-wordpress":{"vulnerabilities":[{"id":6907,"title":"Mukioplayer 1.6 - SQL Injection","url":"http://packetstormsecurity.com/files/123231/","osvdb":"97609","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"encrypted-blog":{"vulnerabilities":[{"id":6908,"title":"Encrypted Blog 0.0.6.2 - encrypt_blog_form.php redirect_to Parameter Arbitrary Site Redirect","url":"http://packetstormsecurity.com/files/122992/","osvdb":"97881","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"},{"id":6909,"title":"Encrypted Blog 0.0.6.2 - encrypt_blog_form.php redirect_to Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/122992/","osvdb":"97882","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"wp-simple-login-registration-plugin":{"vulnerabilities":[{"id":6910,"title":"Simple Login Registration 1.0.1 - XSS","url":"http://packetstormsecurity.com/files/122963/","osvdb":"96660","secunia":"54583","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"post-gallery":{"vulnerabilities":[{"id":6911,"title":"Post Gallery - XSS","url":"http://packetstormsecurity.com/files/122957/","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"proplayer":{"vulnerabilities":[{"id":6912,"title":"ProPlayer 4.7.9.1 - SQL Injection","osvdb":"93564","exploitdb":"25605","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"booking":{"vulnerabilities":[{"id":6913,"title":"Booking Calendar 4.1.4 - CSRF Vulnerability","url":"http://packetstormsecurity.com/files/122691/,http://wpbookingcalendar.com/","osvdb":"96088","secunia":"54461","exploitdb":"27399","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z","fixed_in":"4.1.6"}]}},{"thinkit-wp-contact-form":{"vulnerabilities":[{"id":6914,"title":"ThinkIT \u003c= 0.3 - wp-admin/admin.php Contact Form Deletion CSRF","url":"http://packetstormsecurity.com/files/122898/","osvdb":"96514","secunia":"54592","exploitdb":"27751","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"},{"id":6915,"title":"ThinkIT \u003c= 0.2 - wp-admin/admin.php toitcf_current_id Parameter XSS","url":"http://packetstormsecurity.com/files/122898/","osvdb":"96515","secunia":"54592","exploitdb":"27751","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z","fixed_in":"0.3"}]}},{"quick-contact-form":{"vulnerabilities":[{"id":6916,"title":"Quick Contact Form 6.2 - Unspecified XSS","osvdb":"101782","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z","fixed_in":"6.3"},{"id":6917,"title":"Quick Contact Form 6.0 - Persistent XSS","url":"http://packetstormsecurity.com/files/123549/,http://quick-plugins.com/quick-contact-form/","osvdb":"98279","secunia":"55172","exploitdb":"28808","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z","fixed_in":"6.1"}]}},{"quick-paypal-payments":{"vulnerabilities":[{"id":6918,"title":"Quick Paypal Payments 3.0 - Payment Sending Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/123662/","osvdb":"98715","secunia":"55292","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"email-newsletter":{"vulnerabilities":[{"id":6919,"title":"Email Newsletter 8.0 - 'option' Parameter Information Disclosure Vulnerability","url":"http://www.securityfocus.com/bid/53850","osvdb":"83541","secunia":"49758","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"},{"id":6920,"title":"Email Newsletter 8.0 - csv/export.php Direct Request Information Disclosure","url":"http://packetstormsecurity.org/files/113322/","osvdb":"82812","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"faqs-manager":{"vulnerabilities":[{"id":6921,"title":"IndiaNIC FAQs Manager 1.0 - Blind SQL Injection","url":"http://packetstormsecurity.com/files/120911/","osvdb":"91623","exploitdb":"24868","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"},{"id":6922,"title":"IndiaNIC FAQs Manager 1.0 - Ask Question Form question Parameter XSS","url":"http://packetstormsecurity.com/files/120910/","osvdb":"91624","secunia":"52780","exploitdb":"24867","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"},{"id":6923,"title":"IndiaNIC FAQs Manager 1.0 - CAPTCHA Value Disclosure","url":"http://packetstormsecurity.com/files/120910/","osvdb":"91625","exploitdb":"24867","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"},{"id":6924,"title":"IndiaNIC FAQs Manager 1.0 - FAQ Setting Manipulation CSRF","url":"http://packetstormsecurity.com/files/120910/","osvdb":"91626","secunia":"52780","exploitdb":"24867","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"booking-system":{"vulnerabilities":[{"id":6925,"title":"Booking System - events_facualty_list.php eid Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/122289/","osvdb":"96740","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"},{"id":6926,"title":"Booking System 1.2 - dopbs-backend-forms.php booking_form_id Parameter SQL injection","url":"http://www.securityfocus.com/archive/1/532168","osvdb":"107204","cve":"2014-3210","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z","fixed_in":"1.3"}]}},{"js-restaurant":{"vulnerabilities":[{"id":6927,"title":"JS Restaurant - popup.php restuarant_id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/122316/","osvdb":"96743","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"FlagEm":{"vulnerabilities":[{"id":6928,"title":"FlagEm - flagit.php cID Parameter XSS","url":"http://www.securityfocus.com/bid/61401,http://xforce.iss.net/xforce/xfdb/85925,http://packetstormsecurity.com/files/122505/","osvdb":"98226","created_at":"2014-08-01T10:59:03.000Z","updated_at":"2014-08-01T10:59:03.000Z"}]}},{"chat":{"vulnerabilities":[{"id":6929,"title":"Chat - message Parameter XSS","osvdb":"95984","secunia":"54403","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z"}]}},{"shareaholic":{"vulnerabilities":[{"id":6930,"title":"Shareaholic - Unspecified CSRF","osvdb":"96321","secunia":"54529","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"7.0.3.4"}]}},{"page-showcaser-boxes":{"vulnerabilities":[{"id":6931,"title":"Page Showcaser Boxes - Title Field Stored XSS","osvdb":"97579","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z"}]}},{"a-forms":{"vulnerabilities":[{"id":6932,"title":"A Forms 1.4.0 - a-forms.php a_form_tracking_page FunctionMultiple Parameters SQL Injection","osvdb":"96404","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.4.2"},{"id":6933,"title":"A Forms 1.4.0 - Form Submission CSRF","osvdb":"96381","secunia":"54489","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.4.1"},{"id":6934,"title":"A Forms 1.4.0 - a-forms.php a_form_shortcode Function Multiple Parameter XSS","osvdb":"96410","secunia":"54489","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.4.2"},{"id":6935,"title":"A Forms 1.4.0 - a-forms.php aform_css_file_selector() Function css_file_selection Parameter XSS","osvdb":"96809","secunia":"54489","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.4.2"},{"id":6936,"title":"A Forms 1.4.0 - a-forms.php add_field_to_section Function Multiple Parameter XSS","osvdb":"96810","secunia":"54489","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.4.2"},{"id":6937,"title":"A Forms 1.4.0 - a-forms.php a_form_initial_page Function Multiple Parameter XSS","osvdb":"96811","secunia":"54489","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.4.2"},{"id":6938,"title":"A Forms 1.4.0 - a-forms.php a_form_page Function Multiple Parameter XSS","osvdb":"96812","secunia":"54489","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.4.2"},{"id":6939,"title":"A Forms 1.4.0 -  a-forms.php a_form_section_page Function message Parameter XSS","osvdb":"96813","secunia":"54489","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.4.2"},{"id":6940,"title":"A Forms 1.4.0 - a-forms.php a_form_tracking_page Function Multiple Parameter XSS","osvdb":"96814","secunia":"54489","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.4.2"}]}},{"share-this":{"vulnerabilities":[{"id":6941,"title":"ShareThis 7.0.3 - Setting Manipulation CSRF","url":"http://www.securityfocus.com/bid/62154","osvdb":"96884","cve":"2013-3479","secunia":"53135","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"7.0.6"}]}},{"simple-flash-video":{"vulnerabilities":[{"id":6942,"title":"Simple Flash Video 1.7 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/123562/,http://www.securityfocus.com/bid/62950","osvdb":"98371","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z"}]}},{"landing-pages":{"vulnerabilities":[{"id":6943,"title":"Landing Pages 1.2.3 - Unspecified Issue","osvdb":"102442","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.3.1"},{"id":6944,"title":"Landing Pages 1.2.1 - module.utils.php post Parameter SQL Injection","url":"http://www.securityfocus.com/bid/62942,http://xforce.iss.net/xforce/xfdb/87803","osvdb":"98334","cve":"2013-6243","secunia":"55192","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.2.3"},{"id":6945,"title":"Landing Pages 1.2.1 - module.redirect-ab-testing.php permalink_name Parameter SQL Injection","osvdb":"102407","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.2.3"}]}},{"cart66-lite":{"vulnerabilities":[{"id":6946,"title":"Cart66 1.5.1.14 - admin.php cart66-products Page Product Manipulation CSRF","url":"http://packetstormsecurity.com/files/123587/","osvdb":"98352","cve":"2013-5977","secunia":"55265","exploitdb":"28959","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.5.1.15"},{"id":6947,"title":"Cart66 - admin.php cart66-products Page Multiple Field Stored XSS","url":"http://packetstormsecurity.com/files/123587/","osvdb":"98353","cve":"2013-5978","exploitdb":"28959","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.5.1.15"}]}},{"category-wise-search":{"vulnerabilities":[{"id":6948,"title":"Wise Search Widget 1.1 - s Parameter Reflected XSS","osvdb":"97989","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z"}]}},{"catholic-liturgical-calendar":{"vulnerabilities":[{"id":6949,"title":"Catholic Liturgical Calendar Widget 0.0.1 - Title Field Stored XSS","osvdb":"98026","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"0.0.2"}]}},{"zenphoto":{"vulnerabilities":[{"id":6950,"title":"Zenphoto 1.4.5.2 - wordpress_import.php wp_prefix Function SQL Injection","url":"http://packetstormsecurity.com/files/123501/,http://www.securityfocus.com/bid/62815,http://seclists.org/bugtraq/2013/Oct/20","osvdb":"98091","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.4.5.4"}]}},{"bp-group-documents":{"vulnerabilities":[{"id":6951,"title":"Group Documents 1.2.1 - Document Upload Multiple Field Stored XSS","url":"http://seclists.org/fulldisclosure/2014/Feb/170","osvdb":"103475","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.2.2"},{"id":6952,"title":"Group Documents 1.2.1 - bp-group-documents-settings.php file Parameter Remote Path Traversal File Location Manipulation","url":"http://seclists.org/fulldisclosure/2014/Feb/170","osvdb":"103476","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.2.2"},{"id":6953,"title":"Group Documents 1.2.1 - Document Property Manipulation CSRF","url":"http://seclists.org/fulldisclosure/2014/Feb/170","osvdb":"103477","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.2.2"},{"id":6954,"title":"Group Documents 1.2 - File Uploading Multiple Parameter Stored XSS","url":"http://www.securityfocus.com/bid/62886","osvdb":"98246","secunia":"55130","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"1.2.2"}]}},{"ab-categories-search-widget":{"vulnerabilities":[{"id":6955,"title":"AB Categories Search Widget 0.1 - s Parameter Reflected XSS","osvdb":"97987","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z"}]}},{"sl-user-create":{"vulnerabilities":[{"id":6956,"title":"SL User Create 0.2.4 - LSL script Secret String Weakness Information Disclosure","url":"http://www.securityfocus.com/bid/63009","osvdb":"98456","secunia":"55262","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z","fixed_in":"0.2.5"}]}},{"player":{"vulnerabilities":[{"id":6957,"title":"Spider Video Player 2.1 - settings.php theme Parameter SQL Injection","url":"http://packetstormsecurity.com/files/121250/,http://www.securityfocus.com/bid/59021,http://xforce.iss.net/xforce/xfdb/83374","osvdb":"92264","cve":"2013-3532","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z"},{"id":6958,"title":"Spider Video Player 2.1 - settings.php s_v_player_id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124353/","osvdb":"100848","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z"}]}},{"finalist":{"vulnerabilities":[{"id":6959,"title":"Finalist - vote.php id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123597/","osvdb":"98665","created_at":"2014-08-01T10:59:04.000Z","updated_at":"2014-08-01T10:59:04.000Z"},{"id":6960,"title":"Finalist - vote.php id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/120951/","osvdb":"98665","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"dexs-pm-system":{"vulnerabilities":[{"id":6961,"title":"Dexs PM System 1.0.1 - Private Message subject Parameter Stored XSS","url":"http://packetstormsecurity.com/files/123634/,http://www.securityfocus.com/bid/63021","osvdb":"98668","secunia":"55296","exploitdb":"28970","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"video-metabox":{"vulnerabilities":[{"id":6962,"title":"Video Metabox 1.1 - Persistent XSS Vulnerability Disclosure","url":"http://www.securityfocus.com/bid/63172,http://securityundefined.com/wordpress-video-metabox-plugin-persistent-xss-vulnerability-disclosure/","osvdb":"98641","secunia":"55257","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"1.1.1"}]}},{"wp-realty":{"vulnerabilities":[{"id":6963,"title":"WP Realty - MySQL Time Based Injection","url":"http://packetstormsecurity.com/files/123655/,http://www.securityfocus.com/bid/63217","osvdb":"98748","exploitdb":"29021","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"},{"id":6964,"title":"WP Realty - index_ext.php listing_id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124418/","osvdb":"101583","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"feed":{"vulnerabilities":[{"id":6965,"title":"Feed - news_dt.php nid Parameter SQL Injection","url":"http://packetstormsecurity.com/files/122260/","osvdb":"94804","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"social-sharing-toolkit":{"vulnerabilities":[{"id":6966,"title":"Social Sharing Toolkit 2.1.1 - Setting Manipulation CSRF","url":"http://www.securityfocus.com/bid/63198","osvdb":"98717","cve":"2013-2701","secunia":"52951","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"},{"id":6967,"title":"Social Sharing Toolkit 2.1.1 - Unspecified XSS","osvdb":"98931","cve":"2013-6280","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"2.1.2"}]}},{"videowall":{"vulnerabilities":[{"id":6968,"title":"Videowall - index.php page_id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123693/,http://seclists.org/bugtraq/2013/Oct/98","osvdb":"98765","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"really-simple-facebook-twitter-share-buttons":{"vulnerabilities":[{"id":6969,"title":"Really simple Facebook Twitter share buttons 2.10.4 - Settings Page Manipulation CSRF","url":"http://www.securityfocus.com/bid/62268","osvdb":"97190","secunia":"54707","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"2.10.5"}]}},{"car-demon":{"vulnerabilities":[{"id":6970,"title":"Car Demon 1.0.1 - /wp-admin/edit.php Multiple Parameter XSS","osvdb":"90365","secunia":"51088","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"},{"id":6971,"title":"Car Demon 1.0.1 - /wp-admin/post.php Multiple Parameter XSS","osvdb":"90366","secunia":"51088","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"blue-wrench-videos-widget":{"vulnerabilities":[{"id":6972,"title":"Blue Wrench Video Widget 1.0.2 - admin.php bw-videos Page Multiple Action CSRF","url":"http://securityundefined.com/wordpress-plugin-blue-wrench-video-widget-csrf-persistent-xss-0day-disclosure/","osvdb":"98922","cve":"2013-6797","secunia":"55456","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"},{"id":6973,"title":"Blue-Wrench-Video-Widget 1.0.2 - admin.php bw-videos Page Multiple Parameter Stored XSS","url":"http://securityundefined.com/wordpress-plugin-blue-wrench-video-widget-csrf-persistent-xss-0day-disclosure/","osvdb":"98923","cve":"2013-6797","secunia":"55456","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"wp-mailup":{"vulnerabilities":[{"id":6974,"title":"MailUp 1.3.2 - ajax.functions.php Ajax Function Call Handling XSS Weakness","osvdb":"91274","cve":"2013-0731,2013-2640","secunia":"51917","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"1.3.3"}]}},{"wp-online-store":{"vulnerabilities":[{"id":6975,"title":"WP Online Store 1.3.1 - index.php slug Parameter Traversal Local File Inclusion","osvdb":"90243","secunia":"50836","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"1.3.2"},{"id":6976,"title":"WP Online Store 1.3.1 - index.php Multiple Parameter Traversal Arbitrary File Access","osvdb":"90244","secunia":"50836","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"1.3.2"}]}},{"payment-gateways-caller-for-wp-e-commerce":{"vulnerabilities":[{"id":6977,"title":"Payment Gateways Caller for WP e-Commerce 0.1.0 - load_merchant Parameter Traversal Local file Inclusion","url":"http://packetstormsecurity.com/files/123744/","osvdb":"98916","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"0.1.1"}]}},{"easy-photo-album":{"vulnerabilities":[{"id":6978,"title":"Easy Photo Album 1.1.5 - Album Information Disclosure","osvdb":"98802","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"1.1.6"}]}},{"hungred-post-thumbnail":{"vulnerabilities":[{"id":6979,"title":"Hungred Post Thumbnail - hpt_file_upload.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113402/,http://www.securityfocus.com/bid/53898","osvdb":"82830","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"dhtmlxspreadsheet":{"vulnerabilities":[{"id":6980,"title":"Spreadsheet - /dhtmlxspreadsheet/codebase/spreadsheet.php page Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123699/,http://www.securityfocus.com/bid/63256","osvdb":"98831","cve":"2013-6281","secunia":"55396","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"tweet-blender":{"vulnerabilities":[{"id":6981,"title":"Tweet Blender 4.0.1 - Unspecified XSS","url":"http://packetstormsecurity.com/files/124047/","osvdb":"98978","cve":"2013-6342","secunia":"55780","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"4.0.2"}]}},{"sb-uploader":{"vulnerabilities":[{"id":6982,"title":"WordPress SB Uploader 3.9 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/119159/","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"connections":{"vulnerabilities":[{"id":6983,"title":"Connections Business Directory 0.7.9.3 - includes/template/class.template-parts.php Pagination URL Handling XSS","osvdb":"106558","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"0.7.9.4"},{"id":6984,"title":"Connections \u003c= 0.7.1.5 - Unspecified Security Vulnerability","url":"http://www.securityfocus.com/bid/51204","cve":"2011-5254","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"0.7.1.5"}]}},{"gallery-bank":{"vulnerabilities":[{"id":6985,"title":"Gallery Bank 2.0.19 - edit-album.php album_id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123924/,http://www.securityfocus.com/bid/63382","osvdb":"99045","secunia":"55443","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"2.0.20"},{"id":6986,"title":"Gallery Bank 2.0.19 - Multiple Unspecified Issues","url":"http://www.securityfocus.com/bid/63382","osvdb":"99046","secunia":"55443","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"2.0.20"},{"id":6987,"title":"Gallery Bank 2.0.19 - album-gallery-bank-class.php recordsArray Parameter Reflected XSS","url":"http://www.securityfocus.com/bid/63385,http://seclists.org/fulldisclosure/2013/Nov/38","osvdb":"99345","secunia":"55443","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z","fixed_in":"2.0.20"}]}},{"rockhoist-ratings":{"vulnerabilities":[{"id":6988,"title":"Rockhoist Ratings 1.2.2 - wp-admin/admin-ajax.php postID Parameter SQL Injection","url":"http://www.securityfocus.com/bid/63441","osvdb":"99195","secunia":"55445","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"wordpress-checkout":{"vulnerabilities":[{"id":6989,"title":"Checkout Plugin - File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/123866/","osvdb":"99225","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"mobilechief-mobile-site-creator":{"vulnerabilities":[{"id":6990,"title":"MobileChief - jQuery Validation Cross-Site Scripting Vulnerability","url":"http://packetstormsecurity.com/files/123809/","secunia":"55501","created_at":"2014-08-01T10:59:05.000Z","updated_at":"2014-08-01T10:59:05.000Z"}]}},{"timeline":{"vulnerabilities":[{"id":6991,"title":"Facebook Survey Pro - timeline/index.php id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/118238/,http://www.securityfocus.com/bid/56595,http://xforce.iss.net/xforce/xfdb/80141","secunia":"87817","exploitdb":"22853","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"live-comment-preview":{"vulnerabilities":[{"id":6992,"title":"Live Comment Preview 2.0.2 - Comment Field Preview XSS","osvdb":"92944","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"polldaddy":{"vulnerabilities":[{"id":6993,"title":"Polldaddy Polls and Rating 2.0.24 - polldaddy-org.php unique_id Ratings Shortcode XSS","url":"http://www.securityfocus.com/bid/68512","osvdb":"108640","cve":"2014-4856","secunia":"59323","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"2.0.25"},{"id":6994,"title":"Polldaddy Polls and Rating 2.0.23 - polldaddy-org.php polldaddy-ratings-title-filter Parameter Reflected XSS","url":"http://www.securityfocus.com/bid/68512","osvdb":"108641","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"2.0.24"},{"id":6995,"title":"Polldaddy Polls and Ratings 2.0.20 - Cross-Site Request Forgery Vulnerability","url":"http://www.securityfocus.com/bid/63557","osvdb":"99515","secunia":"55464","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"2.0.21"}]}},{"jigoshop":{"vulnerabilities":[{"id":6996,"title":"Jigoshop 1.8 - Multiple Script Direct Request Path Disclosure","osvdb":"99485","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"fcchat":{"vulnerabilities":[{"id":6997,"title":"FCChat 2.2.11-2.2.13 - Upload.php Arbitrary File Upload Vulnerability","url":"http://www.securityfocus.com/bid/53855","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"another-wordpress-classifieds-plugin":{"vulnerabilities":[{"id":6998,"title":"Another WordPress Classifieds - Unspecified Image Upload Vulnerability","url":"http://www.securityfocus.com/bid/52861","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"picturesurf-gallery":{"vulnerabilities":[{"id":6999,"title":"Picturesurf Gallery 1.2 - upload.php Arbitrary File Upload Vulnerability","url":"http://www.securityfocus.com/bid/53894","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"social-slider-2":{"vulnerabilities":[{"id":7000,"title":"Social Slider \u003c= 5.6.5 - social-slider-2/ajax.php rA Parameter SQL Injection","osvdb":"74421","secunia":"45549","exploitdb":"17617","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"6.0.0"}]}},{"redirection":{"vulnerabilities":[{"id":7001,"title":"Redirection 2.3.3 - view/admin/item.php URL Handling Reflected XSS","osvdb":"101774","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"2.3.4"},{"id":7002,"title":"Redirection - view/admin/log_item.php Non-existent Posts Referer HTTP Header XSS","osvdb":"76092,77447","cve":"2011-4562","secunia":"46310","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"2.2.10"},{"id":7003,"title":"Redirection - wp-admin/tools.php id Parameter XSS","osvdb":"74783","secunia":"45782","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"2.2.9"}]}},{"eshop":{"vulnerabilities":[{"id":7004,"title":"eShop - wp-admin/admin.php Multiple Parameter XSS","url":"http://seclists.org/bugtraq/2011/Aug/52,http://www.htbridge.ch/advisory/multiple_xss_in_eshop_for_wordpress.html","osvdb":"74464","secunia":"45553","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"6.2.9"}]}},{"all-in-one-adsense-and-ypn":{"vulnerabilities":[{"id":7005,"title":"All in One Adsense YPN 2.0.1 - all-in-one-adsense-and-ypn.php Unspecified XSS","osvdb":"74900","secunia":"45579","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"},{"id":7006,"title":"All in One Adsense YPN 2.0.1 - all-in-one-adsense-and-ypn.php Direct Request AdSense Account Manipulation","osvdb":"74899","secunia":"45579","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"SearchNSave":{"vulnerabilities":[{"id":7007,"title":"Search N Save - SearchNSave/error_log Direct Request Path Disclosure","osvdb":"95196","secunia":"54078","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"taggator":{"vulnerabilities":[{"id":7008,"title":"TagGator - 'tagid' Parameter SQL Injection Vulnerability","url":"http://www.securityfocus.com/bid/52908","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"uploadify-integration":{"vulnerabilities":[{"id":7009,"title":"Uploadify Integration 0.9.6 - Multiple Cross Site Scripting Vulnerabilities","url":"http://www.securityfocus.com/bid/52944","osvdb":"81093,81094,81095","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"wpsc-mijnpress":{"vulnerabilities":[{"id":7010,"title":"WPsc MijnPress - 'rwflush' Parameter Cross Site Scripting Vulnerability","url":"http://www.securityfocus.com/bid/53302","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"leaflet-maps-marker":{"vulnerabilities":[{"id":7011,"title":"Leaflet Maps Marker 3.5.2 - Two SQL Injection Vulnerabilities","secunia":"53855","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"3.5.3"}]}},{"google-xml-sitemaps-generator":{"vulnerabilities":[{"id":7012,"title":"XML Sitemap Generator 3.2.8 - XML File Overwrite Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/119357/","osvdb":"89411","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"spam-free-wordpress":{"vulnerabilities":[{"id":7013,"title":"Spam Free Plugin 1.9.2 - Multiple Script Direct Request Path Disclosure","url":"http://xforce.iss.net/xforce/xfdb/81007","osvdb":"88954","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"},{"id":7014,"title":"Spam Free Plugin 1.9.2 - IP Blocklist Restriction Bypass","url":"http://xforce.iss.net/xforce/xfdb/81006,http://packetstormsecurity.com/files/119274/","osvdb":"88955","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"editorial-calendar":{"vulnerabilities":[{"id":7015,"title":"Editorial Calendar 2.6 - Post Title XSS","osvdb":"90226","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"2.7"},{"id":7016,"title":"Editorial Calendar 2.6 - Permission Verification Arbitrary Calendar Post Deletion","osvdb":"90227","secunia":"52218","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"2.7"},{"id":7017,"title":"Editorial Calendar 2.6 - Post Query Multiple Filter SQL Injection","osvdb":"90228","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z"}]}},{"shareyourcart":{"vulnerabilities":[{"id":7018,"title":"ShareYourCart 1.6.1 - SDK Multiple Unspecified Path Disclosure","osvdb":"81618","cve":"2012-4332","secunia":"48960","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"1.7.1"}]}},{"alo-easymail":{"vulnerabilities":[{"id":7019,"title":"ALO EasyMail Newsletter 2.4.7 - Multiple Unspecified XSS","osvdb":"82324","secunia":"49320","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"2.4.8"}]}},{"contact-form-7":{"vulnerabilities":[{"id":7020,"title":"Contact Form 7 \u003c= 3.7.1 - Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/66381/","cve":"2014-2265","created_at":"2014-08-01T10:59:06.000Z","updated_at":"2014-08-01T10:59:06.000Z","fixed_in":"3.7.2"},{"id":7021,"title":"Contact Form 7 \u0026 Old WP Versions - Crafted File Extension Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/125018/,http://seclists.org/fulldisclosure/2014/Feb/0","osvdb":"102776","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7022,"title":"Contact Form 7 \u003c= 3.5.2 - Arbitrary File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/124154/","osvdb":"100189","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z","fixed_in":"3.5.3"}]}},{"store-locator":{"vulnerabilities":[{"id":7023,"title":"Store Locator \u003c= 2.6.1 - Cross-Site Request Forgery Vulnerability","osvdb":"100485","secunia":"55276","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z","fixed_in":"2.12"}]}},{"optinfirex":{"vulnerabilities":[{"id":7024,"title":"Optinfirex - lp/index.php id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124188/","osvdb":"100435","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"amerisale-re":{"vulnerabilities":[{"id":7025,"title":"Amerisale-Re - Remote Shell Upload","url":"http://packetstormsecurity.com/files/124992/","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7026,"title":"Amerisale-Re - netriesdetail/upload.php edit Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124187/,http://xforce.iss.net/xforce/xfdb/89263","osvdb":"100434","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"js-multihotel":{"vulnerabilities":[{"id":7027,"title":"JS MultiHotel 2.2.1 - includes/show_image.php file Parameter Remote File Inclusion DoS","url":"http://packetstormsecurity.com/files/125959/,http://seclists.org/fulldisclosure/2014/Mar/428","osvdb":"105185","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7028,"title":"JS MultiHotel 2.2.1 - includes/delete_img.php path Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/125959/,http://seclists.org/fulldisclosure/2014/Mar/428,http://www.securityfocus.com/bid/66529","osvdb":"105186","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7029,"title":"JS MultiHotel 2.2.1 - Multiple Script Direct Request Path Disclosure","url":"http://packetstormsecurity.com/files/125959/,http://seclists.org/fulldisclosure/2014/Mar/428","osvdb":"105187","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7030,"title":"JS MultiHotel 2.2.1 - includes/timthumb.php src Parameter Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2014/Mar/413,http://www.securityfocus.com/bid/66529","osvdb":"105119","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7031,"title":"JS MultiHotel 2.2.1 - refreshDate.php roomid Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124239/,http://www.securityfocus.com/bid/64045","osvdb":"100575","secunia":"55919","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"dzs-videogallery":{"vulnerabilities":[{"id":7032,"title":"DZS Video Gallery - ajax.php source Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/125179/","osvdb":"103283","secunia":"56904","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7033,"title":"DZS Video Gallery - upload.php File Upload Remote Code Execution","osvdb":"100620","exploitdb":"29834","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7034,"title":"DZS Video Gallery 3.1.3 - Remote File Disclosure","url":"http://packetstormsecurity.com/files/124317/","osvdb":"100750","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7035,"title":"DZS Video Gallery - preview_allchars.swf logoLink Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/126846/,http://www.securityfocus.com/bid/67698,http://seclists.org/fulldisclosure/2014/May/157","osvdb":"107521","cve":"2014-3923","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7036,"title":"DZS Video Gallery - deploy/preview_skin_overlay.swf logoLink Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/126846/,http://www.securityfocus.com/bid/67698,http://seclists.org/fulldisclosure/2014/May/157","osvdb":"107522","cve":"2014-3923","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7037,"title":"DZS Video Gallery - deploy/preview.swf logoLink Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/126846/,http://www.securityfocus.com/bid/67698,http://seclists.org/fulldisclosure/2014/May/157","osvdb":"107523","cve":"2014-3923","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7038,"title":"DZS Video Gallery - preview_skin_rouge.swf logoLink Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/126846/,http://www.securityfocus.com/bid/67698,http://seclists.org/fulldisclosure/2014/May/157","osvdb":"107524","cve":"2014-3923","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"askapache-firefox-adsense":{"vulnerabilities":[{"id":7039,"title":"AskApache Firefox Adsense 3.0 - Unspecified CSRF","url":"https://www.htbridge.com/advisory/HTB23188","osvdb":"100662","cve":"2013-6992","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"ad-minister":{"vulnerabilities":[{"id":7040,"title":"Ad-minister 0.6 - Unspecified XSS","url":"http://packetstormsecurity.com/files/124604/,https://www.htbridge.com/advisory/HTB23187","osvdb":"100663","cve":"2013-6993","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"tdo-mini-forms":{"vulnerabilities":[{"id":7041,"title":"TDO Mini Forms 0.13.9 - tdomf-upload-inline.php File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/124352/","osvdb":"100847","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"huskerportfolio":{"vulnerabilities":[{"id":7042,"title":"HuskerPortfolio 0.3 - huskerPortfolio.php File Upload CSRF","url":"http://packetstormsecurity.com/files/124359/","osvdb":"100845","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"formcraft":{"vulnerabilities":[{"id":7043,"title":"FormCraft - form.php id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/124343/","osvdb":"100877","secunia":"56044","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"zarzadzanie_kontem":{"vulnerabilities":[{"id":7044,"title":"Zarzadzanie Kontem - ajaxfilemanager.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/118322/","osvdb":"87834","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"ads-box":{"vulnerabilities":[{"id":7045,"title":"Ads Box - iframe_ampl.php count Parameter SQL Injection","url":"http://packetstormsecurity.com/files/118342/,http://www.securityfocus.com/bid/56681,http://xforce.iss.net/xforce/xfdb/80256","osvdb":"88257","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"broken-link-checker":{"vulnerabilities":[{"id":7046,"title":"Broken Link Checker 1.9.1 - Bulk Action Form URL Handling XSS","osvdb":"101059","secunia":"56053","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z","fixed_in":"1.9.2"},{"id":7047,"title":"Broken Link Checker 1.9.1 - Sort Direction Query Argument Handling XSS","osvdb":"101066","secunia":"56053","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z","fixed_in":"1.9.2"}]}},{"easy-career-openings":{"vulnerabilities":[{"id":7048,"title":"Easy Career Openings - jobid Parameter SQL Injection","url":"http://packetstormsecurity.com/files/124309/","osvdb":"100677","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"q-and-a":{"vulnerabilities":[{"id":7049,"title":"Q and A 1.0.6.2 - Multiple Scripts Direct Request Path Disclosure","osvdb":"100793","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"ml-slider":{"vulnerabilities":[{"id":7050,"title":"Meta Slider 2.5 - metaslider.php id Parameter XSS","url":"http://packetstormsecurity.com/files/127288/,http://www.securityfocus.com/bid/68283","osvdb":"108611","cve":"2014-4846","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"},{"id":7051,"title":"Meta Slider 2.1.6 - Multiple Script Direct Request Path Disclosure","osvdb":"100794","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"custom-tables":{"vulnerabilities":[{"id":7052,"title":"Custom Tables 3.4.4 - iframe.php key Parameter XSS","osvdb":"83646","secunia":"49823","created_at":"2014-08-01T10:59:07.000Z","updated_at":"2014-08-01T10:59:07.000Z"}]}},{"wp-socializer":{"vulnerabilities":[{"id":7053,"title":"WP Socializer 2.4.2 - admin/wpsr-services-selector.php val Parameter XSS","osvdb":"83645","secunia":"49824","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"church-admin":{"vulnerabilities":[{"id":7054,"title":"church_admin 0.33.4.5 - includes/validate.php id Parameter XSS","osvdb":"83644","secunia":"49827","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"phpfreechat":{"vulnerabilities":[{"id":7055,"title":"PHPFreeChat 0.2.8 - lib/csstidy-1.2/css_optimiser.php url Parameter XSS","osvdb":"83642","secunia":"49826","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"simple-embed-code":{"vulnerabilities":[{"id":7056,"title":"Artiss Code Embed 2.0.1 - wp-admin/admin.php suffix Parameter XSS","osvdb":"83686","secunia":"49848","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"2.0.2"}]}},{"dewplayer-flash-mp3-player":{"vulnerabilities":[{"id":7057,"title":"Dewplayer - dewplayer-vinyl.swf xml Parameter XML File Handling XSS","url":"http://packetstormsecurity.com/files/124582/,http://www.securityfocus.com/bid/64506,http://seclists.org/fulldisclosure/2013/Dec/192","osvdb":"101353","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"},{"id":7058,"title":"Dewplayer - dewplayer-vinyl-en.swf xml Parameter XML File Handling XSS","url":"http://packetstormsecurity.com/files/124582/,http://www.securityfocus.com/bid/64506,http://seclists.org/fulldisclosure/2013/Dec/192","osvdb":"101352","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"},{"id":7059,"title":"Dewplayer \u003c= 1.2 - dewplayer.php Direct Request Path Disclosure Weakness","url":"http://seclists.org/fulldisclosure/2013/Dec/209","osvdb":"101440","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"advanced-dewplayer":{"vulnerabilities":[{"id":7060,"title":"Advanced Dewplayer - dewplayer-vinyl.swf xml Parameter XML File Handling XSS","url":"http://packetstormsecurity.com/files/124582/,http://www.securityfocus.com/bid/64506,http://seclists.org/fulldisclosure/2013/Dec/192","osvdb":"101353","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"},{"id":7058,"title":"Dewplayer - dewplayer-vinyl-en.swf xml Parameter XML File Handling XSS","url":"http://packetstormsecurity.com/files/124582/,http://www.securityfocus.com/bid/64506,http://seclists.org/fulldisclosure/2013/Dec/192","osvdb":"101352","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"},{"id":7061,"title":"Advanced Dewplayer \u003c= 1.2 - dewplayer.php Direct Request Path Disclosure Weakness","url":"http://seclists.org/fulldisclosure/2013/Dec/209","osvdb":"101440","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"},{"id":7062,"title":"Advanced Dewplayer \u003c= 1.2 - download-file.php dew_file Parameter Traversal Arbitrary File Access","url":"http://seclists.org/oss-sec/2013/q4/566","osvdb":"101513","secunia":"55941","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"sem-wysiwyg":{"vulnerabilities":[{"id":7063,"title":"SEM WYSIWYG - Arbitrary File Upload","url":"http://packetstormsecurity.com/files/115789/","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"recommend-a-friend":{"vulnerabilities":[{"id":7064,"title":"Recommend a friend 2.0.2 - inc/raf_form.php current_url Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124587/","osvdb":"101487","cve":"2013-7276","secunia":"56209","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"securimage-wp":{"vulnerabilities":[{"id":7065,"title":"Securimage-WP 3.2.4 - siwp_test.php URI XSS","url":"http://packetstormsecurity.com/files/121588/,http://xforce.iss.net/xforce/xfdb/84186","osvdb":"93259","secunia":"53376","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"amazon-affiliate-link-localizer":{"vulnerabilities":[{"id":7066,"title":"Amazon Affiliate Link Localizer 1.8.2 - amazon_affiliate_link_localizer.php amzn_com Parameter XSS","url":"http://www.dfcode.org/code.php?id=27","osvdb":"100783","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"maxbuttons":{"vulnerabilities":[{"id":7067,"title":"MaxButtons 1.19.0 - includes/maxbuttons-button-css.php Authentication Bypass","osvdb":"101773","secunia":"56272","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"1.20.0"}]}},{"aprils-super-functions-pack":{"vulnerabilities":[{"id":7068,"title":"April's Super Functions Pack 1.4.7 - readme.php page Parameter Reflected XSS","osvdb":"101807","secunia":"55576","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"1.4.8"}]}},{"wordpress-connect":{"vulnerabilities":[{"id":7069,"title":"WordPress Connect 2.0.3 - Editor Pages Unspecified XSS","osvdb":"101716","secunia":"56238","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"page-layout-builder":{"vulnerabilities":[{"id":7070,"title":"Page Layout Builder 1.3.4 - includes/layout-settings.php layout_settings_id Parameter Reflected XSS","osvdb":"101723","secunia":"56214","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"1.3.6"},{"id":7071,"title":"Page Layout Builder 1.3.4 - Unspecified Issue","osvdb":"101724","secunia":"56214","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"1.3.6"}]}},{"foliopress-wysiwyg":{"vulnerabilities":[{"id":7072,"title":"Foliopress WYSIWYG - Unspecified XSS","osvdb":"101726","secunia":"56261","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"2.6.8.5"}]}},{"intouch":{"vulnerabilities":[{"id":7073,"title":"intouch 2.0 - intouch.js.php intouch_failure Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124687/,http://www.securityfocus.com/bid/64680","osvdb":"101822","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"nmedia-mailchimp-widget":{"vulnerabilities":[{"id":7074,"title":"Nmedia MailChimp 3.1 - api_mailchimp/postToMailChimp.php abs_path Parameter XSS","osvdb":"83083","secunia":"49538","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"3.2"}]}},{"ns-utilities":{"vulnerabilities":[{"id":7075,"title":"NS Utilities 1.0 - Unspecified Remote Issue","osvdb":"82944","secunia":"49476","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"1.1"}]}},{"spiffy":{"vulnerabilities":[{"id":7076,"title":"Spiffy XSPF Player 0.1 - playlist.php playlist_id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/121204/,http://www.securityfocus.com/bid/58976,http://xforce.iss.net/xforce/xfdb/83345","osvdb":"92258","cve":"2013-3530","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"easy-media-gallery":{"vulnerabilities":[{"id":7077,"title":"Easy Media Gallery 1.2.29 - wp-admin/edit.php Multiple Parameter Stored XSS","url":"http://packetstormsecurity.com/files/125396/,http://www.securityfocus.com/bid/65804","osvdb":"103779","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"},{"id":7078,"title":"Easy Media Gallery 1.2.25 - includes/emg-settings.php spg_add_admin Function Admin User Creation CSRF","url":"http://incolumitas.com/2013/12/17/exploiting-wordpress-plugins-using-insecure-admin-forms-no-3-example-exploit-included/","osvdb":"101941","secunia":"56408","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"1.2.27"}]}},{"wp-members":{"vulnerabilities":[{"id":7079,"title":"WP-Members 2.8.9 - profile.php Multiple Parameter Stored XSS","url":"http://packetstormsecurity.com/files/124720/,http://www.securityfocus.com/bid/64713","osvdb":"101946","secunia":"56271","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"2.8.10"},{"id":7080,"title":"WP-Members 2.8.9 - wp-login.php register Action Multiple Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124720/,http://www.securityfocus.com/bid/64713","osvdb":"101947","secunia":"56271","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"2.8.10"}]}},{"wpmbytplayer":{"vulnerabilities":[{"id":7081,"title":"mb.YTPlayer for background videos 1.7.2 - TinyMCE Popup Unspecified Issue","osvdb":"101718","secunia":"56270","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"1.7.3"}]}},{"keyring":{"vulnerabilities":[{"id":7082,"title":"Keyring 1.5 - OAuth Example Page XSS","secunia":"56367","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z"}]}},{"avchat-3":{"vulnerabilities":[{"id":7083,"title":"AVChat Video Chat 1.4.1 - index_popup.php Multiple Parameters Reflected XSS","osvdb":"102206","secunia":"56447","created_at":"2014-08-01T10:59:08.000Z","updated_at":"2014-08-01T10:59:08.000Z","fixed_in":"1.4.2"}]}},{"groupdocs-comparison":{"vulnerabilities":[{"id":7084,"title":"GroupDocs Comparison 1.0.2 - grpdocscomparison.php Multiple Parameter XSS","osvdb":"102297","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.0.3"}]}},{"groupdocs-signature":{"vulnerabilities":[{"id":7085,"title":"GroupDocs Signature 1.2.0 - grpdocs-dialog.php Multiple Parameter XSS","osvdb":"102298","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.2.1"},{"id":7086,"title":"GroupDocs Signature 1.2.0 - options.php Multiple Parameter XSS","osvdb":"102299","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.2.1"}]}},{"groupdocs-viewer":{"vulnerabilities":[{"id":7087,"title":"GroupDocs Viewer 1.4.1 - options.php Multiple Parameter XSS","osvdb":"102299","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.4.2"},{"id":7088,"title":"GroupDocs Viewer 1.4.1 - grpdocs-dialog.php Multiple Parameter XSS","osvdb":"102300","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.4.2"}]}},{"groupdocs-documents-annotation":{"vulnerabilities":[{"id":7089,"title":"GroupDocs Document Annotation 1.3.8 - options.php Multiple Parameter XSS","osvdb":"102299","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.3.9"},{"id":7090,"title":"GroupDocs Document Annotation 1.3.8 - grpdocs-dialog.php Multiple Parameter XSS","osvdb":"102301","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.3.9"}]}},{"athlon-manage-calameo-publications":{"vulnerabilities":[{"id":7091,"title":"Manage Calameo Publications 1.1.0 - thickbox_content.php attachment_id Parameter Reflected XSS","osvdb":"102433","secunia":"56428","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.1.1"}]}},{"ss-downloads":{"vulnerabilities":[{"id":7092,"title":"SS Downloads  1.4.4.1 - services/getfile.php file Parameter XSS","osvdb":"102501","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.5"},{"id":7093,"title":"SS Downloads  1.4.4.1 - ss-downloads.php Multiple Variables XSS","osvdb":"102502","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.5"},{"id":7094,"title":"SS Downloads  1.4.4.1 - templates/download.php Multiple Parameters Reflected XSS","osvdb":"102503","secunia":"56428","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.5"},{"id":7095,"title":"SS Downloads  1.4.4.1 - templates/register.php Multiple Parameter Reflected XSS","osvdb":"102504","secunia":"56428","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.5"},{"id":7096,"title":"SS Downloads  1.4.4.1 - templates/emailsent.php Multiple Parameter Reflected XSS","osvdb":"102537","secunia":"56532","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.5"},{"id":7097,"title":"SS Downloads  1.4.4.1 - templates/emailform.php Multiple Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124958/","osvdb":"102538","secunia":"56532","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.5"},{"id":7098,"title":"SS Downloads  1.4.4.1 - templates/emailandnameform.php Multiple Parameter Reflected XSS","osvdb":"102539","secunia":"56532","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.5"}]}},{"global-flash-galleries":{"vulnerabilities":[{"id":7099,"title":"Global Flash Galleries - popup.php id Parameter SQL Injection","osvdb":"104907","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z"},{"id":7100,"title":"Global Flash Galleries - swfupload.php Unauthenticated Image Upload Weakness","url":"http://packetstormsecurity.com/files/124850/,http://www.securityfocus.com/bid/65060","osvdb":"102423","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z"}]}},{"social-connect":{"vulnerabilities":[{"id":7101,"title":"Social Connect 0.10.1 - diagnostics/test.php testing Parameter Reflected XSS","osvdb":"102411","secunia":"56587","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"0.10.2"}]}},{"let-them-unsubscribe":{"vulnerabilities":[{"id":7102,"title":"Let Them Unsubscribe 1.0 - let-them-unsubscribe.php Multiple Unspecified Issues","osvdb":"102500","secunia":"56659","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.1"}]}},{"seo-image":{"vulnerabilities":[{"id":7103,"title":"SEO Friendly Images 2.7.4 - seo-friendly-images.php Add Page CSRF","osvdb":"101789","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"2.7.5"},{"id":7104,"title":"SEO Friendly Images 2.7.4 - seo-friendly-images.php Multiple Parameters XSS","osvdb":"101790","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"2.7.5"}]}},{"wordpress-social-ring":{"vulnerabilities":[{"id":7105,"title":"Social Ring 1.0 - share.php url Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124851/","osvdb":"102424","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"1.1.9"}]}},{"flagallery-skins":{"vulnerabilities":[{"id":7106,"title":"GRAND FlAGallery Skins - compact_music_player/gallery.php playlist Parameter SQL Injection","url":"http://packetstormsecurity.com/files/121699/","osvdb":"93581","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z"}]}},{"contus-video-gallery":{"vulnerabilities":[{"id":7107,"title":"Contus Video Gallery - index.php playid Parameter SQL Injection","url":"http://www.securityfocus.com/bid/59845,http://xforce.iss.net/xforce/xfdb/84239","osvdb":"93369","cve":"2013-3478","secunia":"51344","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z"}]}},{"webengage":{"vulnerabilities":[{"id":7108,"title":"WebEngage 2.0.0 - callback.php Multiple Parameter Reflected XSS","osvdb":"102560","secunia":"56700","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"2.0.1"},{"id":7109,"title":"WebEngage 2.0.0 - renderer.php Multiple Parameter Reflected XSS","osvdb":"102561","secunia":"56700","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"2.0.1"},{"id":7110,"title":"WebEngage 2.0.0 - resize.php height Parameter XSS","osvdb":"102562","secunia":"56700","created_at":"2014-08-01T10:59:09.000Z","updated_at":"2014-08-01T10:59:09.000Z","fixed_in":"2.0.1"}]}},{"fetch-tweets":{"vulnerabilities":[{"id":7111,"title":"Fetch Tweets 1.3.3.6 - class/FetchTweets_Event_.php Missing Permission Check Unspecified Issue","osvdb":"102578","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z"}]}},{"seolinkrotator":{"vulnerabilities":[{"id":7112,"title":"Seo Link Rotator - pusher.php title Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124959/","osvdb":"102594","secunia":"56710","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z"}]}},{"nokia-mapsplaces":{"vulnerabilities":[{"id":7113,"title":"Nokia Maps and Places 1.6.6 - place.html href Parameter Reflected XSS","osvdb":"102669","cve":"2014-1750","secunia":"56604","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.6.7"}]}},{"webinar_plugin":{"vulnerabilities":[{"id":7114,"title":"Easy Webinar - get_widget.php wid Parameter SQL Injection","osvdb":"86754","exploitdb":"22300","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.6.7"}]}},{"wp-social-invitations":{"vulnerabilities":[{"id":7115,"title":"WP Social Invitations \u003c=1.4.4.2 - test.php Multiple Parameter Reflected XSS","osvdb":"102741","secunia":"56711","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.4.4.3"}]}},{"infusionsoft":{"vulnerabilities":[{"id":7116,"title":"Infusionsoft Gravity Forms Add-on 1.5.6 - Unspecified XSS","osvdb":"102742","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.5.7"}]}},{"comment-control":{"vulnerabilities":[{"id":7117,"title":"Comment Control 0.3.0 - comment-control.php type Parameter SQL Injection","osvdb":"102581","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"0.3.1"}]}},{"wptouch":{"vulnerabilities":[{"id":7118,"title":"WPtouch 3.x - Insecure Nonce Generation","url":"http://blog.sucuri.net/2014/07/disclosure-insecure-nonce-generation-in-wptouch.html","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","metasploit":"exploit/unix/webapp/wp_wptouch_file_upload","fixed_in":"3.4.3"},{"id":7119,"title":"WPtouch 1.9.27 - 'wptouch_redirect' Parameter URI Redirection Vulnerability","url":"http://www.securityfocus.com/bid/48348","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.9.30"},{"id":7120,"title":"WPtouch 1.9.19.4 - wp-content/plugins/wptouch/include/adsense-new.php wptouch_settings Parameter XSS","url":"http://www.securityfocus.com/bid/45139","osvdb":"69538","cve":"2010-4779","secunia":"42438","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.9.20"},{"id":7121,"title":"WPtouch 1.9.8 - ajax/file_upload.php Crafted Content-Type File Upload Remote Code Execution","osvdb":"102582","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.9.8.1"},{"id":7122,"title":"WPtouch 1.9.8 - include/submit.php Multiple Parameter SQL Injection","osvdb":"102583","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.9.8.1"}]}},{"better-search":{"vulnerabilities":[{"id":7123,"title":"Better Search 1.2.1 - admin.inc.php Setting Manipulation CSRF","osvdb":"102584","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.3"}]}},{"very-simple-contact-form":{"vulnerabilities":[{"id":7124,"title":"Very Simple Contact Form 1.1 - Unspecified Issue","osvdb":"102798","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.2"}]}},{"stop-user-enumeration":{"vulnerabilities":[{"id":7125,"title":"Stop User Enumeration 1.2.4 - POST Request Protection Bypass","url":"http://packetstormsecurity.com/files/125035/,http://seclists.org/fulldisclosure/2014/Feb/3","osvdb":"102799","secunia":"56643","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z"}]}},{"delightful-downloads":{"vulnerabilities":[{"id":7126,"title":"Delightful Downloads 1.3.1.1 - meta-boxes.php dedo_meta_boxes_save Function Multiple Action Authorization Bypass","osvdb":"102932","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.3.2"},{"id":7127,"title":"Delightful Downloads 1.3.1.1 - includes/functions.php User-Agent HTTP Header Stored XSS","osvdb":"102928","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.3.2"}]}},{"mobiloud-mobile-app-plugin":{"vulnerabilities":[{"id":7128,"title":"Mobiloud 1.9.0 - comments/disqus_count.php shortname Parameter Reflected XSS","osvdb":"102898","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.9.1"},{"id":7129,"title":"Mobiloud 1.9.0 - comments/disqus.php shortname Parameter Reflected XSS","osvdb":"102899","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.9.1"}]}},{"all_in_one_carousel":{"vulnerabilities":[{"id":7130,"title":"all_in_one_carousel 1.2.20 - /tpl/add_carousel.php id Parameter Reflected XSS","url":"http://seclists.org/bugtraq/2014/Feb/38","osvdb":"103351","secunia":"56962","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z"}]}},{"frontend-uploader":{"vulnerabilities":[{"id":7131,"title":"Frontend Uploader - Unspecified File Upload Remote Code Execution","osvdb":"103454","exploitdb":"31570","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z"}]}},{"wp-security-scan":{"vulnerabilities":[{"id":7132,"title":"Acunetix WP Security 4.0.3 - /wp-admin/admin.php wps-database Page Backup Generation CSRF Weakness","url":"http://packetstormsecurity.com/files/125218/","osvdb":"103467","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z"}]}},{"aryo-activity-log":{"vulnerabilities":[{"id":7133,"title":"Aryo Activity Log - Full Path Disclosure","url":"https://github.com/KingYes/wordpress-aryo-activity-log/pull/27","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"2.0.4"}]}},{"wp-jquery-spam":{"vulnerabilities":[{"id":7134,"title":"WP jQuery Spam 1.1 - dynamic.php id Parameter Reflected XSS","osvdb":"103579","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"1.2"}]}},{"media-file-renamer":{"vulnerabilities":[{"id":7135,"title":"Media File Renamer v1.7.0 - Persistent XSS","url":"http://packetstormsecurity.com/files/125378/,http://www.vapid.dhs.org/advisories/wordpress/plugins/MediaFileRenamer-1.7.0/","cve":"2014-2040","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z"}]}},{"flash-player-widget":{"vulnerabilities":[{"id":7136,"title":"Flash Player Widget - dewplayer.swf Content Spoofing","url":"http://www.openwall.com/lists/oss-security/2013/12/30/5","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z"}]}},{"alpine-photo-tile-for-instagram":{"vulnerabilities":[{"id":7137,"title":"Alpine PhotoTile For Instagram 1.2.6.5 - wp-admin/options-general.php general_lightbox_params Parameter XSS Weakness","url":"http://packetstormsecurity.com/files/125418/","osvdb":"103822","secunia":"57198","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z"}]}},{"widget-control-powered-by-everyblock":{"vulnerabilities":[{"id":7138,"title":"Widget Control Powered By Everyblock 1.0.1 - wp-admin/admin.php idDropdown Parameter XSS Weakness","url":"http://packetstormsecurity.com/files/125421/","osvdb":"103831","secunia":"57203","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z"}]}},{"search-everything":{"vulnerabilities":[{"id":7139,"title":"Search Everything 8.1.0 - options.php Unspecified CSRF","osvdb":"106733","created_at":"2014-08-01T10:59:10.000Z","updated_at":"2014-08-01T10:59:10.000Z","fixed_in":"8.1.1"},{"id":7140,"title":"Search Everything 7.0.4 - Unspecified Issue","osvdb":"104058","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"8.0"},{"id":7141,"title":"Search Everything 7.0.2 - search-everything.php s Parameter SQL Injection","url":"http://www.securityfocus.com/bid/65765","osvdb":"103718","cve":"2014-2316","secunia":"56802","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"7.0.3"}]}},{"zedity":{"vulnerabilities":[{"id":7142,"title":"Zedity 2.5 - wp-admin/admin-ajax.php zedity_ajax Action zaction Parameter XSS","url":"http://www.securityfocus.com/bid/65799","osvdb":"103789","secunia":"57026","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z"},{"id":7143,"title":"Zedity 2.4 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/125402/","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z"}]}},{"wp-post-to-pdf":{"vulnerabilities":[{"id":7144,"title":"WP Post to PDF 2.3.1 - wp-admin/options.php wpptopdf headerFontSize Parameter XSS","url":"http://packetstormsecurity.com/files/125432/","osvdb":"103872","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z"}]}},{"bsk-pdf-manager":{"vulnerabilities":[{"id":7145,"title":"BSK PDF Manager 1.3.2 - wp-admin/admin.php Multiple Parameter SQL Injection","url":"http://packetstormsecurity.com/files/127407/,http://www.securityfocus.com/bid/68488","osvdb":"108913","cve":"2014-4944","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z"},{"id":7146,"title":"BSK PDF Manager 1.3 - wp-admin/admin.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/125422/","osvdb":"103873","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z"}]}},{"mp3-jplayer":{"vulnerabilities":[{"id":7147,"title":"MP3-jPlayer 1.8.7 - wp-admin/options-general.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/125417/","osvdb":"103875","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z"},{"id":7148,"title":"MP3-jPlayer 1.8.3 - jPlayer.swf XSS","osvdb":"92254","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"1.8.4"}]}},{"google-analytics-mu":{"vulnerabilities":[{"id":7149,"title":"Google Analytics MU 2.3 - google-analytics-mu-network.php Analytics Code Manipulation CSRF","url":"http://packetstormsecurity.com/files/125514/,http://seclists.org/fulldisclosure/2014/Mar/20,http://www.securityfocus.com/bid/65926","osvdb":"103937","secunia":"56157","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"2.4"}]}},{"repagent":{"vulnerabilities":[{"id":7150,"title":"Repagent - dewplayer-vinyl.swf xml Parameter XML File Handling XSS","url":"http://packetstormsecurity.com/files/124582/,http://www.securityfocus.com/bid/64506,http://seclists.org/fulldisclosure/2013/Dec/192","osvdb":"101353","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z"},{"id":7151,"title":"Repagent - dewplayer-vinyl-en.swf xml Parameter XML File Handling XSS","url":"http://packetstormsecurity.com/files/124582/,http://www.securityfocus.com/bid/64506,http://seclists.org/fulldisclosure/2013/Dec/192","osvdb":"101352","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z"}]}},{"LayerSlider":{"vulnerabilities":[{"id":7152,"title":"LayerSlider 4.6.1 - wp-admin/admin.php Style Editing CSRF","url":"http://packetstormsecurity.com/files/125637/","osvdb":"104393","secunia":"57930","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z"},{"id":7153,"title":"LayerSlider 4.6.1 - LayerSlider/editor.php skin Parameter Remote Path Traversal File Access","url":"http://packetstormsecurity.com/files/125637/","osvdb":"104394","secunia":"57309","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z"}]}},{"xcloner-backup-and-restore":{"vulnerabilities":[{"id":7154,"title":"XCloner 3.1.0 - Multiple Actions CSRF","url":"http://packetstormsecurity.com/files/125991/,https://www.htbridge.com/advisory/HTB23206,https://www.htbridge.com/advisory/HTB23207","osvdb":"104402","cve":"2014-2340,2014-2579","secunia":"57362","exploitdb":"32701","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"3.1.1"}]}},{"guiform":{"vulnerabilities":[{"id":7155,"title":"GuiForm 1.4.10 - class/class-ajax.php Entry Saving CSRF","osvdb":"104399","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"1.5.0"}]}},{"clickdesk-live-support-chat-plugin":{"vulnerabilities":[{"id":7156,"title":"ClickDesk - Live Chat Widget Multiple Field XSS","url":"http://packetstormsecurity.com/files/125528/,http://www.securityfocus.com/bid/65971","osvdb":"104037","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z"}]}},{"duplicate-post":{"vulnerabilities":[{"id":7157,"title":"Duplicate Post 2.5 - duplicate-post-admin.php User Login Cookie Value SQL Injection","osvdb":"104669","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"2.6"},{"id":7158,"title":"Duplicate Post 2.5 - options-general.php post Parameter Reflected XSS","osvdb":"104670","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"2.6"}]}},{"mtouch-quiz":{"vulnerabilities":[{"id":7159,"title":"mTouch Quiz 3.0.6 - question.php quiz Parameter Reflected XSS","url":"http://www.securityfocus.com/bid/66306","osvdb":"104667","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"3.0.7"},{"id":7160,"title":"mTouch Quiz 3.0.6 - question.php quiz Parameter SQL Injection","url":"http://www.securityfocus.com/bid/66306","osvdb":"104668","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"3.0.7"}]}},{"simple-retail-menus":{"vulnerabilities":[{"id":7161,"title":"Simple Retail Menus 4.0.1 - includes/actions.php targetmenu Parameter SQL Injection","osvdb":"104680","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"4.1"},{"id":7162,"title":"Simple Retail Menus 4.0.1 - includes/mode-edit.php targetmenu Parameter SQL Injection","osvdb":"104682","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"4.1"}]}},{"user-domain-whitelist":{"vulnerabilities":[{"id":7163,"title":"User Domain Whitelist 1.4 - user-domain-whitelist.php domain_whitelist Parameter Stored XSS","osvdb":"104681","secunia":"57490","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z"},{"id":7164,"title":"User Domain Whitelist 1.4 -  user-domain-whitelist.php Domain Whitelisting Manipulation CSRF","osvdb":"104683","secunia":"57490","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"1.5"}]}},{"subscribe-to-comments-reloaded":{"vulnerabilities":[{"id":7165,"title":"Subscribe To Comments Reloaded 140204 - options/index.php manager_page Parameter Stored XSS Weakness","url":"http://www.securityfocus.com/bid/66288","osvdb":"104698","secunia":"57015","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"140219"},{"id":7166,"title":"Subscribe To Comments Reloaded 140204 - options/index.php Admin Settings Manipulation CSRF","url":"http://www.securityfocus.com/bid/66288","osvdb":"104699","secunia":"57015","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"140219"}]}},{"analytics360":{"vulnerabilities":[{"id":7167,"title":"Analytics360 1.2.1 - analytics360.php Multiple Action CSRF","osvdb":"104743","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"1.2.2"},{"id":7168,"title":"Analytics360 1.2 - analytics360.php a360_error Parameter Reflected XSS","osvdb":"104744","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"1.2.1"}]}},{"the-events-calendar":{"vulnerabilities":[{"id":7169,"title":"The Events Calendar 3.0 - lib/template-classes/month.php tribe-bar-search Parameter Reflected XSS","osvdb":"104785","created_at":"2014-08-01T10:59:11.000Z","updated_at":"2014-08-01T10:59:11.000Z","fixed_in":"3.0.1"}]}},{"form-maker":{"vulnerabilities":[{"id":7170,"title":"Form Maker 1.6.4 - front_end_form_maker.php Unspecified XSS","osvdb":"104870","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"1.6.6"}]}},{"1-jquery-photo-gallery-slideshow-flash":{"vulnerabilities":[{"id":7171,"title":"ZooEffect 1.08 - wp-1pluginjquery.php HTTP Referer Header Reflected XSS","osvdb":"104876","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"1.09"}]}},{"google-analytics-dashboard":{"vulnerabilities":[{"id":7172,"title":"Google Analytics Dashboard 2.0.4 - gad-admin-pages-posts.php pid Parameter SQL Injection","osvdb":"104877","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"2.0.5"}]}},{"blogvault-real-time-backup":{"vulnerabilities":[{"id":7173,"title":"blogVault 1.08 - Missing Account Empty Secret Key Generation","osvdb":"107570","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"1.09"},{"id":7174,"title":"blogVault 1.05 - admin.php blogVault Key Setting CSRF","osvdb":"104906","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"1.06"}]}},{"captcha":{"vulnerabilities":[{"id":7175,"title":"Captcha 2.12-3.8.1 - captcha bypass","url":"http://www.antoine-cervoise.fr/2014/03/27/contournement-du-plugin-captcha-pour-wordpress-v-3-8-1-et-anterieures/,https://github.com/cervoise/pentest-scripts/blob/master/web/cms/captcha-bypass/wordpress-plugins/captcha/bypass-3.8.1-and-previous.php","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"3.8.2"}]}},{"wp-html-sitemap":{"vulnerabilities":[{"id":7176,"title":"WP HTML Sitemap 1.2 - wp-html-sitemap.html Sitemap Deletion CSRF","url":"http://packetstormsecurity.com/files/125933/,http://seclists.org/fulldisclosure/2014/Mar/400,https://security.dxw.com/advisories/csrf-vulnerability-in-wp-html-sitemap-1-2/","osvdb":"105084","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z"}]}},{"groups":{"vulnerabilities":[{"id":7177,"title":"Groups 1.4.5 - Negated Role Capability Handling Elevated Privilege Issue","osvdb":"104940","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"1.4.6"}]}},{"html5-jquery-audio-player":{"vulnerabilities":[{"id":7178,"title":"HTML5 jQuery Audio Player 2.3 - playlist/add_playlist.php Multiple Parameter Stored XSS Weakness","osvdb":"104951","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"2.4"},{"id":7179,"title":"HTML5 jQuery Audio Player 2.3 - playlist/add_playlist.php id Parameter SQL Injection","osvdb":"104952","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"2.4"}]}},{"shrimptest":{"vulnerabilities":[{"id":7180,"title":"ShrimpTest 1.0b2 - plugins/metric-conversion.php Multiple Unspecified XSS","osvdb":"104956","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"1.0b3"},{"id":7181,"title":"ShrimpTest 1.0b2 - plugins/plugin-notification.php Unspecified XSS","osvdb":"104957","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"1.0b3"},{"id":7182,"title":"ShrimpTest 1.0b2 - plugins/variant-shortcode.php Unspecified XSS","osvdb":"104958","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"1.0b3"},{"id":7183,"title":"ShrimpTest 1.0b2 - admin/experiments.php Multiple Unspecified XSS","osvdb":"104959","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"1.0b3"},{"id":7184,"title":"ShrimpTest 1.0b2 - admin/experiment-new.php Multiple Unspecified XSS","osvdb":"104960","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"1.0b3"}]}},{"activehelper-livehelp":{"vulnerabilities":[{"id":7185,"title":"ActiveHelper LiveHelp Server 3.2.2 - server/import/status.php Multiple Parameter SQL Injection","osvdb":"104990","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"3.4.0"},{"id":7186,"title":"ActiveHelper LiveHelp Server 3.2.2 - server/import/tracker.php Multiple Parameter SQL Injection","osvdb":"104991","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"3.4.0"},{"id":7187,"title":"ActiveHelper LiveHelp Server 3.2.2 - server/import/javascript.php Multiple Vector SQL Injection","osvdb":"104992","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"3.4.0"},{"id":7188,"title":"ActiveHelper LiveHelp Server 3.2.2 - server/frames.php DEPARTMENT Parameter SQL Injection","osvdb":"104993","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"3.4.0"}]}},{"springboard-video-quick-publish":{"vulnerabilities":[{"id":7189,"title":"Springboard Video Quick Publish 0.2.6 - videolist.php paged Parameter Reflected XSS","osvdb":"105992","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"0.2.7"},{"id":7190,"title":"Springboard Video Quick Publish 0.2.6 - springboardvideo.php video_id Parameter XSS","osvdb":"105993","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"0.2.7"},{"id":7191,"title":"Springboard Video Quick Publish 0.2.6 - sb_search.php paged Parameter Reflected XSS","osvdb":"105994","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"0.2.7"},{"id":7192,"title":"Springboard Video Quick Publish 0.2.4 - Unspecified Issue","osvdb":"105007","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"0.2.5"}]}},{"ignitiondeck":{"vulnerabilities":[{"id":7193,"title":"IgnitionDeck 1.1 - Purchase Form Unspecified XSS","osvdb":"105008","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"1.2"}]}},{"ajax-pagination":{"vulnerabilities":[{"id":7194,"title":"Ajax Pagination 1.1 - wp-admin/admin-ajax.php loop Parameter Local File Inclusion","url":"http://packetstormsecurity.com/files/125929/,http://seclists.org/fulldisclosure/2014/Mar/398","osvdb":"105087","exploitdb":"32622","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z"}]}},{"tt-guest-post-submit":{"vulnerabilities":[{"id":7195,"title":"TT Guest Post Submit 1.0.0 - tt-guest-post-submit-submit.php rootpath Parameter Remote File Inclusion","osvdb":"105120","created_at":"2014-08-01T10:59:12.000Z","updated_at":"2014-08-01T10:59:12.000Z","fixed_in":"1.0.1"}]}},{"salesforce-wordpress-to-lead":{"vulnerabilities":[{"id":7196,"title":"WordPress-to-Lead for Salesforce CRM 1.0.4 - ov_plugin_tools.php textinput Function XSS","osvdb":"105146","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"1.0.5"},{"id":7197,"title":"WordPress-to-Lead for Salesforce CRM 1.0.1 - salesforce.php salesforce_form_shortcode Function Error Message Handling XSS","osvdb":"105148","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"1.0.2"},{"id":7198,"title":"WordPress-to-Lead for Salesforce CRM 1.0 - salesforce.php Multiple Parameter XSS","osvdb":"105147","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"1.0.1"}]}},{"disable-comments":{"vulnerabilities":[{"id":7199,"title":"Disable Comments 1.0.3 - disable_comments_settings.php Comment Status Manipulation CSRF","url":"http://www.securityfocus.com/bid/66564","osvdb":"105245","cve":"2014-2550","secunia":"57613","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"1.0.4"}]}},{"wp-business-intelligence-lite":{"vulnerabilities":[{"id":7200,"title":"WP Business intelligence lite \u003c= 1.0.6 - Remote Code Execution Exploit","url":"http://packetstormsecurity.com/files/125927/,http://cxsecurity.com/issue/WLB-2014030243","secunia":"57590","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"1.1"}]}},{"barclaycart":{"vulnerabilities":[{"id":7201,"title":"Barclaycart - Shell Upload","url":"http://packetstormsecurity.com/files/125552/","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z"}]}},{"Premium_Gallery_Manager":{"vulnerabilities":[{"id":7202,"title":"Premium Gallery Manager - Shell Upload","url":"http://packetstormsecurity.com/files/125586/","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z"}]}},{"jetpack":{"vulnerabilities":[{"id":7203,"title":"Jetpack \u003c= 2.9.2 - class.jetpack.php XML-RPC Access Control Bypass","url":"http://jetpack.me/2014/04/10/jetpack-security-update/","osvdb":"105714","cve":"2014-0173","secunia":"57729","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"2.9.3"}]}},{"lazyest-gallery":{"vulnerabilities":[{"id":7204,"title":"Lazyest Gallery \u003c= 1.1.20 - EXIF Script Insertion Vulnerability","osvdb":"105680","cve":"2014-2333","secunia":"57746","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"1.1.21"},{"id":7205,"title":"Lazyest Gallery 1.1.7 - Crafted Folder Name Unspecified Issue","osvdb":"105728","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"1.1.8"},{"id":7206,"title":"Lazyest Gallery 0.10.4.3 - Multiple File/Directory Insecure Permissions Local Content Manipulation","osvdb":"105818","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"0.10.4.4"},{"id":7207,"title":"Lazyest Gallery 0.4.2 - Multiple Unspecified Issues","osvdb":"107400","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z"}]}},{"post-expirator":{"vulnerabilities":[{"id":7208,"title":"Post Expirator \u003c= 2.1.1 - Cross-Site Request Forgery Vulnerability","secunia":"57503","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"2.1.2"}]}},{"quick-pagepost-redirect-plugin":{"vulnerabilities":[{"id":7209,"title":"Quick Page Post Redirect 5.0.4 - redirect-updates.php quickppr_redirects Parameter Stored XSS","url":"http://www.securityfocus.com/bid/66790,https://security.dxw.com/advisories/csrf-and-stored-xss-in-quick-pagepost-redirect-plugin/","osvdb":"105707","cve":"2014-2598","secunia":"57883","exploitdb":"32867","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"5.0.5"},{"id":7210,"title":"Quick Page Post Redirect 5.0.4 - redirect-updates.php Multiple Admin Function CSRF","url":"http://www.securityfocus.com/bid/66790,https://security.dxw.com/advisories/csrf-and-stored-xss-in-quick-pagepost-redirect-plugin/","osvdb":"105708","cve":"2014-2598","secunia":"57883","exploitdb":"32867","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"5.0.5"}]}},{"twitget":{"vulnerabilities":[{"id":7211,"title":"Twitget 3.3.1 - twitget.php Twitter Setting Manipulation CSRF","url":"https://security.dxw.com/advisories/csrfxss-vulnerability-in-twitget-3-3-1/","osvdb":"105705","cve":"2014-2559","exploitdb":"32868","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"3.3.3"},{"id":7212,"title":"Twitget 3.3.1 - twitget.php twitget_consumer_key Parameter Stored XSS","url":"https://security.dxw.com/advisories/csrfxss-vulnerability-in-twitget-3-3-1/","osvdb":"105704","cve":"2014-2559","exploitdb":"32868","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"3.3.3"}]}},{"hk-exif-tags":{"vulnerabilities":[{"id":7213,"title":"HK Exif Tags 1.11 - hk_exif_tags.php hk_exif_tags_images_process Function EXIF Tags Handling Stored XSS","osvdb":"105725","secunia":"57753","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"1.12"}]}},{"unconfirmed":{"vulnerabilities":[{"id":7214,"title":"Unconfirmed \u003c= 1.2.4 - unconfirmed.php s Parameter Reflected XSS","osvdb":"105722","secunia":"57838","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"1.2.5"}]}},{"liveoptim":{"vulnerabilities":[{"id":7215,"title":"LiveOptim 1.4.3 - Configuration Setting Manipulation CSRF","url":"http://www.securityfocus.com/bid/66939","osvdb":"105986","secunia":"57990","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"1.4.4"}]}},{"wp-conditional-captcha":{"vulnerabilities":[{"id":7216,"title":"Conditional CAPTCHA 3.6 - wp-conditional-captcha.php Settings Page CSRF","osvdb":"106014","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"3.6.1"}]}},{"wp-js-external-link-info":{"vulnerabilities":[{"id":7217,"title":"JS External Link Info 1.21 - redirect.php blog Parameter XSS","url":"http://packetstormsecurity.com/files/126238/,http://www.securityfocus.com/bid/66999","osvdb":"106125","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z"}]}},{"simple-fields":{"vulnerabilities":[{"id":7218,"title":"Simple Fields 1.1.6 - inc-admin-options.php Admin Functions CSRF","osvdb":"106316","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"1.2"},{"id":7219,"title":"Simple Fields 0.3.5 - simple_fields.php wp_abspath Parameter Remote File Inclusion","osvdb":"106622","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z","fixed_in":"0.3.6"}]}},{"work-the-flow-file-upload":{"vulnerabilities":[{"id":7220,"title":"Work The Flow File Upload 1.2.1 - wp-admin/admin-ajax.php accept_file_types Parameter Manipulation File Upload Restriction Bypass","url":"http://www.securityfocus.com/bid/67083,http://packetstormsecurity.com/files/126333/","osvdb":"106366","secunia":"58216","created_at":"2014-08-01T10:59:13.000Z","updated_at":"2014-08-01T10:59:13.000Z"}]}},{"file-gallery":{"vulnerabilities":[{"id":7221,"title":"File Gallery 1.7.9 - Settings Page create_function Function Remote Command Execution","url":"http://www.securityfocus.com/bid/67120","osvdb":"106417","cve":"2014-2558","secunia":"58216","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.7.9.2"}]}},{"nextcellent-gallery-nextgen-legacy":{"vulnerabilities":[{"id":7222,"title":"NextCellent Gallery 1.9.13 - admin/manage-images.php Multiple Field Stored XSS Weakness","url":"http://www.securityfocus.com/bid/67085","osvdb":"106474","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.9.18"}]}},{"wp-affiliate-platform":{"vulnerabilities":[{"id":7223,"title":"WP Affiliate Manager - login.php msg Parameter XSS","url":"http://packetstormsecurity.com/files/126424/","osvdb":"106533","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z"}]}},{"query-interface":{"vulnerabilities":[{"id":7224,"title":"Query Interface 1.1 - Multiple Unspecified Issues","osvdb":"106642","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.2"}]}},{"photo-gallery":{"vulnerabilities":[{"id":7225,"title":"Photo-Gallery - UploadHandler.php File Upload CSRF","url":"http://packetstormsecurity.com/files/126521/","osvdb":"106732","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z"}]}},{"infusion4wp":{"vulnerabilities":[{"id":7226,"title":"iMember360is 3.9.001 - XSS / Disclosure / Code Execution","url":"http://1337day.com/exploit/22184","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"3.9.002"}]}},{"acumbamail-signup-forms":{"vulnerabilities":[{"id":7227,"title":"Acumbamail 1.0.4  - acumbamail.class.php callAPI() Function MitM Information Disclosure","url":"http://www.securityfocus.com/bid/67220","osvdb":"106711","secunia":"67220","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.0.4.1"}]}},{"tinymce-colorpicker":{"vulnerabilities":[{"id":7228,"title":"TinyMCE Color Picker 1.1 - tinymce-colorpicker.php Color Saving CSRF","url":"http://www.securityfocus.com/bid/67333","osvdb":"106854","secunia":"58095","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.2"},{"id":7229,"title":"TinyMCE Color Picker 1.1 - tinymce-colorpicker.php Missing edit_others_posts Capability Check","url":"http://www.securityfocus.com/bid/67333","osvdb":"106854","secunia":"58095","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.2"}]}},{"contact-bank":{"vulnerabilities":[{"id":7230,"title":"Contact Bank 2.0.19 - Multiple Unspecified Issues","osvdb":"106868","secunia":"67334","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"2.0.20"}]}},{"bonuspressx":{"vulnerabilities":[{"id":7231,"title":"Bonuspressx - ar_submit.php n Parameter XSS","url":"http://packetstormsecurity.com/files/126595/","osvdb":"106931","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z"}]}},{"profile-builder":{"vulnerabilities":[{"id":7232,"title":"Profile Builder 1.1.59 - front-end/wppb.recover.password.php Password Recovery Bypass","url":"http://www.securityfocus.com/bid/67331","osvdb":"106986","secunia":"58511","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.1.60"}]}},{"basic-google-maps-placemarks":{"vulnerabilities":[{"id":7233,"title":"Basic Google Maps Placemarks 1.10.2 - settings.php Multiple Fields Stored XSS Weakness","osvdb":"107121","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.10.3"}]}},{"simple-popup":{"vulnerabilities":[{"id":7234,"title":"Simple Popup - popup.php z Parameter XSS","url":"http://packetstormsecurity.com/files/126763/,http://www.securityfocus.com/bid/67562","osvdb":"107294","cve":"2014-3921","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z"}]}},{"bib2html":{"vulnerabilities":[{"id":7235,"title":"bib2html 0.9.3 - /OSBiB/create/index.php styleShortName Parameter XSS","url":"http://packetstormsecurity.com/files/126782/,http://www.securityfocus.com/bid/67589","osvdb":"107296","cve":"2014-3870","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z"}]}},{"conversionninja":{"vulnerabilities":[{"id":7236,"title":"Conversion Ninja - /lp/index.php id Parameter XSS","url":"http://packetstormsecurity.com/files/126781/,http://www.securityfocus.com/bid/67590","osvdb":"107297","cve":"2014-4017","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z"}]}},{"cool-video-gallery":{"vulnerabilities":[{"id":7237,"title":"Cool Video Gallery 1.8 - admin/gallery-details.php Multiple Actions CSRF","osvdb":"107354","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.9"},{"id":7238,"title":"Cool Video Gallery 1.8 - admin/gallery-manage.php Gallery Deletion CSRF","osvdb":"107355","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.9"},{"id":7239,"title":"Cool Video Gallery 1.8 - admin/gallery-settings.php Gallery Settings Manipulation CSRF","osvdb":"107356","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.9"},{"id":7240,"title":"Cool Video Gallery 1.8 - admin/gallery-sort.php Gallery Sort Order Manipulation CSRF","osvdb":"107357","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.9"},{"id":7241,"title":"Cool Video Gallery 1.8 - admin/player-settings.php Player Settings Manipulation CSRF","osvdb":"107358","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.9"},{"id":7242,"title":"Cool Video Gallery 1.8 - admin/plugin-uninstall.php Plugin Uninstallation CSRF","osvdb":"107359","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.9"},{"id":7243,"title":"Cool Video Gallery 1.8 - admin/video-sitemap.php XML Video Sitemap Generation CSRF","osvdb":"107360","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.9"},{"id":7244,"title":"Cool Video Gallery 1.8 - lib/core.php Multiple Actions CSRF","osvdb":"107361","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.9"}]}},{"gtranslate":{"vulnerabilities":[{"id":7245,"title":"GTranslate 1.0.12 - gtranslate.php Widget Code Editing CSRF","osvdb":"107399","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.0.13"}]}},{"world-of-warcraft-armory-table":{"vulnerabilities":[{"id":7246,"title":"World of Warcraft Armory Table 0.2.5 - WoWArmoryTable.php page Parameter Reflected XSS","url":"http://www.securityfocus.com/bid/67628","osvdb":"107479","secunia":"58596","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"0.2.6"}]}},{"participants-database":{"vulnerabilities":[{"id":7247,"title":"Participants Database 1.5.4.8 - pdb-signup CSV_type Action query Parameter SQL Injection","url":"http://www.exploit-db.com/exploits/33613,http://packetstormsecurity.com/files/126878/,http://www.securityfocus.com/bid/67769,http://www.securityfocus.com/bid/67938","osvdb":"107626","cve":"2014-3961","secunia":"58816","created_at":"2014-08-01T10:59:14.000Z","updated_at":"2014-08-01T10:59:14.000Z","fixed_in":"1.5.4.9"}]}},{"popup-images":{"vulnerabilities":[{"id":7248,"title":"Popup Images - popup-images/popup.php z Parameter XSS","url":"http://packetstormsecurity.com/files/126872/","osvdb":"107627","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"ose-firewall":{"vulnerabilities":[{"id":7249,"title":"Centrora Security 3.2.1 - Multiple Admin Actions CSRF","osvdb":"107658","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z","fixed_in":"3.3.0"}]}},{"lively-chat-support":{"vulnerabilities":[{"id":7250,"title":"Lively Chat Support 1.0.29 - Unspecified Issue","osvdb":"107689","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z","fixed_in":"1.0.30"}]}},{"feature-comments":{"vulnerabilities":[{"id":7251,"title":"Featured Comments 1.2.1 - wp-admin/admin-ajax.php Comment Status Manipulation CSRF","url":"https://security.dxw.com/advisories/csrf-in-featured-comments-1-2-1-allows-an-attacker-to-set-and-unset-comment-statuses/,http://www.securityfocus.com/bid/67955,http://packetstormsecurity.com/files/127023/","osvdb":"107844","cve":"2014-4163","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"wp-football":{"vulnerabilities":[{"id":7252,"title":"wp-football 1.1 - templates/template_worldCup_preview.php league Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108336","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"},{"id":7253,"title":"wp-football 1.1 - templates/template_default_preview.php league Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108337","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"},{"id":7254,"title":"wp-football 1.1 - football_phases_list.php id Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108338","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"},{"id":7255,"title":"wp-football 1.1 - football_matches_phase.php id Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108339","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"},{"id":7256,"title":"wp-football 1.1 - football_matches_load.php id_league Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108340","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"},{"id":7257,"title":"wp-football 1.1 - football_matches_list.php id Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108341","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"},{"id":7258,"title":"wp-football 1.1 - football_groups_list.php id Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108342","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"},{"id":7259,"title":"wp-football 1.1 - football-functions.php f Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108343","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"},{"id":7260,"title":"wp-football 1.1 - football_criteria.php league Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108344","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"},{"id":7261,"title":"wp-football 1.1 - football_classification.php league Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108345","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"member-approval":{"vulnerabilities":[{"id":7262,"title":"Member Approval 131109 - wp-admin/options-general.php Option Manipulation CSRF","url":"http://www.securityfocus.com/bid/67952,http://packetstormsecurity.com/files/127024/","osvdb":"107845","cve":"2014-3850","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"jw-player-plugin-for-wordpress":{"vulnerabilities":[{"id":7263,"title":"JW Player 2.1.2 - wp-admin/admin.php Player Deletion CSRF","url":"http://www.securityfocus.com/bid/67954,http://packetstormsecurity.com/files/127025/","osvdb":"107846","cve":"2014-4030","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"adminonline":{"vulnerabilities":[{"id":7264,"title":"AdminOnline - download.php file Parameter Remote Path Traversal File Access","url":"http://packetstormsecurity.com/files/127046/","osvdb":"108024","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"ruven-toolkit":{"vulnerabilities":[{"id":7265,"title":"Ruven Toolkit 1.1 - tinymce/popup.php popup Parameter Reflected XSS","osvdb":"108312","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"verification-code-for-comments":{"vulnerabilities":[{"id":7266,"title":"Verification Code for Comments 2.1.0 - vcc.js.php Multiple Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-verification-code-for-comments-a3-cross-site-scripting-xss","osvdb":"108313","cve":"2014-4565","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"wpcb":{"vulnerabilities":[{"id":7267,"title":"wpcb 2.4.8 - facture.php id Parameter Reflected XSS","url":"http://www.securityfocus.com/bid/68357","osvdb":"108407","cve":"2014-4581","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"wp-app-maker":{"vulnerabilities":[{"id":7268,"title":"WP App Maker 1.0.16.4 - icons-launcher.php uid Parameter Reflected XSS","osvdb":"108408","cve":"2014-4578","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"wp-amasin-the-amazon-affiliate-shop":{"vulnerabilities":[{"id":7269,"title":"wp-amasin-the-amazon-affiliate-shop 0.9.6 - reviews.php url Parameter Local File Inclusion","osvdb":"108501","cve":"2014-4577","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"cross-rss":{"vulnerabilities":[{"id":7270,"title":"Cross RSS 1.7 - proxy.php rss Parameter Local File Inclusion","url":"http://www.securityfocus.com/bid/68555,http://codevigilant.com/disclosure/wp-plugin-cross-rss-local-file-inclusion/","osvdb":"108502","cve":"2014-4941","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"wphotfiles":{"vulnerabilities":[{"id":7271,"title":"Hot Files \u003c 1.0.0 - Cross-site scripting (XSS) vulnerability in tpls/editmedia.php","osvdb":"108720","cve":"2014-4588","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"yahoo-updates-for-wordpress":{"vulnerabilities":[{"id":7272,"title":"Yahoo Updates \u003c 1.0 - XSS vulnerabilities in yupdates_application.php","url":"http://codevigilant.com/disclosure/wp-plugin-yahoo-updates-for-wordpress-a3-cross-site-scripting-xss/","cve":"2014-4603","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"toolpage":{"vulnerabilities":[{"id":7273,"title":"Toolpage 1.6.1 - XSS vulnerability in includes/getTipo.php","url":"http://codevigilant.com/disclosure/wp-plugin-toolpage-a3-cross-site-scripting-xss/","osvdb":"108704","cve":"2014-4560","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"url-cloak-encrypt":{"vulnerabilities":[{"id":7274,"title":"Cloak and Encrypt \u003c 2.0 - XSS vulnerability in go.php","url":"http://codevigilant.com/disclosure/wp-plugin-url-cloak-encrypt-a3-cross-site-scripting-xss/","osvdb":"108895","cve":"2014-4563","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"validated":{"vulnerabilities":[{"id":7275,"title":"Validated \u003c 1.0.2 - XSS vulnerability in check.php","url":"http://www.securityfocus.com/bid/68320,http://codevigilant.com/disclosure/wp-plugin-validated-a3-cross-site-scripting-xss/","osvdb":"108659","cve":"2014-4564","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"verweise-wordpress-twitter":{"vulnerabilities":[{"id":7276,"title":"Verwei.se WordPress Twitter \u003c 1.0 2 - XSS vulnerability in res/fake_twitter/frame.php","url":"http://codevigilant.com/disclosure/wp-plugin-verweise-wordpress-twitter-a3-cross-site-scripting-xss/","cve":"2014-4566","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"easy-banners":{"vulnerabilities":[{"id":7277,"title":"Easy Banners 1.4 - XSS vulnerability in wp-admin/options-general.php","url":"http://packetstormsecurity.com/files/127293/,http://www.securityfocus.com/bid/68281","osvdb":"108626","cve":"2014-4723","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"custom-banners":{"vulnerabilities":[{"id":7278,"title":"Custom Banners plugin 1.2.2.2 - XSS vulnerability in custom_banners_registered_name parameter to wp-admin/options.php","url":"http://packetstormsecurity.com/files/127291/,http://www.securityfocus.com/bid/68279","osvdb":"108683","cve":"2014-4724","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"video-posts-webcam-recorder":{"vulnerabilities":[{"id":7279,"title":"Video Posts Webcam Recorder plugin \u003c 1.55.4 - XSS vulnerability in posts/videowhisper/r_logout.php","url":"http://codevigilant.com/disclosure/wp-plugin-video-posts-webcam-recorder-a3-cross-site-scripting-xss/","cve":"2014-4568","created_at":"2014-08-01T10:59:15.000Z","updated_at":"2014-08-01T10:59:15.000Z"}]}},{"zeenshare":{"vulnerabilities":[{"id":7280,"title":"ZeenShare plugin \u003c 1.0.1 - XSS vulnerability in redirect_to_zeenshare.php via the zs_sid parameter","url":"http://codevigilant.com/disclosure/wp-plugin-zeenshare-a3-cross-site-scripting-xss/","cve":"2014-4606","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"zdstats":{"vulnerabilities":[{"id":7281,"title":"ZdStatistics \u003c 2.0.1 - XSS vulnerability in cal/test.php via the lang parameter","url":"http://codevigilant.com/disclosure/wp-plugin-zdstats-a3-cross-site-scripting-xss/","osvdb":"108731","cve":"2014-4605","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"your-text-manager":{"vulnerabilities":[{"id":7282,"title":"Your Text Manager \u003c 0.3.0 - XSS vulnerability in settings/pwsettings.php via the ytmpw parameter","url":"http://codevigilant.com/disclosure/wp-plugin-your-text-manager-a3-cross-site-scripting-xss/","cve":"2014-4604","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"xen-carousel":{"vulnerabilities":[{"id":7283,"title":"XEN Carousel \u003c 0.12.2 - XSS vulnerabilities in xencarousel-admin.js.php via path or ajaxpath parameter","url":"http://codevigilant.com/disclosure/wp-plugin-xen-carousel-a3-cross-site-scripting-xss/","cve":"2014-4602","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"wp-media-player":{"vulnerabilities":[{"id":7284,"title":"WP Silverlight Media Player \u003c 0.8 - XSS vulnerability in uploader.php via the post_id parameter","url":"http://codevigilant.com/disclosure/wp-plugin-wp-media-player-a3-cross-site-scripting-xss/","osvdb":"108721","cve":"2014-4589","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"wp-microblogs":{"vulnerabilities":[{"id":7285,"title":"WP Microblogs plugin \u003c 0.4.0 - XSS vulnerability in get.php via the oauth_verifier parameter","url":"http://codevigilant.com/disclosure/wp-plugin-wp-microblogs-a3-cross-site-scripting-xss/","cve":"2014-4590","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"wp-php-widget":{"vulnerabilities":[{"id":7286,"title":"WP PHP Widget 1.0.2 - Full Path Disclosure vulnerability","osvdb":"88846","cve":"2013-0721","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"socialgrid":{"vulnerabilities":[{"id":7287,"title":"SocialGrid 2.3 - inline-admin.js.php default_services Parameter XSS","url":"http://seclists.org/bugtraq/2011/Apr/176","osvdb":"71966","secunia":"44256","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"wp-easycart":{"vulnerabilities":[{"id":7288,"title":"EasyCart 2.0.5 - inc/admin/phpinfo.php Direct Request Remote Information Disclosure","url":"http://www.securityfocus.com/bid/68692","osvdb":"109030","cve":"2014-4942","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z","fixed_in":"2.0.6"}]}},{"simple-slider":{"vulnerabilities":[{"id":7289,"title":"Simple Slider 1.0 - New Image URL Field XSS","url":"http://packetstormsecurity.org/files/118309/,http://xforce.iss.net/xforce/xfdb/80260,http://seclists.org/bugtraq/2012/Nov/89","osvdb":"87806","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z","fixed_in":"1.1"}]}},{"bookx":{"vulnerabilities":[{"id":7290,"title":"BookX 1.7 - includes/bookx_export.php file Parameter Remote Path Traversal File Access","url":"http://www.securityfocus.com/bid/68556,http://codevigilant.com/disclosure/wp-plugin-bookx-local-file-inclusion/","osvdb":"109022","cve":"2014-4937","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"wp-rss-poster":{"vulnerabilities":[{"id":7291,"title":"WP Rss Poster 1.0.0 - wp-admin/admin.php wrp-add-new Page id Parameter SQL Injection","url":"http://codevigilant.com/disclosure/wp-plugin-wp-rss-poster-a1-injection/","osvdb":"109023","cve":"2014-4938","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"bannerman":{"vulnerabilities":[{"id":7292,"title":"BannerMan 0.2.4 - XSS in wp-admin/options-general.php via bannerman_background parameter","url":"http://packetstormsecurity.com/files/127289/","osvdb":"108682","cve":"2014-4845","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"random-banner":{"vulnerabilities":[{"id":7293,"title":"Random Banner 1.1.2.1 - random-banner/random-banner.php buffercode_RBanner_url_banner1 Parameter XSS","url":"http://packetstormsecurity.com/files/127292/,http://www.securityfocus.com/bid/68280","osvdb":"108627","cve":"2014-4847","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"blogstand-smart-banner":{"vulnerabilities":[{"id":7294,"title":"Blogstand Smart Banner 1.0 - blogstand-banner.php bs_blog_id Parameter XSS","url":"http://packetstormsecurity.com/files/127290/,http://www.securityfocus.com/bid/68282","osvdb":"108625","cve":"2014-4848","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"wp-construction-mode":{"vulnerabilities":[{"id":7295,"title":"Construction Mode 1.8 - under-construction.php wuc_logo Parameter XSS","url":"http://packetstormsecurity.com/files/127287/,http://www.securityfocus.com/bid/68287","osvdb":"108630","cve":"2014-4854","secunia":"58932","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"polylang":{"vulnerabilities":[{"id":7296,"title":"Polylang 1.5.1 - User Description Handling Stored XSS","url":"http://www.securityfocus.com/bid/68509","osvdb":"108634","cve":"2014-4855","secunia":"59357","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z","fixed_in":"1.5.2"},{"id":7297,"title":"Polylang 1.4.5 - Multiple Unspecified Issues","osvdb":"108953","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z","fixed_in":"1.5"}]}},{"enl-newsletter":{"vulnerabilities":[{"id":7298,"title":"ENL Newsletter 1.0.1 - wp-admin/admin.php enl-add-new Page id Parameter SQL Injection","url":"http://codevigilant.com/disclosure/wp-plugin-enl-newsletter-a1-injection/","osvdb":"109027","cve":"2014-4939","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"tera-charts":{"vulnerabilities":[{"id":7299,"title":"Tera Charts 0.1 - charts/zoomabletreemap.php fn Parameter Remote Path Traversal File Disclosure","url":"http://www.securityfocus.com/bid/68662,http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/","osvdb":"109029","cve":"2014-4940","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z","fixed_in":"1.0"},{"id":7300,"title":"Tera Charts 0.1 - charts/treemap.php fn Parameter Remote Path Traversal File Disclosure","url":"http://www.securityfocus.com/bid/68662,http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/","osvdb":"109028","cve":"2014-4940","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z","fixed_in":"1.0"}]}},{"starbox-voting":{"vulnerabilities":[{"id":7301,"title":"Starbox Voting - ajax.php Full Path Disclosure vulnerability","url":"http://seclists.org/bugtraq/2011/Feb/222","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"uploadify":{"vulnerabilities":[{"id":7302,"title":"Uploadify 1.0 - process_upload.php Arbitrary File Upload","url":"http://packetstormsecurity.org/files/98652/","osvdb":"73444","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"plg_novana":{"vulnerabilities":[{"id":7303,"title":"Plg Novana - wp-content/plugins/plg_novana/novana_detail.php id Parameter SQL Injection","url":"http://www.securityfocus.com/bid/56661,http://packetstormsecurity.org/files/118324/,http://xforce.iss.net/xforce/xfdb/80258","osvdb":"87839","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"paid-memberships-pro":{"vulnerabilities":[{"id":7304,"title":"Paid Memberships Pro 1.4.7 - adminpages/memberslist-csv.php Direct Request Member Personal Information Disclosure","osvdb":"83760","secunia":"49630","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z","fixed_in":"1.5"}]}},{"wppageflip":{"vulnerabilities":[{"id":7305,"title":"A Page Flip Book 2.3 - index.php pageflipbook_language Parameter Traversal Local File Inclusion","osvdb":"83667","cve":"2012-6652","secunia":"49505","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"simple-forum":{"vulnerabilities":[{"id":7522,"title":"Simple Forum File Upload Vulnerability","url":"http://cxsecurity.com/issue/WLB-2012080265","created_at":"2014-08-01T11:50:35.000Z","updated_at":"2014-08-01T11:50:35.000Z"},{"id":7523,"title":"Simple Forum sf-profile.php u Parameter SQL Injection ","osvdb":"52210","cve":"2008-7040","created_at":"2014-08-01T11:51:24.000Z","updated_at":"2014-08-01T11:51:24.000Z"}]}}]
\ No newline at end of file
+[{"theme-my-login":{"vulnerabilities":[{"id":92569,"title":"Theme My Login 6.3.9 - Local File Inclusion","url":"http://packetstormsecurity.com/files/127302/,http://seclists.org/fulldisclosure/2014/Jun/172,http://www.securityfocus.com/bid/68254,https://security.dxw.com/advisories/lfi-in-theme-my-login/","osvdb":"108517","created_at":"2014-08-01T10:50:39.792Z","updated_at":"2014-09-09T09:02:27.460Z","fixed_in":"6.3.10"}]}},{"login-rebuilder":{"vulnerabilities":[{"id":92570,"title":"Login Rebuilder \u003c 1.2.0 - Cross Site Request Forgery Vulnerability","osvdb":"108364","cve":"2014-3882","created_at":"2014-08-01T10:50:39.862Z","updated_at":"2014-08-01T10:50:39.862Z","fixed_in":"1.2.0"}]}},{"simple-share-buttons-adder":{"vulnerabilities":[{"id":92571,"title":"Simple Share Buttons Adder 4.4 - options-general.php Multiple Admin Actions CSRF","url":"https://security.dxw.com/advisories/csrf-and-stored-xss-in-simple-share-buttons-adder/,http://packetstormsecurity.com/files/127238/","osvdb":"108444","cve":"2014-4717","exploitdb":"33896","created_at":"2014-08-01T10:50:39.925Z","updated_at":"2014-08-01T10:50:39.925Z","fixed_in":"4.5"},{"id":92572,"title":"Simple Share Buttons Adder 4.4 - options-general.php ssba_share_text Parameter Stored XSS Weakness","url":"https://security.dxw.com/advisories/csrf-and-stored-xss-in-simple-share-buttons-adder/,http://packetstormsecurity.com/files/127238/","osvdb":"108445","exploitdb":"33896","created_at":"2014-08-01T10:50:39.991Z","updated_at":"2014-08-01T10:50:39.991Z","fixed_in":"4.5"}]}},{"content-slide":{"vulnerabilities":[{"id":92573,"title":"Content Slide \u003c= 1.4.2 - Cross Site Request Forgery Vulnerability","osvdb":"93871","cve":"2013-2708","secunia":"52949","created_at":"2014-08-01T10:50:40.061Z","updated_at":"2014-08-01T10:50:40.061Z"}]}},{"wp-cron-dashboard":{"vulnerabilities":[{"id":92574,"title":"WP Cron DashBoard \u003c= 1.1.5 - wp-cron-dashboard.php procname Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124602/,https://www.htbridge.com/advisory/HTB23189","osvdb":"100660","cve":"2013-6991","created_at":"2014-08-01T10:50:40.118Z","updated_at":"2014-08-01T10:50:40.118Z"}]}},{"wordpress-simple-paypal-shopping-cart":{"vulnerabilities":[{"id":92575,"title":"Simple Paypal Shopping Cart 3.5 - Cross-Site Request Forgery Vulnerability","osvdb":"93953","cve":"2013-2705","secunia":"52963","created_at":"2014-08-01T10:50:40.169Z","updated_at":"2014-08-01T10:50:40.169Z","fixed_in":"3.6"}]}},{"wp-sendsms":{"vulnerabilities":[{"id":92576,"title":"WP-SendSMS 1.0 - Setting Manipulation CSRF","osvdb":"94209","secunia":"53796","exploitdb":"26124","created_at":"2014-08-01T10:50:40.237Z","updated_at":"2014-08-01T10:50:40.237Z"},{"id":92577,"title":"WP-SendSMS 1.0 - wp-admin/admin.php Multiple Parameter XSS","osvdb":"94210","exploitdb":"26124","created_at":"2014-08-01T10:50:40.295Z","updated_at":"2014-08-01T10:50:40.295Z"}]}},{"mail-subscribe-list":{"vulnerabilities":[{"id":92578,"title":"Mail Subscribe List - Script Insertion Vulnerability","osvdb":"94197","secunia":"53732","created_at":"2014-08-01T10:50:40.352Z","updated_at":"2014-08-01T10:50:40.352Z","fixed_in":"2.1"}]}},{"s3-video":{"vulnerabilities":[{"id":92579,"title":"S3 Video \u003c= 0.97 - VideoJS Cross Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/66","secunia":"53437","created_at":"2014-08-01T10:50:40.419Z","updated_at":"2014-08-01T10:50:40.419Z","fixed_in":"0.98"},{"id":92580,"title":"S3 Video 0.982 - preview_video.php base Parameter XSS","osvdb":"101388","cve":"2013-7279","secunia":"56167","created_at":"2014-08-01T10:50:40.482Z","updated_at":"2014-08-01T10:50:40.482Z","fixed_in":"0.983"}]}},{"video-embed-thumbnail-generator":{"vulnerabilities":[{"id":92581,"title":"VideoJS Cross - Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/66","secunia":"53426","created_at":"2014-08-01T10:50:40.551Z","updated_at":"2014-08-01T10:50:40.551Z","fixed_in":"4.1"}]}},{"1player":{"vulnerabilities":[{"id":92581,"title":"VideoJS Cross - Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/66","secunia":"53426","created_at":"2014-08-01T10:50:40.551Z","updated_at":"2014-08-01T10:50:40.551Z","fixed_in":"1.4"}]}},{"external-video-for-everybody":{"vulnerabilities":[{"id":92581,"title":"VideoJS Cross - Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/66","secunia":"53426","created_at":"2014-08-01T10:50:40.551Z","updated_at":"2014-08-01T10:50:40.551Z","fixed_in":"2.1"}]}},{"EasySqueezePage":{"vulnerabilities":[{"id":92581,"title":"VideoJS Cross - Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/66","secunia":"53426","created_at":"2014-08-01T10:50:40.551Z","updated_at":"2014-08-01T10:50:40.551Z"}]}},{"crayon-syntax-highlighter":{"vulnerabilities":[{"id":92582,"title":"Crayon Syntax Highlighter - Remote File Inclusion Vulnerability","url":"http://ceriksen.com/2012/10/15/wordpress-crayon-syntax-highlighter-remote-file-inclusion-vulnerability/","osvdb":"86255,86256","secunia":"50804","created_at":"2014-08-01T10:50:40.843Z","updated_at":"2014-08-01T10:50:40.843Z","fixed_in":"1.13"}]}},{"ungallery":{"vulnerabilities":[{"id":92583,"title":"UnGallery \u003c= 1.5.8 - Local File Disclosure Vulnerability","exploitdb":"17704","created_at":"2014-08-01T10:50:40.908Z","updated_at":"2014-08-01T10:50:40.908Z"},{"id":92584,"title":"UnGallery - Arbitrary Command Execution","url":"http://ceriksen.com/2012/10/23/wordpress-ungallery-remote-command-injection-vulnerability/","secunia":"50875","created_at":"2014-08-01T10:50:40.964Z","updated_at":"2014-08-01T10:50:40.964Z","fixed_in":"2.1.6"}]}},{"thanks-you-counter-button":{"vulnerabilities":[{"id":92585,"title":"Thank You Counter Button 1.8.7 - wp-admin/options.php Multiple Parameter Stored XSS","url":"http://packetstormsecurity.com/files/125397/,http://www.securityfocus.com/bid/65805","osvdb":"103778","cve":"2014-2315","created_at":"2014-08-01T10:50:41.039Z","updated_at":"2014-08-01T10:50:41.039Z"},{"id":92586,"title":"Thank You Counter Button \u003c= 1.8.2 - XSS","secunia":"50977","created_at":"2014-08-01T10:50:41.098Z","updated_at":"2014-08-01T10:50:41.098Z","fixed_in":"1.8.3"}]}},{"bookings":{"vulnerabilities":[{"id":92587,"title":"Bookings \u003c= 1.8.2 - controlpanel.php error Parameter XSS","osvdb":"86613","secunia":"50975","created_at":"2014-08-01T10:50:41.163Z","updated_at":"2014-08-01T10:50:41.163Z","fixed_in":"1.8.3"}]}},{"cimy-user-manager":{"vulnerabilities":[{"id":92588,"title":"Cimy User Manager \u003c= 1.4.2 - Arbitrary File Disclosure","url":"http://ceriksen.com/2012/10/24/wordpress-cimy-user-manager-arbitrary-file-disclosure/","secunia":"50834","created_at":"2014-08-01T10:50:41.224Z","updated_at":"2014-08-01T10:50:41.224Z","fixed_in":"1.4.4"}]}},{"fs-real-estate-plugin":{"vulnerabilities":[{"id":92589,"title":"FireStorm Professional Real Estate 2.06.01 - xml/marker_listings.php id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/118232/,http://xforce.iss.net/xforce/xfdb/80261","osvdb":"86686","secunia":"51107","exploitdb":"22071","created_at":"2014-08-01T10:50:41.304Z","updated_at":"2014-08-01T10:50:41.304Z","fixed_in":"2.06.04"},{"id":92590,"title":"FireStorm Professional Real Estate - Multiple SQL Injection","url":"http://ceriksen.com/2012/10/25/wordpress-firestorm-professional-real-estate-plugin-sql-injection-vulnerability/","secunia":"50873","created_at":"2014-08-01T10:50:41.371Z","updated_at":"2014-08-01T10:50:41.371Z","fixed_in":"2.06.03"}]}},{"wp125":{"vulnerabilities":[{"id":92591,"title":"WP125 \u003c= 1.4.4 - Multiple XSS","secunia":"50976","created_at":"2014-08-01T10:50:41.436Z","updated_at":"2014-08-01T10:50:41.436Z","fixed_in":"1.4.5"},{"id":92592,"title":"WP125 \u003c= 1.4.9 - CSRF","url":"http://www.securityfocus.com/bid/58934","osvdb":"92113","cve":"2013-2700","secunia":"52876","created_at":"2014-08-01T10:50:41.510Z","updated_at":"2014-08-01T10:50:41.510Z","fixed_in":"1.5.0"}]}},{"all-video-gallery":{"vulnerabilities":[{"id":92593,"title":"All Video Gallery - Multiple SQL Injection Vulnerabilities","url":"http://ceriksen.com/2012/11/04/wordpress-all-video-gallery-plugin-sql-injection/","secunia":"50874","exploitdb":"22427","created_at":"2014-08-01T10:50:41.577Z","updated_at":"2014-08-01T10:50:41.577Z"}]}},{"buddystream":{"vulnerabilities":[{"id":92594,"title":"BuddyStream - XSS","secunia":"50972","created_at":"2014-08-01T10:50:41.634Z","updated_at":"2014-08-01T10:50:41.634Z"}]}},{"post-views":{"vulnerabilities":[{"id":92595,"title":"Post views 2.6.1 - wp-content/plugins/post-views/post-views.php search_input Parameter XSS","url":"http://www.securityfocus.com/bid/56555,http://xforce.iss.net/xforce/xfdb/80076","osvdb":"87349","secunia":"50982","created_at":"2014-08-01T10:50:41.689Z","updated_at":"2014-08-01T10:50:41.689Z"}]}},{"floating-social-media-links":{"vulnerabilities":[{"id":92596,"title":"Floating Social Media Links \u003c= 1.4.2 - fsml-admin.js.php wpp Parameter Remote File Inclusion","url":"http://www.securityfocus.com/bid/56913,http://xforce.iss.net/xforce/xfdb/80641,http://ceriksen.com/2013/01/12/wordpress-floating-social-media-link-plugins-remote-file-inclusion/","osvdb":"88383","secunia":"51346","created_at":"2014-08-01T10:50:41.747Z","updated_at":"2014-08-01T10:50:41.747Z","fixed_in":"1.4.3"},{"id":92597,"title":"Floating Social Media Links \u003c= 1.4.2 - fsml-hideshow.js.php wpp Parameter Remote File Inclusion","url":"http://www.securityfocus.com/bid/56913,http://ceriksen.com/2013/01/12/wordpress-floating-social-media-link-plugins-remote-file-inclusion/","osvdb":"88385","secunia":"51346","created_at":"2014-08-01T10:50:41.814Z","updated_at":"2014-08-01T10:50:41.814Z","fixed_in":"1.4.3"}]}},{"zingiri-forum":{"vulnerabilities":[{"id":92598,"title":"Zingiri Forum 1.4.2 - forum.php zing_forum_output Function url Parameter XSS","url":"http://www.securityfocus.com/bid/57224,http://xforce.iss.net/xforce/xfdb/81156,http://ceriksen.com/2013/01/12/wordpress-zingiri-forums-arbitrary-file-disclosure/","osvdb":"89069","cve":"2012-4920","secunia":"50833","created_at":"2014-08-01T10:50:41.882Z","updated_at":"2014-08-01T10:50:41.882Z","fixed_in":"1.4.4"}]}},{"google-document-embedder":{"vulnerabilities":[{"id":92599,"title":"Google Document Embedder - Arbitrary File Disclosure","url":"http://www.securityfocus.com/bid/57133,http://packetstormsecurity.com/files/119329/,http://ceriksen.com/2013/01/03/wordpress-google-document-embedder-arbitrary-file-disclosure/","cve":"2012-4915","secunia":"50832","exploitdb":"23970","created_at":"2014-08-01T10:50:41.947Z","updated_at":"2014-08-01T10:50:41.947Z","metasploit":"exploit/unix/webapp/wp_google_document_embedder_exec","fixed_in":"2.5.4"}]}},{"extended-user-profile":{"vulnerabilities":[{"id":92600,"title":"extended-user-profile - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20118","created_at":"2014-08-01T10:50:42.014Z","updated_at":"2014-08-01T10:50:42.014Z"}]}},{"superslider-show":{"vulnerabilities":[{"id":92601,"title":"superslider-show - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20117","created_at":"2014-08-01T10:50:42.068Z","updated_at":"2014-08-01T10:50:42.068Z"}]}},{"wordpress-multibox-plugin":{"vulnerabilities":[{"id":92602,"title":"multibox - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20119","created_at":"2014-08-01T10:50:42.123Z","updated_at":"2014-08-01T10:50:42.123Z"}]}},{"openinviter-for-wordpress":{"vulnerabilities":[{"id":92603,"title":"OpenInviter - Information Disclosure","url":"http://packetstormsecurity.com/files/119265/","created_at":"2014-08-01T10:50:42.178Z","updated_at":"2014-08-01T10:50:42.178Z"}]}},{"wp_rokbox":{"vulnerabilities":[{"id":92604,"title":"RokBox - Multiple Vulnerabilities","url":"http://1337day.com/exploit/19981","created_at":"2014-08-01T10:50:42.231Z","updated_at":"2014-08-01T10:50:42.231Z"},{"id":92605,"title":"RokBox \u003c= 2.13 - thumb.php src Parameter Malformed Input Path Disclosure","url":"http://packetstormsecurity.com/files/118884/,http://xforce.iss.net/xforce/xfdb/80732,http://www.securityfocus.com/bid/56953,http://seclists.org/fulldisclosure/2012/Dec/159","osvdb":"88604","created_at":"2014-08-01T10:50:42.287Z","updated_at":"2014-08-01T10:50:42.287Z"},{"id":92606,"title":"RokBox \u003c= 2.13 - thumb.php src Parameter XSS","url":"http://packetstormsecurity.com/files/118884/,http://xforce.iss.net/xforce/xfdb/80731,http://www.securityfocus.com/bid/56953,http://seclists.org/fulldisclosure/2012/Dec/159","osvdb":"88605","created_at":"2014-08-01T10:50:42.351Z","updated_at":"2014-08-01T10:50:42.351Z"},{"id":92607,"title":"RokBox \u003c= 2.13 - rokbox.php Direct Request Path Disclosure","url":"http://packetstormsecurity.com/files/118884/,http://www.securityfocus.com/bid/56953,http://seclists.org/fulldisclosure/2012/Dec/159","osvdb":"88606","created_at":"2014-08-01T10:50:42.406Z","updated_at":"2014-08-01T10:50:42.406Z"},{"id":92608,"title":"RokBox \u003c= 2.13 - error_log Direct Request Error Log Information Disclosure","url":"http://packetstormsecurity.com/files/118884/,http://xforce.iss.net/xforce/xfdb/80761,http://www.securityfocus.com/bid/56953,http://seclists.org/fulldisclosure/2012/Dec/159","osvdb":"88607","created_at":"2014-08-01T10:50:42.460Z","updated_at":"2014-08-01T10:50:42.460Z"},{"id":92609,"title":"RokBox \u003c= 2.13 - jwplayer/jwplayer.swf abouttext Parameter XSS","url":"http://packetstormsecurity.com/files/118884/,http://xforce.iss.net/xforce/xfdb/80731,http://www.securityfocus.com/bid/56953,http://seclists.org/fulldisclosure/2012/Dec/159","osvdb":"88608","created_at":"2014-08-01T10:50:42.517Z","updated_at":"2014-08-01T10:50:42.517Z"},{"id":92610,"title":"RokBox \u003c= 2.13 - thumb.php src Parameter Arbitrary File Upload","url":"http://packetstormsecurity.com/files/118884/,http://xforce.iss.net/xforce/xfdb/80733,http://xforce.iss.net/xforce/xfdb/80739,http://www.securityfocus.com/bid/56953,http://seclists.org/fulldisclosure/2012/Dec/159","osvdb":"88609","created_at":"2014-08-01T10:50:42.571Z","updated_at":"2014-08-01T10:50:42.571Z"}]}},{"wp_rokintroscroller":{"vulnerabilities":[{"id":92611,"title":"RokIntroScroller \u003c= 1.8 - XSS,DoS,Disclosure,Upload Vulnerabilities","url":"http://packetstormsecurity.com/files/123302/,http://seclists.org/fulldisclosure/2013/Sep/121","osvdb":"97418","secunia":"54801","created_at":"2014-08-01T10:50:42.626Z","updated_at":"2014-08-01T10:50:42.626Z"}]}},{"wp_rokmicronews":{"vulnerabilities":[{"id":92612,"title":"RokMicroNews \u003c= 1.5 - XSS,DoS,Disclosure,Upload Vulnerabilities","url":"http://packetstormsecurity.com/files/123312/,http://seclists.org/fulldisclosure/2013/Sep/124","osvdb":"97418","secunia":"54801","created_at":"2014-08-01T10:50:42.679Z","updated_at":"2014-08-01T10:50:42.679Z"}]}},{"wp_roknewspager":{"vulnerabilities":[{"id":92613,"title":"RokNewsPager \u003c= 1.17 - XSS,DoS,Disclosure,Upload Vulnerabilities","url":"http://packetstormsecurity.com/files/123271/,http://seclists.org/fulldisclosure/2013/Sep/109","osvdb":"97418","secunia":"54801","created_at":"2014-08-01T10:50:42.736Z","updated_at":"2014-08-01T10:50:42.736Z"}]}},{"wp_rokstories":{"vulnerabilities":[{"id":92614,"title":"RokStories \u003c= 1.25 - XSS,DoS,Disclosure,Upload Vulnerabilities","url":"http://packetstormsecurity.com/files/123270/,http://seclists.org/fulldisclosure/2013/Sep/108","osvdb":"97418","secunia":"54801","created_at":"2014-08-01T10:50:42.796Z","updated_at":"2014-08-01T10:50:42.796Z"}]}},{"grou-random-image-widget":{"vulnerabilities":[{"id":92615,"title":"grou-random-image-widget - Full Path Disclosure","url":"http://1337day.com/exploit/20047","created_at":"2014-08-01T10:50:42.854Z","updated_at":"2014-08-01T10:50:42.854Z"}]}},{"sintic_gallery":{"vulnerabilities":[{"id":92616,"title":"sintic_gallery - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/19993","created_at":"2014-08-01T10:50:42.908Z","updated_at":"2014-08-01T10:50:42.908Z"},{"id":92617,"title":"sintic_gallery - Path Disclosure Vulnerability","url":"http://1337day.com/exploit/20020","created_at":"2014-08-01T10:50:42.961Z","updated_at":"2014-08-01T10:50:42.961Z"}]}},{"wp-useronline":{"vulnerabilities":[{"id":92618,"title":"WP-UserOnline - Full Path Disclosure","url":"http://seclists.org/fulldisclosure/2010/Jul/8","created_at":"2014-08-01T10:50:43.016Z","updated_at":"2014-08-01T10:50:43.016Z"},{"id":92619,"title":"Wp-UserOnline \u003c= 0.62 - Persistent XSS","url":"http://seclists.org/fulldisclosure/2010/Jul/8","created_at":"2014-08-01T10:50:43.069Z","updated_at":"2014-08-01T10:50:43.069Z"}]}},{"levelfourstorefront":{"vulnerabilities":[{"id":92620,"title":"Shopping Cart 8.1.14 - Shell Upload, SQL Injection","url":"http://packetstormsecurity.com/files/119217/","secunia":"51690","created_at":"2014-08-01T10:50:43.127Z","updated_at":"2014-08-01T10:50:43.127Z","fixed_in":"8.1.15"},{"id":92621,"title":"Level Four Storefront - levelfourstorefront/getsortmanufacturers.php id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/120950/","osvdb":"91680","created_at":"2014-08-01T10:50:43.199Z","updated_at":"2014-08-01T10:50:43.199Z"}]}},{"reflex-gallery":{"vulnerabilities":[{"id":92622,"title":"ReFlex Gallery 1.4.2 - Unspecified XSS","osvdb":"102585","created_at":"2014-08-01T10:50:43.254Z","updated_at":"2014-08-01T10:50:43.254Z","fixed_in":"1.4.3"},{"id":92623,"title":"ReFlex Gallery 1.4 - reflex-gallery.php Direct Request Path Disclosure","osvdb":"88869","created_at":"2014-08-01T10:50:43.345Z","updated_at":"2014-08-01T10:50:43.345Z"},{"id":92624,"title":"ReFlex Gallery 1.3 - Shell Upload","url":"http://packetstormsecurity.com/files/119218/","created_at":"2014-08-01T10:50:43.401Z","updated_at":"2014-08-01T10:50:43.401Z"}]}},{"uploader":{"vulnerabilities":[{"id":92625,"title":"Uploader 1.0.4 - Shell Upload","url":"http://packetstormsecurity.com/files/119219/","osvdb":"70648","secunia":"43075,52465","created_at":"2014-08-01T10:50:43.454Z","updated_at":"2014-08-01T10:50:43.454Z"},{"id":92626,"title":"Uploader 1.0.4 - notify.php blog Parameter XSS","osvdb":"90840","cve":"2013-2287","secunia":"52465","created_at":"2014-08-01T10:50:43.508Z","updated_at":"2014-08-01T10:50:43.508Z"},{"id":92627,"title":"Uploader 1.0.0 - wp-content/plugins/uploader/views/notify.php num Parameter XSS","osvdb":"70649","secunia":"43075","created_at":"2014-08-01T10:50:43.559Z","updated_at":"2014-08-01T10:50:43.559Z"}]}},{"xerte-online":{"vulnerabilities":[{"id":92628,"title":"Xerte Online 0.32 - Shell Upload","url":"http://packetstormsecurity.com/files/119220/","created_at":"2014-08-01T10:50:43.633Z","updated_at":"2014-08-01T10:50:43.633Z"}]}},{"advanced-custom-fields":{"vulnerabilities":[{"id":92629,"title":"Advanced Custom Fields \u003c= 3.5.1 - Remote File Inclusion","url":"http://packetstormsecurity.com/files/119221/","osvdb":"87353","secunia":"51037","exploitdb":"23856","created_at":"2014-08-01T10:50:43.686Z","updated_at":"2014-08-01T10:50:43.686Z","metasploit":"exploit/unix/webapp/wp_advanced_custom_fields_exec","fixed_in":"3.5.2"}]}},{"sitepress-multilingual-cms":{"vulnerabilities":[{"id":92630,"title":"sitepress-multilingual-cms - Full Path Disclosure","url":"http://1337day.com/exploit/20067","created_at":"2014-08-01T10:50:43.752Z","updated_at":"2014-08-01T10:50:43.752Z"}]}},{"asset-manager":{"vulnerabilities":[{"id":92631,"title":"Asset Manager 0.2 - Arbitrary File Upload","url":"http://www.securityfocus.com/bid/53809,http://packetstormsecurity.com/files/119133/","osvdb":"82653","secunia":"49378","exploitdb":"18993,23652","created_at":"2014-08-01T10:50:43.807Z","updated_at":"2014-08-01T10:50:43.807Z"},{"id":92632,"title":"Asset Manager - upload.php Arbitrary Code Execution","url":"http://www.ethicalhack3r.co.uk/security/wordpress-plugin-asset-manager-upload-php-arbitrary-code-execution/,http://packetstormsecurity.com/files/113285/,http://xforce.iss.net/xforce/xfdb/80823","osvdb":"82653","created_at":"2014-08-01T10:50:43.863Z","updated_at":"2014-08-01T10:50:43.863Z"}]}},{"apptha-banner":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"apptha-slider-gallery":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"blaze-slide-show-for-wordpress":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"},{"id":92634,"title":"Blaze Slideshow 2.1 - Unspecified Security Vulnerability","url":"http://www.securityfocus.com/bid/52677","created_at":"2014-08-01T10:50:44.109Z","updated_at":"2014-08-01T10:50:44.109Z","fixed_in":"2.2"}]}},{"comment-extra-field":{"vulnerabilities":[{"id":92635,"title":"Comment Extra Field 1.7 - CSRF / XSS","url":"http://packetstormsecurity.com/files/122625/,http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:44.172Z","updated_at":"2014-08-01T10:50:44.172Z"}]}},{"fluid-accessible-rich-inline-edit":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"fluid-accessible-pager":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"fluid-accessible-uploader":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"fluid-accessible-ui-options":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"fresh-page":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"pdw-file-browser":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"},{"id":92636,"title":"PDW File Browser - upload.php Arbitrary File Upload Vulnerability","url":"http://www.securityfocus.com/bid/53895","created_at":"2014-08-01T10:50:44.645Z","updated_at":"2014-08-01T10:50:44.645Z"}]}},{"power-zoomer":{"vulnerabilities":[{"id":92637,"title":"powerzoomer - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20253","created_at":"2014-08-01T10:50:44.702Z","updated_at":"2014-08-01T10:50:44.702Z"},{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"slide-show-pro":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"smart-slide-show":{"vulnerabilities":[{"id":92638,"title":"Smart Slideshow - upload.php Multiple File Extension Upload Arbitrary Code Execution","osvdb":"87373","created_at":"2014-08-01T10:50:44.895Z","updated_at":"2014-08-01T10:50:44.895Z"},{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"spotlightyour":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"sprapid":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"ultimate-tinymce":{"vulnerabilities":[{"id":92639,"title":"TinyMCE 3.5 - swfupload Cross-Site Scripting Vulnerability","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","secunia":"51224","created_at":"2014-08-01T10:50:45.157Z","updated_at":"2014-08-01T10:50:45.157Z","fixed_in":"3.6"}]}},{"wp-3dbanner-rotator":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-3dflick-slideshow":{"vulnerabilities":[{"id":92640,"title":"wp-3dflick-slideshow - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20255","created_at":"2014-08-01T10:50:45.316Z","updated_at":"2014-08-01T10:50:45.316Z"},{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-bliss-gallery":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-carouselslideshow":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"},{"id":92641,"title":"Carousel Slideshow - Unspecified Vulnerabilities","secunia":"50377","created_at":"2014-08-01T10:50:45.572Z","updated_at":"2014-08-01T10:50:45.572Z","fixed_in":"3.10"}]}},{"wp-dreamworkgallery":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-ecommerce-cvs-importer":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-extended":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-flipslideshow":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-homepage-slideshow":{"vulnerabilities":[{"id":92642,"title":"wp-homepage-slideshow - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20260","created_at":"2014-08-01T10:50:45.916Z","updated_at":"2014-08-01T10:50:45.916Z"},{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-image-news-slider":{"vulnerabilities":[{"id":92643,"title":"Image News Slider 3.3 - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20259","osvdb":"87375","created_at":"2014-08-01T10:50:46.039Z","updated_at":"2014-08-01T10:50:46.039Z"},{"id":92644,"title":"Image News Slider 3.3 - Unspecified Vulnerabilities","osvdb":"84935","secunia":"50390","created_at":"2014-08-01T10:50:46.098Z","updated_at":"2014-08-01T10:50:46.098Z","fixed_in":"3.4"},{"id":92645,"title":"Image News Slider 3.2 - Multiple Unspecified Remote Issues","url":"http://www.securityfocus.com/bid/52977,http://xforce.iss.net/xforce/xfdb/74788","osvdb":"81314","cve":"2012-4327","secunia":"48747","created_at":"2014-08-01T10:50:46.170Z","updated_at":"2014-08-01T10:50:46.170Z","fixed_in":"3.3"},{"id":92646,"title":"Image News Slider 3.1 - Multiple Unspecified Remote Issues","osvdb":"80310","secunia":"48538","created_at":"2014-08-01T10:50:46.234Z","updated_at":"2014-08-01T10:50:46.234Z","fixed_in":"3.2"},{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-image-resizer":{"vulnerabilities":[{"id":92647,"title":"Image Resizer - Cross Site Scripting","url":"http://packetstormsecurity.com/files/123651/","created_at":"2014-08-01T10:50:46.385Z","updated_at":"2014-08-01T10:50:46.385Z"}]}},{"wp-levoslideshow":{"vulnerabilities":[{"id":92648,"title":"wp-levoslideshow - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20250","created_at":"2014-08-01T10:50:46.443Z","updated_at":"2014-08-01T10:50:46.443Z"},{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-matrix-gallery":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-powerplaygallery":{"vulnerabilities":[{"id":92649,"title":"wp-powerplaygallery - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20252","created_at":"2014-08-01T10:50:46.644Z","updated_at":"2014-08-01T10:50:46.644Z"},{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-royal-gallery":{"vulnerabilities":[{"id":92650,"title":"wp-royal-gallery - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20261","created_at":"2014-08-01T10:50:46.766Z","updated_at":"2014-08-01T10:50:46.766Z"},{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-superb-slideshow":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"},{"id":92651,"title":"wp superb Slideshow - Full Path Disclosure","url":"http://1337day.com/exploit/19979","created_at":"2014-08-01T10:50:46.954Z","updated_at":"2014-08-01T10:50:46.954Z"}]}},{"wp-vertical-gallery":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"wp-yasslideshow":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"}]}},{"cardoza-ajax-search":{"vulnerabilities":[{"id":92652,"title":"Ajax - Post Search Sql Injection","url":"http://seclists.org/bugtraq/2012/Nov/33,http://www.girlinthemiddle.net/2012/10/sqli-vulnerability-in-ajax-post-search.html","secunia":"51205","created_at":"2014-08-01T10:50:47.148Z","updated_at":"2014-08-01T10:50:47.148Z","fixed_in":"1.3"}]}},{"answer-my-question":{"vulnerabilities":[{"id":92653,"title":"Answer My Question 1.1 - record_question.php Multiple Parameter XSS","url":"http://www.securityfocus.com/archive/1/524625/30/0/threaded,http://seclists.org/bugtraq/2012/Nov/24","osvdb":"85567","secunia":"50655","created_at":"2014-08-01T10:50:47.216Z","updated_at":"2014-08-01T10:50:47.216Z","fixed_in":"1.2"}]}},{"catalog":{"vulnerabilities":[{"id":92654,"title":"Spider Catalog - HTML Code Injection and Cross-site scripting","url":"http://packetstormsecurity.com/files/117820/","secunia":"51143","created_at":"2014-08-01T10:50:47.281Z","updated_at":"2014-08-01T10:50:47.281Z"},{"id":92655,"title":"Spider Catalog - Multiple SQL Injection and Cross Site Scripting Vulnerabilities","url":"http://www.securityfocus.com/bid/60079","created_at":"2014-08-01T10:50:47.359Z","updated_at":"2014-08-01T10:50:47.359Z"},{"id":92656,"title":"Spider Catalog 1.4.6 - Multiple Shortcode id Parameter SQL Injection","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93589","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:50:47.412Z","updated_at":"2014-08-01T10:50:47.412Z"},{"id":92657,"title":"Spider Catalog 1.4.6 - catalog.php catalog_after_search_results Function s Parameter SQL Injection","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93590","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:50:47.466Z","updated_at":"2014-08-01T10:50:47.466Z"},{"id":92658,"title":"Spider Catalog 1.4.6 - Categories.php Multiple Function id Parameter SQL Injection","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93591","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:50:47.522Z","updated_at":"2014-08-01T10:50:47.522Z"},{"id":92659,"title":"Spider Catalog 1.4.6 - products.php Multiple Function Multiple Parameter SQL Injection","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93592","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:50:47.574Z","updated_at":"2014-08-01T10:50:47.574Z"},{"id":92660,"title":"Spider Catalog 1.4.6 - Category Entry Multiple Field XSS","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93593","secunia":"53491","exploitdb":"25723","created_at":"2014-08-01T10:50:47.630Z","updated_at":"2014-08-01T10:50:47.630Z"},{"id":92661,"title":"Spider Catalog 1.4.6 - Categories.html.php Multiple Parameter XSS","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93594","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:50:47.683Z","updated_at":"2014-08-01T10:50:47.683Z"},{"id":92662,"title":"Spider Catalog 1.4.6 - Products.html.php Multiple Parameter XSS","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93595","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:50:47.738Z","updated_at":"2014-08-01T10:50:47.738Z"},{"id":92663,"title":"Spider Catalog 1.4.6 - spiderBox/spiderBox.js.php Multiple Parameter XSS","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93596","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:50:47.797Z","updated_at":"2014-08-01T10:50:47.797Z"},{"id":92664,"title":"Spider Catalog 1.4.6 - catalog.php spider_box_js_php Function Multiple Parameter XSS","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93597","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:50:47.854Z","updated_at":"2014-08-01T10:50:47.854Z"},{"id":92665,"title":"Spider Catalog 1.4.6 - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/bugtraq/2013/May/79","osvdb":"93598","secunia":"53491","exploitdb":"25724","created_at":"2014-08-01T10:50:47.910Z","updated_at":"2014-08-01T10:50:47.910Z"}]}},{"wordfence":{"vulnerabilities":[{"id":92666,"title":"Wordfence 3.8.6 - lib/IPTraf.php User-Agent Header Stored XSS","osvdb":"102445","secunia":"56558","created_at":"2014-08-01T10:50:47.965Z","updated_at":"2014-08-01T10:50:47.965Z","fixed_in":"3.8.7"},{"id":92667,"title":"Wordfence 3.8.1 - lib/wordfenceClass.php isStrongPasswd Function Password Creation Restriction Bypass Weakness","osvdb":"102478","created_at":"2014-08-01T10:50:48.032Z","updated_at":"2014-08-01T10:50:48.032Z","fixed_in":"3.8.3"},{"id":92668,"title":"Wordfence 3.8.1 - wp-admin/admin.php whois Parameter Stored XSS","url":"http://packetstormsecurity.com/files/122993/,http://www.securityfocus.com/bid/62053","osvdb":"97884","created_at":"2014-08-01T10:50:48.104Z","updated_at":"2014-08-01T10:50:48.104Z","fixed_in":"3.8.3"},{"id":92669,"title":"Wordfence 3.3.5 - XSS and IAA","url":"http://seclists.org/fulldisclosure/2012/Oct/139","osvdb":"86557","secunia":"51055","created_at":"2014-08-01T10:50:48.171Z","updated_at":"2014-08-01T10:50:48.171Z","fixed_in":"3.3.7"}]}},{"slideshow-jquery-image-gallery":{"vulnerabilities":[{"id":92670,"title":"Slideshow jQuery Image Gallery - Multiple Vulnerabilities","url":"http://www.waraxe.us/advisory-92.html","created_at":"2014-08-01T10:50:48.239Z","updated_at":"2014-08-01T10:50:48.239Z"},{"id":92671,"title":"Slideshow - Multiple Script Insertion Vulnerabilities","secunia":"51135","created_at":"2014-08-01T10:50:48.296Z","updated_at":"2014-08-01T10:50:48.296Z"}]}},{"social-discussions":{"vulnerabilities":[{"id":92672,"title":"Social Discussions 6.1.1 - Multiple Script Direct Request Path Disclosure","url":"http://xforce.iss.net/xforce/xfdb/79465,http://www.waraxe.us/advisory-93.html","osvdb":"86730","exploitdb":"22158","created_at":"2014-08-01T10:50:48.358Z","updated_at":"2014-08-01T10:50:48.358Z"},{"id":92673,"title":"Social Discussions 6.1.1 - social-discussions-networkpub_ajax.php HTTP_ENV_VARS Parameter Remote File Inclusion","url":"http://xforce.iss.net/xforce/xfdb/79464,http://www.waraxe.us/advisory-93.html","osvdb":"86731","exploitdb":"22158","created_at":"2014-08-01T10:50:48.413Z","updated_at":"2014-08-01T10:50:48.413Z"}]}},{"abtest":{"vulnerabilities":[{"id":92674,"title":"ABtest - Directory Traversal","url":"http://scott-herbert.com/?p=140","created_at":"2014-08-01T10:50:48.471Z","updated_at":"2014-08-01T10:50:48.471Z"}]}},{"bbpress":{"vulnerabilities":[{"id":92675,"title":"BBPress - Multiple Script Malformed Input Path Disclosure","url":"http://xforce.iss.net/xforce/xfdb/78244,http://packetstormsecurity.com/files/116123/","osvdb":"86399","exploitdb":"22396","created_at":"2014-08-01T10:50:48.524Z","updated_at":"2014-08-01T10:50:48.524Z"},{"id":92676,"title":"BBPress - forum.php page Parameter SQL Injection","url":"http://xforce.iss.net/xforce/xfdb/78244,http://packetstormsecurity.com/files/116123/","osvdb":"86400","exploitdb":"22396","created_at":"2014-08-01T10:50:48.586Z","updated_at":"2014-08-01T10:50:48.586Z"}]}},{"nextgen_cu3er_gallery":{"vulnerabilities":[{"id":92677,"title":"NextGen Cu3er Gallery - Information Disclosure","url":"http://packetstormsecurity.com/files/116150/","created_at":"2014-08-01T10:50:48.648Z","updated_at":"2014-08-01T10:50:48.648Z"}]}},{"rich-widget":{"vulnerabilities":[{"id":92678,"title":"Rich Widget - File Upload","url":"http://packetstormsecurity.com/files/115787/","created_at":"2014-08-01T10:50:48.703Z","updated_at":"2014-08-01T10:50:48.703Z"}]}},{"monsters-editor-10-for-wp-super-edit":{"vulnerabilities":[{"id":92679,"title":"Monsters Editor - Shell Upload","url":"http://packetstormsecurity.com/files/115788/","created_at":"2014-08-01T10:50:48.760Z","updated_at":"2014-08-01T10:50:48.760Z"}]}},{"quick-post-widget":{"vulnerabilities":[{"id":92680,"title":"Quick Post Widget 1.9.1 - Multiple Cross-site scripting vulnerabilities","url":"http://www.darksecurity.de/advisories/2012/SSCHADV2012-016.txt,http://seclists.org/bugtraq/2012/Aug/66","osvdb":"83640","cve":"2012-4226","created_at":"2014-08-01T10:50:48.816Z","updated_at":"2014-08-01T10:50:48.816Z"}]}},{"threewp-email-reflector":{"vulnerabilities":[{"id":92681,"title":"ThreeWP Email Reflector 1.13 - Subject Field XSS","osvdb":"85134","cve":"2012-2572","exploitdb":"20365","created_at":"2014-08-01T10:50:48.872Z","updated_at":"2014-08-01T10:50:48.872Z","fixed_in":"1.16"}]}},{"wp-simplemail":{"vulnerabilities":[{"id":92682,"title":"SimpleMail 1.0.6 - Stored XSS","osvdb":"84534","cve":"2012-2579","secunia":"50208","exploitdb":"20361","created_at":"2014-08-01T10:50:48.935Z","updated_at":"2014-08-01T10:50:48.935Z"}]}},{"postie":{"vulnerabilities":[{"id":92683,"title":"Postie 1.4.3 - Stored XSS","osvdb":"84532","cve":"2012-2580","secunia":"50207","exploitdb":"20360","created_at":"2014-08-01T10:50:48.988Z","updated_at":"2014-08-01T10:50:48.988Z","fixed_in":"1.5.15"}]}},{"rsvpmaker":{"vulnerabilities":[{"id":92684,"title":"RSVPMaker 2.5.4 - index.php RSVP Form Multiple Field XSS","osvdb":"84749","secunia":"50289","exploitdb":"20474","created_at":"2014-08-01T10:50:49.057Z","updated_at":"2014-08-01T10:50:49.057Z","fixed_in":"2.5.5"}]}},{"mz-jajak":{"vulnerabilities":[{"id":92685,"title":"Mz-jajak \u003c= 2.1 - index.php id Parameter SQL Injection","osvdb":"84698","secunia":"50217","exploitdb":"20416","created_at":"2014-08-01T10:50:49.133Z","updated_at":"2014-08-01T10:50:49.133Z"}]}},{"resume-submissions-job-postings":{"vulnerabilities":[{"id":92686,"title":"Resume Submissions Job Posting 2.5.1 - Unrestricted File Upload","url":"http://packetstormsecurity.com/files/114716/","osvdb":"83807","secunia":"49896","exploitdb":"19791","created_at":"2014-08-01T10:50:49.193Z","updated_at":"2014-08-01T10:50:49.193Z"}]}},{"wp-predict":{"vulnerabilities":[{"id":92687,"title":"WP-Predict 1.0 - Blind SQL Injection","osvdb":"83697","secunia":"49843","exploitdb":"19715","created_at":"2014-08-01T10:50:49.255Z","updated_at":"2014-08-01T10:50:49.255Z"}]}},{"backup":{"vulnerabilities":[{"id":92688,"title":"Backup 2.0.1 - Information Disclosure","osvdb":"83701","secunia":"50038","exploitdb":"19524","created_at":"2014-08-01T10:50:49.336Z","updated_at":"2014-08-01T10:50:49.336Z","fixed_in":"2.1"}]}},{"moodthingy-mood-rating-widget":{"vulnerabilities":[{"id":92689,"title":"MoodThingy Widget 0.8.7 - admin-ajax.php Multiple Parameter lydl_store_results Function SQL Injection","osvdb":"83632","secunia":"49805","exploitdb":"19572","created_at":"2014-08-01T10:50:49.413Z","updated_at":"2014-08-01T10:50:49.413Z"}]}},{"paid-business-listings":{"vulnerabilities":[{"id":92690,"title":"Paid Business Listings 1.0.2 - Form Submission pbl_listing_pkg_id Parameter SQL Injection","osvdb":"83768","exploitdb":"19481","created_at":"2014-08-01T10:50:49.474Z","updated_at":"2014-08-01T10:50:49.474Z"}]}},{"website-faq":{"vulnerabilities":[{"id":92691,"title":"Website FAQ 1.0 - wp-admin/admin-ajax.php category Parameter SQL injection","osvdb":"83265","secunia":"49682","exploitdb":"19400","created_at":"2014-08-01T10:50:49.538Z","updated_at":"2014-08-01T10:50:49.538Z"}]}},{"radykal-fancy-gallery":{"vulnerabilities":[{"id":92692,"title":"Fancy Gallery 1.2.4 - Shell Upload","url":"http://packetstormsecurity.com/files/114114/","osvdb":"83410","exploitdb":"19398","created_at":"2014-08-01T10:50:49.603Z","updated_at":"2014-08-01T10:50:49.603Z"}]}},{"flipbook":{"vulnerabilities":[{"id":92693,"title":"Flip Book 1.0 - Shell Upload","url":"http://packetstormsecurity.com/files/114112/","created_at":"2014-08-01T10:50:49.672Z","updated_at":"2014-08-01T10:50:49.672Z"}]}},{"ajax_multi_upload":{"vulnerabilities":[{"id":92694,"title":"Ajax Multi Upload 1.1 - Shell Upload","url":"http://packetstormsecurity.com/files/114109/","created_at":"2014-08-01T10:50:49.736Z","updated_at":"2014-08-01T10:50:49.736Z"}]}},{"schreikasten":{"vulnerabilities":[{"id":92695,"title":"Schreikasten 0.14.13 - wp-admin/admin-ajax.php Multiple Parameter XSS","osvdb":"83152","secunia":"49600","exploitdb":"19294","created_at":"2014-08-01T10:50:49.805Z","updated_at":"2014-08-01T10:50:49.805Z"}]}},{"wp-automatic":{"vulnerabilities":[{"id":92696,"title":"Automatic 2.0.3 - csv.php q Parameter SQL Injection","url":"http://packetstormsecurity.com/files/113763/","osvdb":"82971","secunia":"49573","exploitdb":"19187","created_at":"2014-08-01T10:50:49.868Z","updated_at":"2014-08-01T10:50:49.868Z","fixed_in":"2.0.4"}]}},{"videowhisper-video-conference-integration":{"vulnerabilities":[{"id":92697,"title":"VideoWhisper Video Conference 4.51 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/113580/","created_at":"2014-08-01T10:50:49.970Z","updated_at":"2014-08-01T10:50:49.970Z"},{"id":92698,"title":"Video Whisper - XSS","url":"http://packetstormsecurity.com/files/122943/","created_at":"2014-08-01T10:50:50.030Z","updated_at":"2014-08-01T10:50:50.030Z"}]}},{"videowhisper-live-streaming-integration":{"vulnerabilities":[{"id":92699,"title":"VideoWhisper Live Streaming Integration 4.29.6 - videowhisper_streaming.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/125430/","osvdb":"103871","created_at":"2014-08-01T10:50:50.085Z","updated_at":"2014-08-01T10:50:50.085Z"},{"id":92700,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/vc_chatlog.php msg Parameter Stored XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103821","cve":"2014-1906","created_at":"2014-08-01T10:50:50.151Z","updated_at":"2014-08-01T10:50:50.151Z","fixed_in":"4.29.5"},{"id":92701,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/v_status.php ct Parameter Reflected XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103820","cve":"2014-1906","created_at":"2014-08-01T10:50:50.225Z","updated_at":"2014-08-01T10:50:50.225Z","fixed_in":"4.29.5"},{"id":92702,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/lb_logout.php message Parameter Reflected XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103819","cve":"2014-1906","created_at":"2014-08-01T10:50:50.297Z","updated_at":"2014-08-01T10:50:50.297Z","fixed_in":"4.29.5"},{"id":92703,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/videotext.php n Parameter Reflected XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103818","cve":"2014-1906","created_at":"2014-08-01T10:50:50.371Z","updated_at":"2014-08-01T10:50:50.371Z","fixed_in":"4.29.5"},{"id":92704,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/video.php n Parameter Reflected XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103817","cve":"2014-1906","created_at":"2014-08-01T10:50:50.452Z","updated_at":"2014-08-01T10:50:50.452Z","fixed_in":"4.29.5"},{"id":92705,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/htmlchat.php n Parameter Reflected XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103816","cve":"2014-1906","created_at":"2014-08-01T10:50:50.517Z","updated_at":"2014-08-01T10:50:50.517Z","fixed_in":"4.29.5"},{"id":92706,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/rtmp_logout.php s Parameter Path Traversal Remote File Deletion","url":"http://packetstormsecurity.com/files/125454/,https://www.htbridge.com/advisory/HTB23199","osvdb":"103815","cve":"2014-1907","created_at":"2014-08-01T10:50:50.586Z","updated_at":"2014-08-01T10:50:50.586Z","fixed_in":"4.29.5"},{"id":92707,"title":"VideoWhisper Live Streaming Integration 4.27.3 - ls/channel.php n Parameter Reflected XSS","url":"https://www.htbridge.com/advisory/HTB23199","osvdb":"103814","cve":"2014-1906","created_at":"2014-08-01T10:50:50.651Z","updated_at":"2014-08-01T10:50:50.651Z","fixed_in":"4.29.5"},{"id":92708,"title":"VideoWhisper Live Streaming Integration 4.27.3 - Error Message Unspecified Remote Information Disclosure","osvdb":"103428","created_at":"2014-08-01T10:50:50.723Z","updated_at":"2014-08-01T10:50:50.723Z","fixed_in":"4.29.5"},{"id":92709,"title":"VideoWhisper Live Streaming Integration 4.27.3 - Unspecified Path Traversal","osvdb":"103427","created_at":"2014-08-01T10:50:50.806Z","updated_at":"2014-08-01T10:50:50.806Z","fixed_in":"4.29.5"},{"id":92710,"title":"VideoWhisper Live Streaming Integration 4.27.3 - Unspecified XSS","osvdb":"103426","created_at":"2014-08-01T10:50:50.870Z","updated_at":"2014-08-01T10:50:50.870Z","fixed_in":"4.29.5"},{"id":92711,"title":"VideoWhisper Live Streaming Integration 4.27.3 - Unspecified File Upload Remote Code Execution","osvdb":"103425","created_at":"2014-08-01T10:50:50.932Z","updated_at":"2014-08-01T10:50:50.932Z","fixed_in":"4.29.5"},{"id":92712,"title":"VideoWhisper Live Streaming Integration \u003c 4.27.2 - XSS vulnerability in ls/vv_login.php via room_name parameter","url":"http://codevigilant.com/disclosure/wp-plugin-videowhisper-live-streaming-integration-a3-cross-site-scripting-xss/","cve":"2014-4569","created_at":"2014-08-01T10:50:50.996Z","updated_at":"2014-08-01T10:50:50.996Z"},{"id":92713,"title":"VideoWhisper Live Streaming Integration - ls/htmlchat.php Multiple Parameter XSS","url":"http://www.securityfocus.com/bid/61977,http://seclists.org/bugtraq/2013/Aug/163","osvdb":"96593","cve":"2013-5714","secunia":"54619","created_at":"2014-08-01T10:50:51.050Z","updated_at":"2014-08-01T10:50:51.050Z"}]}},{"auctionPlugin":{"vulnerabilities":[{"id":92714,"title":"Sitemile Auctions 2.0.1.3 - wp-content/plugins/auctionPlugin/upload.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113568/","osvdb":"83075","secunia":"49497","created_at":"2014-08-01T10:50:51.110Z","updated_at":"2014-08-01T10:50:51.110Z"}]}},{"lb-mixed-slideshow":{"vulnerabilities":[{"id":92715,"title":"LB Mixed Slideshow 1.0 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/113844/","created_at":"2014-08-01T10:50:51.165Z","updated_at":"2014-08-01T10:50:51.165Z"}]}},{"lim4wp":{"vulnerabilities":[{"id":92716,"title":"Lim4wp 1.1.1 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/113846/","osvdb":"83016","secunia":"49609","created_at":"2014-08-01T10:50:51.221Z","updated_at":"2014-08-01T10:50:51.221Z"}]}},{"wp-imagezoom":{"vulnerabilities":[{"id":92717,"title":"Wp-ImageZoom 1.0.3 - download.php File Upload PHP Code Execution","url":"http://www.opensyscom.fr/Actualites/wordpress-plugins-wp-imagezoom-remote-file-disclosure-vulnerability.html","osvdb":"83015","secunia":"49612","created_at":"2014-08-01T10:50:51.280Z","updated_at":"2014-08-01T10:50:51.280Z"},{"id":92718,"title":"Wp-ImageZoom 1.0.3 - Remote File Disclosure","url":"http://packetstormsecurity.com/files/113845/","created_at":"2014-08-01T10:50:51.359Z","updated_at":"2014-08-01T10:50:51.359Z"},{"id":92719,"title":"Wp-ImageZoom - zoom.php id Parameter SQL Injection","url":"http://www.securityfocus.com/bid/56691,http://xforce.iss.net/xforce/xfdb/80285","osvdb":"87870","created_at":"2014-08-01T10:50:51.415Z","updated_at":"2014-08-01T10:50:51.415Z"}]}},{"invit0r":{"vulnerabilities":[{"id":92720,"title":"Invit0r 0.22 - Shell Upload","url":"http://packetstormsecurity.com/files/113639/","created_at":"2014-08-01T10:50:51.465Z","updated_at":"2014-08-01T10:50:51.465Z"}]}},{"announces":{"vulnerabilities":[{"id":92721,"title":"Annonces 1.2.0.1 - Shell Upload","url":"http://packetstormsecurity.com/files/113637/","created_at":"2014-08-01T10:50:51.520Z","updated_at":"2014-08-01T10:50:51.520Z"}]}},{"contus-video-galleryversion-10":{"vulnerabilities":[{"id":92722,"title":"Contus Video Gallery 1.3 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/113571/","created_at":"2014-08-01T10:50:51.573Z","updated_at":"2014-08-01T10:50:51.573Z"}]}},{"contus-hd-flv-player":{"vulnerabilities":[{"id":92723,"title":"Contus HD FLV Player \u003c= 1.3 - SQL Injection Vulnerability","exploitdb":"17678","created_at":"2014-08-01T10:50:51.636Z","updated_at":"2014-08-01T10:50:51.636Z"},{"id":92724,"title":"Contus HD FLV Player 1.7 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/113570/","created_at":"2014-08-01T10:50:51.698Z","updated_at":"2014-08-01T10:50:51.698Z"}]}},{"user-meta":{"vulnerabilities":[{"id":92725,"title":"User Meta Version 1.1.1 - Arbitrary File Upload Vulnerability","osvdb":"82902","exploitdb":"19052","created_at":"2014-08-01T10:50:51.756Z","updated_at":"2014-08-01T10:50:51.756Z"}]}},{"topquark":{"vulnerabilities":[{"id":92726,"title":"Top Quark Architecture 2.1.0 - lib/js/fancyupload/showcase/batch/script.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113522/","osvdb":"82843","secunia":"49465","exploitdb":"19053","created_at":"2014-08-01T10:50:51.818Z","updated_at":"2014-08-01T10:50:51.818Z"}]}},{"sfbrowser":{"vulnerabilities":[{"id":92727,"title":"SFBrowser 1.4.5 - connectors/php/sfbrowser.php File Upload PHP Code Execution","osvdb":"82845","secunia":"49466","exploitdb":"19054","created_at":"2014-08-01T10:50:51.881Z","updated_at":"2014-08-01T10:50:51.881Z"}]}},{"pica-photo-gallery":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"},{"id":92728,"title":"Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability","exploitdb":"19055","created_at":"2014-08-01T10:50:52.014Z","updated_at":"2014-08-01T10:50:52.014Z"},{"id":92729,"title":"PICA Photo Gallery 1.0 - Remote File Disclosure","url":"http://www.securityfocus.com/bid/53893","exploitdb":"19016","created_at":"2014-08-01T10:50:52.071Z","updated_at":"2014-08-01T10:50:52.071Z"}]}},{"mac-dock-gallery":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"},{"id":92730,"title":"Mac Photo Gallery - Two Security Bypass Security Issues","secunia":"49923","created_at":"2014-08-01T10:50:52.194Z","updated_at":"2014-08-01T10:50:52.194Z"},{"id":92731,"title":"Mac Photo Gallery - Multiple Script Insertion Vulnerabilities","secunia":"49836","created_at":"2014-08-01T10:50:52.247Z","updated_at":"2014-08-01T10:50:52.247Z","fixed_in":"3.0"},{"id":92732,"title":"Mac Photo Gallery 2.7 - upload-file.php File Upload PHP Code Execution","osvdb":"82844","secunia":"49468","exploitdb":"19056","created_at":"2014-08-01T10:50:52.348Z","updated_at":"2014-08-01T10:50:52.348Z"}]}},{"drag-drop-file-uploader":{"vulnerabilities":[{"id":92733,"title":"drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability","exploitdb":"19057","created_at":"2014-08-01T10:50:52.409Z","updated_at":"2014-08-01T10:50:52.409Z"}]}},{"custom-content-type-manager":{"vulnerabilities":[{"id":92734,"title":"Custom Content Type Manager 0.9.5.13pl - upload_form.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113520/","osvdb":"82904","exploitdb":"19058","created_at":"2014-08-01T10:50:52.461Z","updated_at":"2014-08-01T10:50:52.461Z"}]}},{"wp-gpx-map":{"vulnerabilities":[{"id":92735,"title":"wp-gpx-max version 1.1.21 - Arbitrary File Upload","url":"http://www.securityfocus.com/bid/53909,http://packetstormsecurity.org/files/113523/","osvdb":"82900","cve":"2012-6649","exploitdb":"19050","created_at":"2014-08-01T10:50:52.519Z","updated_at":"2014-08-01T10:50:52.519Z","fixed_in":"1.1.23"}]}},{"front-file-manager":{"vulnerabilities":[{"id":92736,"title":"Front File Manager 0.1 - Arbitrary File Upload","exploitdb":"19012","created_at":"2014-08-01T10:50:52.589Z","updated_at":"2014-08-01T10:50:52.589Z"}]}},{"front-end-upload":{"vulnerabilities":[{"id":92737,"title":"Front End Upload 0.5.3 - Arbitrary File Upload","exploitdb":"19008","created_at":"2014-08-01T10:50:52.649Z","updated_at":"2014-08-01T10:50:52.649Z"},{"id":92738,"title":"Front End Upload 0.5.4 - Arbitrary PHP File Upload","exploitdb":"20083","created_at":"2014-08-01T10:50:52.705Z","updated_at":"2014-08-01T10:50:52.705Z"}]}},{"omni-secure-files":{"vulnerabilities":[{"id":92739,"title":"Omni Secure Files 0.1.13 - Arbitrary File Upload","url":"http://www.securityfocus.com/bid/53872","osvdb":"82790","secunia":"49441","exploitdb":"19009","created_at":"2014-08-01T10:50:52.761Z","updated_at":"2014-08-01T10:50:52.761Z"}]}},{"easy-contact-forms-exporter":{"vulnerabilities":[{"id":92740,"title":"Easy Contact Forms Export 1.1.0 - Information Disclosure Vulnerability","exploitdb":"19013","created_at":"2014-08-01T10:50:52.814Z","updated_at":"2014-08-01T10:50:52.814Z"}]}},{"plugin-newsletter":{"vulnerabilities":[{"id":92741,"title":"Plugin Newsletter 1.5 - Remote File Disclosure Vulnerability","url":"http://packetstormsecurity.org/files/113413/","osvdb":"82703","cve":"2012-3588","secunia":"49464","exploitdb":"19018","created_at":"2014-08-01T10:50:52.870Z","updated_at":"2014-08-01T10:50:52.870Z"}]}},{"rbxgallery":{"vulnerabilities":[{"id":92742,"title":"RBX Gallery 2.1 - uploader.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113414/,http://xforce.iss.net/xforce/xfdb/76170","osvdb":"82796","cve":"2012-3575","secunia":"49463","exploitdb":"19019","created_at":"2014-08-01T10:50:52.925Z","updated_at":"2014-08-01T10:50:52.925Z"}]}},{"simple-download-button-shortcode":{"vulnerabilities":[{"id":92743,"title":"Simple Download Button Shortcode 1.0 - Remote File Disclosure","exploitdb":"19020","created_at":"2014-08-01T10:50:52.984Z","updated_at":"2014-08-01T10:50:52.984Z"}]}},{"thinkun-remind":{"vulnerabilities":[{"id":92744,"title":"Thinkun Remind 1.1.3 - Remote File Disclosure","exploitdb":"19021","created_at":"2014-08-01T10:50:53.040Z","updated_at":"2014-08-01T10:50:53.040Z"}]}},{"tinymce-thumbnail-gallery":{"vulnerabilities":[{"id":92745,"title":"Tinymce Thumbnail Gallery 1.0.7 - download-image.php href Parameter Traversal Arbitrary File Access","url":"http://packetstormsecurity.org/files/113417/","osvdb":"82706","secunia":"49460","exploitdb":"19022","created_at":"2014-08-01T10:50:53.096Z","updated_at":"2014-08-01T10:50:53.096Z"}]}},{"wpstorecart":{"vulnerabilities":[{"id":92746,"title":"wpStoreCart 2.5.27-2.5.29 - Arbitrary File Upload","exploitdb":"19023","created_at":"2014-08-01T10:50:53.152Z","updated_at":"2014-08-01T10:50:53.152Z"}]}},{"gallery-plugin":{"vulnerabilities":[{"id":92747,"title":"Gallery 3.06 - gallery-plugin/upload/php.php File Upload PHP Code Execution","osvdb":"82661","exploitdb":"18998","created_at":"2014-08-01T10:50:53.215Z","updated_at":"2014-08-01T10:50:53.215Z"},{"id":92748,"title":"Gallery Plugin 3.8.3 - gallery-plugin.php filename_1 Parameter Arbitrary File Access","url":"http://packetstormsecurity.com/files/119458/,http://www.securityfocus.com/bid/57256,http://seclists.org/bugtraq/2013/Jan/45","osvdb":"89124","created_at":"2014-08-01T10:50:53.282Z","updated_at":"2014-08-01T10:50:53.282Z"}]}},{"font-uploader":{"vulnerabilities":[{"id":92749,"title":"Font Uploader 1.2.4 - Arbitrary File Upload","url":"http://www.securityfocus.com/bid/53853","osvdb":"82657","cve":"2012-3814","exploitdb":"18994","created_at":"2014-08-01T10:50:53.360Z","updated_at":"2014-08-01T10:50:53.360Z"}]}},{"wp-property":{"vulnerabilities":[{"id":92750,"title":"WP Property \u003c= 1.38.3.2 - Non-administrative User XMLI Remote Information Disclosure","osvdb":"102709","created_at":"2014-08-01T10:50:53.431Z","updated_at":"2014-08-01T10:50:53.431Z","fixed_in":"1.38.4"},{"id":92751,"title":"WP Property \u003c= 1.35.0 - Arbitrary File Upload","url":"http://packetstormsecurity.com/files/113274/","osvdb":"82656","secunia":"49394","exploitdb":"18987,23651","created_at":"2014-08-01T10:50:53.498Z","updated_at":"2014-08-01T10:50:53.498Z","metasploit":"exploits/unix/webapp/wp_property_upload_exec"}]}},{"wpmarketplace":{"vulnerabilities":[{"id":92752,"title":"WP Marketplace 1.5.0-1.6.1 - Arbitrary File Upload","exploitdb":"18988","created_at":"2014-08-01T10:50:53.553Z","updated_at":"2014-08-01T10:50:53.553Z"},{"id":92753,"title":"WP Marketplace 1.2.1 - File Enumeration Weakness and File Upload Vulnerabilities","url":"http://www.securityfocus.com/bid/52960","created_at":"2014-08-01T10:50:53.605Z","updated_at":"2014-08-01T10:50:53.605Z","fixed_in":"1.2.2"}]}},{"store-locator-le":{"vulnerabilities":[{"id":92754,"title":"Google Maps via Store Locator - Multiple Vulnerabilities","exploitdb":"18989","created_at":"2014-08-01T10:50:53.681Z","updated_at":"2014-08-01T10:50:53.681Z"},{"id":92755,"title":"store-locator-le - SQL Injection","secunia":"51757","created_at":"2014-08-01T10:50:53.745Z","updated_at":"2014-08-01T10:50:53.745Z","fixed_in":"3.8.7"}]}},{"html5avmanager":{"vulnerabilities":[{"id":92756,"title":"HTML5 AV Manager 0.2.7 - Arbitrary File Upload","url":"http://www.securityfocus.com/bid/53804","exploitdb":"18990","created_at":"2014-08-01T10:50:53.810Z","updated_at":"2014-08-01T10:50:53.810Z"}]}},{"foxypress":{"vulnerabilities":[{"id":92757,"title":"Foxypress 0.4.1.1-0.4.2.1 - Arbitrary File Upload","url":"http://packetstormsecurity.com/files/113576/,http://www.securityfocus.com/bid/53805","exploitdb":"18991,19100","created_at":"2014-08-01T10:50:53.865Z","updated_at":"2014-08-01T10:50:53.865Z","metasploit":"exploits/unix/webapp/php_wordpress_foxypress"},{"id":92758,"title":"FoxyPress 0.4.2.5 - XSS, CSRF, SQL Injection","url":"http://packetstormsecurity.com/files/117768/","secunia":"51109","created_at":"2014-08-01T10:50:53.919Z","updated_at":"2014-08-01T10:50:53.919Z"},{"id":92759,"title":"FoxyPress 0.4.2.5 - documenthandler.php prefix Parameter SQL Injection","url":"http://xforce.iss.net/xforce/xfdb/79698","osvdb":"86804","exploitdb":"22374","created_at":"2014-08-01T10:50:53.972Z","updated_at":"2014-08-01T10:50:53.972Z"},{"id":92760,"title":"FoxyPress 0.4.2.5 - foxypress-manage-emails.php id Parameter SQL Injection","url":"http://xforce.iss.net/xforce/xfdb/79697","osvdb":"86805","exploitdb":"22374","created_at":"2014-08-01T10:50:54.033Z","updated_at":"2014-08-01T10:50:54.033Z"},{"id":92761,"title":"FoxyPress 0.4.2.5 - inventory-category.php Multiple Parameter SQL Injection","url":"http://xforce.iss.net/xforce/xfdb/79697","osvdb":"86806","exploitdb":"22374","created_at":"2014-08-01T10:50:54.102Z","updated_at":"2014-08-01T10:50:54.102Z"},{"id":92762,"title":"FoxyPress 0.4.2.5 - reports.php Multiple Parameter XSS","url":"http://xforce.iss.net/xforce/xfdb/79699","osvdb":"86807","exploitdb":"22374","created_at":"2014-08-01T10:50:54.157Z","updated_at":"2014-08-01T10:50:54.157Z"},{"id":92763,"title":"FoxyPress 0.4.2.5 - foxypress-affiliate.php aff_id Parameter XSS","url":"http://xforce.iss.net/xforce/xfdb/79699","osvdb":"86808","exploitdb":"22374","created_at":"2014-08-01T10:50:54.211Z","updated_at":"2014-08-01T10:50:54.211Z"},{"id":92764,"title":"FoxyPress 0.4.2.5 - affiliate-management.php Multiple Parameter SQL Injection","url":"http://xforce.iss.net/xforce/xfdb/79697","osvdb":"86809","exploitdb":"22374","created_at":"2014-08-01T10:50:54.272Z","updated_at":"2014-08-01T10:50:54.272Z"},{"id":92765,"title":"FoxyPress 0.4.2.5 - foxypress-manage-emails.php id Parameter XSS","url":"http://xforce.iss.net/xforce/xfdb/79699","osvdb":"86810","exploitdb":"22374","created_at":"2014-08-01T10:50:54.340Z","updated_at":"2014-08-01T10:50:54.340Z"},{"id":92766,"title":"FoxyPress 0.4.2.5 - order-management.php status Parameter XSS","url":"http://xforce.iss.net/xforce/xfdb/79699","osvdb":"86811","exploitdb":"22374","created_at":"2014-08-01T10:50:54.405Z","updated_at":"2014-08-01T10:50:54.405Z"},{"id":92767,"title":"FoxyPress 0.4.2.5 - affiliate-management.php page Parameter XSS","url":"http://xforce.iss.net/xforce/xfdb/79699","osvdb":"86812","exploitdb":"22374","created_at":"2014-08-01T10:50:54.470Z","updated_at":"2014-08-01T10:50:54.470Z"},{"id":92768,"title":"FoxyPress 0.4.2.5 - foxypress-affiliate.php url Parameter Arbitrary Site Redirect","url":"http://xforce.iss.net/xforce/xfdb/79700","osvdb":"86813","exploitdb":"22374","created_at":"2014-08-01T10:50:54.523Z","updated_at":"2014-08-01T10:50:54.523Z"},{"id":92769,"title":"FoxyPress 0.4.2.5 - Multiple CSV File Direct Request Information Disclosure","url":"http://xforce.iss.net/xforce/xfdb/79701","osvdb":"86814","exploitdb":"22374","created_at":"2014-08-01T10:50:54.586Z","updated_at":"2014-08-01T10:50:54.586Z"},{"id":92770,"title":"FoxyPress 0.4.2.5 - ajax.php Access Restriction Multiple Command Execution","url":"http://xforce.iss.net/xforce/xfdb/79703","osvdb":"86815","exploitdb":"22374","created_at":"2014-08-01T10:50:54.638Z","updated_at":"2014-08-01T10:50:54.638Z"},{"id":92771,"title":"FoxyPress 0.4.2.5 - Multiple Script Direct Request Path Disclosure","url":"http://xforce.iss.net/xforce/xfdb/79704","osvdb":"86816","exploitdb":"22374","created_at":"2014-08-01T10:50:54.693Z","updated_at":"2014-08-01T10:50:54.693Z"},{"id":92772,"title":"FoxyPress 0.4.2.5 - Multiple Object Deletion CSRF","url":"http://xforce.iss.net/xforce/xfdb/79702","osvdb":"86817","exploitdb":"22374","created_at":"2014-08-01T10:50:54.747Z","updated_at":"2014-08-01T10:50:54.747Z"},{"id":92773,"title":"FoxyPress 0.4.2.5 - documenthandler.php File Upload Arbitrary Code Execution","url":"http://xforce.iss.net/xforce/xfdb/79697","osvdb":"86818","exploitdb":"22374","created_at":"2014-08-01T10:50:54.802Z","updated_at":"2014-08-01T10:50:54.802Z"}]}},{"track-that-stat":{"vulnerabilities":[{"id":92774,"title":"Track That Stat \u003c= 1.0.8 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112722/,http://www.securityfocus.com/bid/53551","created_at":"2014-08-01T10:50:54.856Z","updated_at":"2014-08-01T10:50:54.856Z"}]}},{"wp-facethumb":{"vulnerabilities":[{"id":92775,"title":"WP-Facethumb Gallery \u003c= 0.1 - Reflected Cross Site Scripting","url":"http://packetstormsecurity.com/files/112658/","created_at":"2014-08-01T10:50:54.909Z","updated_at":"2014-08-01T10:50:54.909Z"}]}},{"wp-survey-and-quiz-tool":{"vulnerabilities":[{"id":92776,"title":"Survey And Quiz Tool \u003c= 2.9.2 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112685/","created_at":"2014-08-01T10:50:54.964Z","updated_at":"2014-08-01T10:50:54.964Z"}]}},{"wp-statistics":{"vulnerabilities":[{"id":92777,"title":"WP Statistics \u003c= 2.2.4 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112686/","created_at":"2014-08-01T10:50:55.016Z","updated_at":"2014-08-01T10:50:55.016Z"}]}},{"wp-easy-gallery":{"vulnerabilities":[{"id":92778,"title":"WP Easy Gallery \u003c= 2.7 - CSRF","url":"https://plugins.trac.wordpress.org/changeset?reponame=\u0026old=669527@wp-easy-gallery\u0026new=669527@wp-easy-gallery","secunia":"49190","created_at":"2014-08-01T10:50:55.073Z","updated_at":"2014-08-01T10:50:55.073Z","fixed_in":"2.7.3"},{"id":92779,"title":"WP Easy Gallery 2.7 - admin/overview.php galleryId Parameter SQL Injection","osvdb":"105012","created_at":"2014-08-01T10:50:55.134Z","updated_at":"2014-08-01T10:50:55.134Z","fixed_in":"2.7.1"},{"id":92780,"title":"WP Easy Gallery 2.7 - admin/add-images.php Multiple Parameter SQL Injection","osvdb":"105013","created_at":"2014-08-01T10:50:55.208Z","updated_at":"2014-08-01T10:50:55.208Z","fixed_in":"2.7.1"},{"id":92781,"title":"WP Easy Gallery 2.7 - Multiple Admin Function CSRF","osvdb":"105014","created_at":"2014-08-01T10:50:55.299Z","updated_at":"2014-08-01T10:50:55.299Z","fixed_in":"2.7.1"},{"id":92782,"title":"WP Easy Gallery \u003c= 1.7 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112687/","secunia":"49190","created_at":"2014-08-01T10:50:55.383Z","updated_at":"2014-08-01T10:50:55.383Z","fixed_in":"2.7.3"}]}},{"subscribe2":{"vulnerabilities":[{"id":92783,"title":"Subscribe2 \u003c= 8.0 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112688/,http://www.securityfocus.com/bid/53538","secunia":"49189","created_at":"2014-08-01T10:50:55.446Z","updated_at":"2014-08-01T10:50:55.446Z","fixed_in":"8.1"}]}},{"soundcloud-is-gold":{"vulnerabilities":[{"id":92784,"title":"Soundcloud Is Gold \u003c= 2.1 - 'action' Parameter Cross Site Scripting Vulnerability","url":"http://packetstormsecurity.com/files/112689/,http://www.securityfocus.com/bid/53537","osvdb":"81919","cve":"2012-6624","secunia":"49188","created_at":"2014-08-01T10:50:55.512Z","updated_at":"2014-08-01T10:50:55.512Z"}]}},{"sharebar":{"vulnerabilities":[{"id":92785,"title":"Sharebar \u003c= 1.2.5 - sharebar-admin.php page Parameter XSS","url":"http://packetstormsecurity.com/files/123365/","osvdb":"98078","created_at":"2014-08-01T10:50:55.570Z","updated_at":"2014-08-01T10:50:55.570Z"},{"id":92786,"title":"Sharebar \u003c= 1.2.5 - Button Manipulation CSRF","url":"http://www.securityfocus.com/bid/60956","osvdb":"94843","cve":"2013-3491","secunia":"52948","created_at":"2014-08-01T10:50:55.628Z","updated_at":"2014-08-01T10:50:55.628Z"},{"id":92787,"title":"Sharebar 1.2.3 - wp-admin/options-general.php status Parameter XSS","osvdb":"81465","secunia":"48908","created_at":"2014-08-01T10:50:55.682Z","updated_at":"2014-08-01T10:50:55.682Z"},{"id":92788,"title":"Sharebar \u003c= 1.2.1 - SQL Injection / Cross Site Scripting","url":"http://packetstormsecurity.com/files/112690/","created_at":"2014-08-01T10:50:55.737Z","updated_at":"2014-08-01T10:50:55.737Z","fixed_in":"1.2.2"}]}},{"share-and-follow":{"vulnerabilities":[{"id":92789,"title":"Share And Follow \u003c= 1.80.3 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112691/","created_at":"2014-08-01T10:50:55.812Z","updated_at":"2014-08-01T10:50:55.812Z"}]}},{"sabre":{"vulnerabilities":[{"id":92790,"title":"SABRE \u003c= 1.2.0 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112692/","osvdb":"82269","cve":"2012-2916","created_at":"2014-08-01T10:50:55.869Z","updated_at":"2014-08-01T10:50:55.869Z","fixed_in":"1.2.2"}]}},{"pretty-link":{"vulnerabilities":[{"id":92791,"title":"Pretty Link Lite \u003c= 1.5.2 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112693/","created_at":"2014-08-01T10:50:55.938Z","updated_at":"2014-08-01T10:50:55.938Z"},{"id":92792,"title":"Pretty Link Lite \u003c= 1.6.1 - Cross Site Scripting","secunia":"50980","created_at":"2014-08-01T10:50:55.997Z","updated_at":"2014-08-01T10:50:55.997Z"},{"id":92793,"title":"pretty-link - XSS in SWF","url":"http://seclists.org/bugtraq/2013/Feb/100,http://packetstormsecurity.com/files/120433/","cve":"2013-1636","created_at":"2014-08-01T10:50:56.057Z","updated_at":"2014-08-01T10:50:56.057Z"}]}},{"newsletter-manager":{"vulnerabilities":[{"id":92794,"title":"Newsletter Manager \u003c= 1.0.2 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112694/","osvdb":"102186,102548,102549,102550,81920","cve":"2012-6628","secunia":"49183","created_at":"2014-08-01T10:50:56.112Z","updated_at":"2014-08-01T10:50:56.112Z","fixed_in":"1.0.2"},{"id":92795,"title":"Newsletter Manager 1.0.2 - Cross Site Scripting \u0026 Cross-Site Request Forgery","cve":"2012-6627,2012-6629","secunia":"49152","created_at":"2014-08-01T10:50:56.182Z","updated_at":"2014-08-01T10:50:56.182Z"}]}},{"network-publisher":{"vulnerabilities":[{"id":92796,"title":"Network Publisher \u003c= 5.0.1 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112695/","created_at":"2014-08-01T10:50:56.241Z","updated_at":"2014-08-01T10:50:56.241Z"}]}},{"leaguemanager":{"vulnerabilities":[{"id":92797,"title":"LeagueManager \u003c= 3.7 - wp-admin/admin.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/112698/,http://www.securityfocus.com/bid/53525,http://xforce.iss.net/xforce/xfdb/75629","osvdb":"82266","secunia":"49949","created_at":"2014-08-01T10:50:56.299Z","updated_at":"2014-08-01T10:50:56.299Z"},{"id":92798,"title":"LeagueManager 3.8 - SQL Injection","osvdb":"91442","cve":"2013-1852","exploitdb":"24789","created_at":"2014-08-01T10:50:56.352Z","updated_at":"2014-08-01T10:50:56.352Z"}]}},{"leaflet":{"vulnerabilities":[{"id":92799,"title":"Leaflet \u003c= 0.0.1 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112699/","created_at":"2014-08-01T10:50:56.409Z","updated_at":"2014-08-01T10:50:56.409Z"}]}},{"joliprint":{"vulnerabilities":[{"id":92800,"title":"PDF And Print Button Joliprint \u003c= 1.3.0 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112700/","created_at":"2014-08-01T10:50:56.461Z","updated_at":"2014-08-01T10:50:56.461Z"}]}},{"iframe-admin-pages":{"vulnerabilities":[{"id":92801,"title":"IFrame Admin Pages \u003c= 0.1 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112701/","created_at":"2014-08-01T10:50:56.521Z","updated_at":"2014-08-01T10:50:56.521Z"}]}},{"ezpz-one-click-backup":{"vulnerabilities":[{"id":92802,"title":"EZPZ One Click Backup \u003c= 12.03.10 - OS Command Injection","url":"http://www.openwall.com/lists/oss-security/2014/05/01/11","osvdb":"106511","cve":"2014-3114","created_at":"2014-08-01T10:50:56.576Z","updated_at":"2014-08-01T10:50:56.576Z"},{"id":92803,"title":"EZPZ One Click Backup \u003c= 12.03.10 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112705/","created_at":"2014-08-01T10:50:56.627Z","updated_at":"2014-08-01T10:50:56.627Z"}]}},{"dynamic-widgets":{"vulnerabilities":[{"id":92804,"title":"Dynamic Widgets \u003c= 1.5.1 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112706/","created_at":"2014-08-01T10:50:56.681Z","updated_at":"2014-08-01T10:50:56.681Z"}]}},{"download-monitor":{"vulnerabilities":[{"id":92805,"title":"Download Monitor \u003c= 3.3.6.1 - wp-admin/admin.php Multiple Parameter XSS (Note: This plugin changed its version numbering, this may produce false positive)","url":"http://www.securityfocus.com/bid/61407,http://xforce.iss.net/xforce/xfdb/85921","osvdb":"95613","cve":"2013-5098,2013-3262","secunia":"53116","created_at":"2014-08-01T10:50:56.735Z","updated_at":"2014-08-01T10:50:56.735Z","fixed_in":"3.3.6.2"},{"id":92806,"title":"Download Monitor \u003c= 3.3.5.7 - index.php dlsearch Parameter XSS (Note: This plugin changed its version numbering, this may produce false positive)","url":"http://www.reactionpenetrationtesting.co.uk/wordpress-download-monitor-xss.html","osvdb":"85319","cve":"2012-4768","secunia":"50511","created_at":"2014-08-01T10:50:56.795Z","updated_at":"2014-08-01T10:50:56.795Z","fixed_in":"3.3.5.9"},{"id":92807,"title":"Download Monitor \u003c= 3.3.5.4 - Cross Site Scripting (Note: This plugin changed its version numbering, this may produce false positive)","url":"http://packetstormsecurity.com/files/112707/","created_at":"2014-08-01T10:50:56.856Z","updated_at":"2014-08-01T10:50:56.856Z"},{"id":92808,"title":"Download Monitor 2.0.6 - wp-download_monitor/download.php id Parameter SQL Injection (Note: This plugin changed its version numbering, this may produce false positive)","osvdb":"44616","cve":"2008-2034","secunia":"29876","created_at":"2014-08-01T10:50:56.910Z","updated_at":"2014-08-01T10:50:56.910Z","fixed_in":"2.0.8"}]}},{"download-manager":{"vulnerabilities":[{"id":92809,"title":"Download Manager 2.5.8 - Download Package file Parameter Stored XSS","url":"http://www.securityfocus.com/bid/64159","osvdb":"101143","cve":"2013-7319","secunia":"55969","created_at":"2014-08-01T10:50:56.971Z","updated_at":"2014-08-01T10:50:56.971Z","fixed_in":"2.5.9"},{"id":92810,"title":"Download Manager \u003c= 2.2.2 - admin.php cid Parameter XSS","url":"http://packetstormsecurity.com/files/112708/","osvdb":"81449","secunia":"48927","created_at":"2014-08-01T10:50:57.044Z","updated_at":"2014-08-01T10:50:57.044Z","fixed_in":"2.2.3"}]}},{"codestyling-localization":{"vulnerabilities":[{"id":92811,"title":"Code Styling Localization \u003c= 1.99.17 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112709/","secunia":"49037","created_at":"2014-08-01T10:50:57.106Z","updated_at":"2014-08-01T10:50:57.106Z","fixed_in":"1.99.20"}]}},{"catablog":{"vulnerabilities":[{"id":92812,"title":"Catablog \u003c= 1.6 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112619/","created_at":"2014-08-01T10:50:57.172Z","updated_at":"2014-08-01T10:50:57.172Z"}]}},{"bad-behavior":{"vulnerabilities":[{"id":92813,"title":"Bad Behavior \u003c= 2.24 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112619/","created_at":"2014-08-01T10:50:57.224Z","updated_at":"2014-08-01T10:50:57.224Z"}]}},{"bulletproof-security":{"vulnerabilities":[{"id":92814,"title":"BulletProof Security \u003c= .47 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112618/","created_at":"2014-08-01T10:50:57.278Z","updated_at":"2014-08-01T10:50:57.278Z","fixed_in":".47.1"},{"id":92815,"title":"BulletProof Security - Security Log Script Insertion Vulnerability","osvdb":"95928,95929,95930","cve":"2013-3487","secunia":"53614","created_at":"2014-08-01T10:50:57.367Z","updated_at":"2014-08-01T10:50:57.367Z","fixed_in":".49"}]}},{"better-wp-security":{"vulnerabilities":[{"id":92816,"title":"Better WP Security 3.6.3 - Online Backup Storage current_time Function Brute Force Disclosure","url":"http://packetstormsecurity.com/files/125219/","osvdb":"103358","created_at":"2014-08-01T10:50:57.428Z","updated_at":"2014-08-01T10:50:57.428Z"},{"id":92817,"title":"Better WP Security 3.6.3 - /wp-admin/admin-ajax.php license Parameter Stored XSS Weakness","url":"http://packetstormsecurity.com/files/125219/","osvdb":"103357","created_at":"2014-08-01T10:50:57.488Z","updated_at":"2014-08-01T10:50:57.488Z"},{"id":92818,"title":"Better WP Security 3.5.5 - inc/admin/content.php id_specialfile Parameter Stored XSS","osvdb":"101788","created_at":"2014-08-01T10:50:57.543Z","updated_at":"2014-08-01T10:50:57.543Z","fixed_in":"3.5.6"},{"id":92819,"title":"Better WP Security \u003c= 3.5.3 - inc/secure.php logevent Function URL Handling Stored XSS","url":"http://packetstormsecurity.com/files/122615/,https://github.com/wpscanteam/wpscan/issues/251,http://www.securityfocus.com/archive/1/527634/30/0/threaded","osvdb":"95884","secunia":"54299","exploitdb":"27290","created_at":"2014-08-01T10:50:57.605Z","updated_at":"2014-08-01T10:50:57.605Z","fixed_in":"3.5.4"},{"id":92820,"title":"Better WP Security 3.4.3 - Multiple XSS","url":"http://seclists.org/bugtraq/2012/Oct/9","created_at":"2014-08-01T10:50:57.672Z","updated_at":"2014-08-01T10:50:57.672Z","fixed_in":"3.4.4"},{"id":92821,"title":"Better WP Security \u003c= 3.2.4 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112617/","created_at":"2014-08-01T10:50:57.737Z","updated_at":"2014-08-01T10:50:57.737Z","fixed_in":"3.2.5"}]}},{"custom-contact-forms":{"vulnerabilities":[{"id":92822,"title":"Custom Contact Forms \u003c= 5.0.0.1 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112616/","created_at":"2014-08-01T10:50:57.799Z","updated_at":"2014-08-01T10:50:57.799Z"}]}},{"2-click-socialmedia-button":{"vulnerabilities":[{"id":92823,"title":"2-Click-Socialmedia-Buttons \u003c= 0.34 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112615/","created_at":"2014-08-01T10:50:57.856Z","updated_at":"2014-08-01T10:50:57.856Z"},{"id":92824,"title":"2-Click-Socialmedia-Buttons \u003c= 0.32.2 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112711/","secunia":"49181","created_at":"2014-08-01T10:50:57.909Z","updated_at":"2014-08-01T10:50:57.909Z","fixed_in":"0.35"}]}},{"login-with-ajax":{"vulnerabilities":[{"id":92825,"title":"Login With Ajax - Cross Site Scripting","url":"http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-003/","osvdb":"81712","cve":"2012-2759","secunia":"49013","created_at":"2014-08-01T10:50:57.973Z","updated_at":"2014-08-01T10:50:57.973Z","fixed_in":"3.0.4.1"},{"id":92826,"title":"Login With Ajax - Cross-Site Request Forgery Vulnerability","osvdb":"93031","cve":"2013-2707","secunia":"52950","created_at":"2014-08-01T10:50:58.039Z","updated_at":"2014-08-01T10:50:58.039Z","fixed_in":"3.1"}]}},{"media-library-categories":{"vulnerabilities":[{"id":92827,"title":"Media Library Categories \u003c= 1.0.6 - SQL Injection Vulnerability","exploitdb":"17628","created_at":"2014-08-01T10:50:58.101Z","updated_at":"2014-08-01T10:50:58.101Z"},{"id":92828,"title":"Media Library Categories \u003c= 1.1.1 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112697/","osvdb":"81916,109601","cve":"2012-6630","created_at":"2014-08-01T10:50:58.154Z","updated_at":"2014-08-01T10:50:58.154Z"}]}},{"deans-fckeditor-with-pwwangs-code-plugin-for-wordpress":{"vulnerabilities":[{"id":92829,"title":"FCKeditor Deans With Pwwangs Code \u003c= 1.0.0 - Remote Shell Upload","url":"http://packetstormsecurity.com/files/111319/","created_at":"2014-08-01T10:50:58.204Z","updated_at":"2014-08-01T10:50:58.204Z"}]}},{"zingiri-web-shop":{"vulnerabilities":[{"id":92830,"title":"Zingiri Web Shop 2.6.5 - fwkfor/ajax/uploadfilexd.php Unspecified Issue","osvdb":"103554","created_at":"2014-08-01T10:50:58.262Z","updated_at":"2014-08-01T10:50:58.262Z","fixed_in":"2.6.6"},{"id":92831,"title":"Zingiri Web Shop 2.6.4 - mform.php Unspecified Issue","osvdb":"101717","secunia":"56230","created_at":"2014-08-01T10:50:58.339Z","updated_at":"2014-08-01T10:50:58.339Z","fixed_in":"2.6.5"},{"id":92832,"title":"Zingiri Web Shop 2.5.0 - ajaxfilemanager.php path Parameter File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/118318/,http://www.securityfocus.com/bid/56659,http://xforce.iss.net/xforce/xfdb/80257","osvdb":"87833","created_at":"2014-08-01T10:50:58.401Z","updated_at":"2014-08-01T10:50:58.401Z"},{"id":92833,"title":"Zingiri Web Shop 2.4.3 - Shell Upload","url":"http://packetstormsecurity.com/files/113668/","created_at":"2014-08-01T10:50:58.459Z","updated_at":"2014-08-01T10:50:58.459Z"},{"id":92834,"title":"Zingiri Web Shop - Cookie SQL Injection Vulnerability","secunia":"49398","created_at":"2014-08-01T10:50:58.511Z","updated_at":"2014-08-01T10:50:58.511Z","fixed_in":"2.4.8"},{"id":92835,"title":"Zingiri Web Shop \u003c= 2.4.0 - zing.inc.php page Parameter XSS","url":"http://www.securityfocus.com/bid/53278,http://xforce.iss.net/xforce/xfdb/75178","osvdb":"81492","cve":"2012-6506","secunia":"48991","exploitdb":"18787","created_at":"2014-08-01T10:50:58.578Z","updated_at":"2014-08-01T10:50:58.578Z","fixed_in":"2.4.2"},{"id":92836,"title":"Zingiri Web Shop \u003c= 2.4.0 - onecheckout.php notes Parameter XSS","url":"http://www.securityfocus.com/bid/53278,http://xforce.iss.net/xforce/xfdb/75179","osvdb":"81493","cve":"2012-6506","secunia":"48991","exploitdb":"18787","created_at":"2014-08-01T10:50:58.644Z","updated_at":"2014-08-01T10:50:58.644Z","fixed_in":"2.4.2"},{"id":92837,"title":"Zingiri Web Shop \u003c= 2.3.5 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112684/","created_at":"2014-08-01T10:50:58.706Z","updated_at":"2014-08-01T10:50:58.706Z"}]}},{"organizer":{"vulnerabilities":[{"id":92838,"title":"Organizer 1.2.1 - Cross Site Scripting / Path Disclosure","url":"http://packetstormsecurity.com/files/112086/,http://packetstormsecurity.com/files/113800/","created_at":"2014-08-01T10:50:58.757Z","updated_at":"2014-08-01T10:50:58.757Z"}]}},{"zingiri-tickets":{"vulnerabilities":[{"id":92839,"title":"Zingiri Tickets 2.1.2 - Unspecified Issue","osvdb":"105015","created_at":"2014-08-01T10:50:58.810Z","updated_at":"2014-08-01T10:50:58.810Z","fixed_in":"2.1.3"},{"id":92840,"title":"Zingiri Tickets - File Disclosure","url":"http://packetstormsecurity.com/files/111904/","created_at":"2014-08-01T10:50:58.869Z","updated_at":"2014-08-01T10:50:58.869Z"}]}},{"cms-tree-page-view":{"vulnerabilities":[{"id":92841,"title":"CMS Tree Page View 1.2.4 - Page Creation CSRF","osvdb":"91270","secunia":"52581","created_at":"2014-08-01T10:50:58.921Z","updated_at":"2014-08-01T10:50:58.921Z","fixed_in":"1.2.5"},{"id":92842,"title":"CMS Tree Page View 0.8.8 - XSS vulnerability","url":"https://www.htbridge.com/advisory/HTB23083,http://www.securityfocus.com/bid/52708,http://xforce.iss.net/xforce/xfdb/74337","osvdb":"80573","secunia":"48510","created_at":"2014-08-01T10:50:58.989Z","updated_at":"2014-08-01T10:50:58.989Z","fixed_in":"0.8.9"}]}},{"all-in-one-event-calendar":{"vulnerabilities":[{"id":92843,"title":"All-in-One Event Calendar 1.4 - Multiple XSS vulnerabilities","url":"http://seclists.org/bugtraq/2012/Apr/70","created_at":"2014-08-01T10:50:59.051Z","updated_at":"2014-08-01T10:50:59.051Z"},{"id":92844,"title":"All-in-One Event Calendar 1.9 - wp-admin/post-new.php Multiple Parameter XSS","url":"http://www.firefart.net/sql-injection-and-xss-in-all-in-one-event-calendar-wordpress-plugin/","osvdb":"96271","secunia":"54038","created_at":"2014-08-01T10:50:59.106Z","updated_at":"2014-08-01T10:50:59.106Z","fixed_in":"1.10"},{"id":92845,"title":"All-in-One Event Calendar 1.9 - index.php Multiple Parameter SQL Injection","url":"http://www.firefart.net/sql-injection-and-xss-in-all-in-one-event-calendar-wordpress-plugin/","osvdb":"96272","secunia":"54038","created_at":"2014-08-01T10:50:59.175Z","updated_at":"2014-08-01T10:50:59.175Z","fixed_in":"1.10"}]}},{"buddypress":{"vulnerabilities":[{"id":92846,"title":"Buddypress \u003c= 1.9.1 - Crafted bp_new_group_id Cookie Arbitrary Group Manipulation","url":"http://packetstormsecurity.com/files/125213/","osvdb":"103308","cve":"2014-1889","secunia":"56950","exploitdb":"31571","created_at":"2014-08-01T10:50:59.236Z","updated_at":"2014-08-01T10:50:59.236Z","fixed_in":"1.9.2"},{"id":92847,"title":"Buddypress \u003c= 1.9.1 - groups/create/step/group-details/ Group Name Field Stored XSS","url":"http://packetstormsecurity.com/files/125212/","osvdb":"103307","cve":"2014-1888","secunia":"56950","created_at":"2014-08-01T10:50:59.311Z","updated_at":"2014-08-01T10:50:59.311Z","fixed_in":"1.9.2"},{"id":92848,"title":"BuddyPress 1.7.1 - bp-activity-classes.php Multiple Parameter SQL Injection","osvdb":"104761","created_at":"2014-08-01T10:50:59.374Z","updated_at":"2014-08-01T10:50:59.374Z","fixed_in":"1.7.2"},{"id":92849,"title":"BuddyPress 1.7.1 - bp-blogs-classes.php Multiple Parameter SQL Injection","osvdb":"104761","created_at":"2014-08-01T10:50:59.441Z","updated_at":"2014-08-01T10:50:59.441Z","fixed_in":"1.7.2"},{"id":92850,"title":"BuddyPress 1.7.1 - bp-friends/bp-friends-classes.php Multiple Parameter SQL Injection","osvdb":"104760","created_at":"2014-08-01T10:50:59.504Z","updated_at":"2014-08-01T10:50:59.504Z","fixed_in":"1.7.2"},{"id":92851,"title":"BuddyPress 1.7.1 - bp-core/bp-core-classes.php Multiple Parameter SQL Injection","osvdb":"104759","created_at":"2014-08-01T10:50:59.576Z","updated_at":"2014-08-01T10:50:59.576Z","fixed_in":"1.7.2"},{"id":92852,"title":"BuddyPress 1.7.1 - bp-core/bp-core-functions.php page_ids Parameter SQL Injection","osvdb":"104758","created_at":"2014-08-01T10:50:59.638Z","updated_at":"2014-08-01T10:50:59.638Z","fixed_in":"1.7.2"},{"id":92853,"title":"BuddyPress 1.7.1 - bp-core/bp-core-filters.php user_ids Parameter SQL Injection","osvdb":"104757","created_at":"2014-08-01T10:50:59.699Z","updated_at":"2014-08-01T10:50:59.699Z","fixed_in":"1.7.2"},{"id":92854,"title":"BuddyPress 1.7.1 - bp-core/bp-core-cache.php object_ids Parameter SQL Injection","osvdb":"104755","created_at":"2014-08-01T10:50:59.761Z","updated_at":"2014-08-01T10:50:59.761Z","fixed_in":"1.7.2"},{"id":92855,"title":"Buddypress - player.swf / jwplayer.swf playerready Parameter XSS","url":"http://packetstormsecurity.com/files/119020/,http://xforce.iss.net/xforce/xfdb/80840","osvdb":"88886","created_at":"2014-08-01T10:50:59.822Z","updated_at":"2014-08-01T10:50:59.822Z"},{"id":92856,"title":"Buddypress \u003c= 1.5.4 - wp-load.php exclude Parameter SQL Injection","osvdb":"80763","cve":"2012-2109","exploitdb":"18690","created_at":"2014-08-01T10:50:59.874Z","updated_at":"2014-08-01T10:50:59.874Z","fixed_in":"1.5.5"},{"id":92857,"title":"BuddyPress 1.2.9 - groups/test-group/activity/ activity_ids Parameter SQL Injection","osvdb":"104756","created_at":"2014-08-01T10:50:59.936Z","updated_at":"2014-08-01T10:50:59.936Z","fixed_in":"1.2.10"}]}},{"register-plus-redux":{"vulnerabilities":[{"id":92858,"title":"Register Plus Redux \u003c= 3.8.3 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/111367/","created_at":"2014-08-01T10:51:00.001Z","updated_at":"2014-08-01T10:51:00.001Z"}]}},{"magn-html5-drag-and-drop-media-uploader":{"vulnerabilities":[{"id":92859,"title":"Magn WP Drag and Drop \u003c= 1.1.4 - Upload Shell Upload Vulnerability","url":"http://packetstormsecurity.com/files/110103/","created_at":"2014-08-01T10:51:00.057Z","updated_at":"2014-08-01T10:51:00.057Z"}]}},{"kish-guest-posting":{"vulnerabilities":[{"id":92860,"title":"Kish Guest Posting 1.0 - Arbitrary File Upload","exploitdb":"18412","created_at":"2014-08-01T10:51:00.108Z","updated_at":"2014-08-01T10:51:00.108Z"}]}},{"allwebmenus-wordpress-menu-plugin":{"vulnerabilities":[{"id":92861,"title":"AllWebMenus Shell Upload \u003c= 1.1.9 - Shell Upload","url":"http://packetstormsecurity.com/files/108946/","created_at":"2014-08-01T10:51:00.159Z","updated_at":"2014-08-01T10:51:00.159Z"},{"id":92862,"title":"AllWebMenus 1.1.3 - Remote File Inclusion","osvdb":"75615","cve":"2011-3981","secunia":"46068","exploitdb":"17861","created_at":"2014-08-01T10:51:00.214Z","updated_at":"2014-08-01T10:51:00.214Z","fixed_in":"1.1.4"}]}},{"shortcode-redirect":{"vulnerabilities":[{"id":92863,"title":"Shortcode Redirect \u003c= 1.0.01 - Stored Cross Site Scripting","url":"http://packetstormsecurity.com/files/108914/","created_at":"2014-08-01T10:51:00.277Z","updated_at":"2014-08-01T10:51:00.277Z"}]}},{"ucan-post":{"vulnerabilities":[{"id":92864,"title":"uCan Post \u003c= 1.0.09 - Stored XSS","exploitdb":"18390","created_at":"2014-08-01T10:51:00.341Z","updated_at":"2014-08-01T10:51:00.341Z"}]}},{"wp-cycle-playlist":{"vulnerabilities":[{"id":92865,"title":"WP Cycle Playlist - Multiple Vulnerabilities","url":"http://1337day.com/exploit/17396","created_at":"2014-08-01T10:51:00.394Z","updated_at":"2014-08-01T10:51:00.394Z"}]}},{"myeasybackup":{"vulnerabilities":[{"id":92866,"title":"myEASYbackup 1.0.8.1 - Directory Traversal","url":"http://packetstormsecurity.com/files/108711/","created_at":"2014-08-01T10:51:00.447Z","updated_at":"2014-08-01T10:51:00.447Z"}]}},{"count-per-day":{"vulnerabilities":[{"id":92867,"title":"Count per Day 3.2.5 - wp-admin/index.php daytoshow Parameter XSS","url":"http://packetstormsecurity.com/files/120649/","osvdb":"90893","secunia":"52436","created_at":"2014-08-01T10:51:00.498Z","updated_at":"2014-08-01T10:51:00.498Z"},{"id":92868,"title":"Count per Day 3.2.5 - counter.php HTTP Referer Header XSS","url":"http://packetstormsecurity.com/files/120870/","osvdb":"91491","exploitdb":"24859","created_at":"2014-08-01T10:51:00.552Z","updated_at":"2014-08-01T10:51:00.552Z"},{"id":92869,"title":"Count Per Day 3.2.3 - notes.php Malformed Requests Remote DoS","url":"http://packetstormsecurity.com/files/120631/,http://seclists.org/fulldisclosure/2013/Mar/43","osvdb":"90833","created_at":"2014-08-01T10:51:00.606Z","updated_at":"2014-08-01T10:51:00.606Z"},{"id":92870,"title":"Count Per Day 3.2.3 - Multiple Script Direct Request Path Disclosure","url":"http://packetstormsecurity.com/files/120631/,http://seclists.org/fulldisclosure/2013/Mar/43","osvdb":"90832","created_at":"2014-08-01T10:51:00.661Z","updated_at":"2014-08-01T10:51:00.661Z"},{"id":92871,"title":"Count Per Day 3.2.3 - notes.php note Parameter XSS","url":"http://packetstormsecurity.com/files/115904/","osvdb":"84933","secunia":"50450","exploitdb":"20862","created_at":"2014-08-01T10:51:00.715Z","updated_at":"2014-08-01T10:51:00.715Z"},{"id":92872,"title":"Count Per Day 3.2.2 - notes.php note Parameter XSS","osvdb":"84920","secunia":"50419","created_at":"2014-08-01T10:51:00.766Z","updated_at":"2014-08-01T10:51:00.766Z","fixed_in":"3.2.3"},{"id":92873,"title":"Count Per Day 3.1.1 - userperspan.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/114787/,http://www.securityfocus.com/bid/54258","osvdb":"83491","cve":"2012-3434","secunia":"49692","created_at":"2014-08-01T10:51:00.828Z","updated_at":"2014-08-01T10:51:00.828Z","fixed_in":"3.2"},{"id":92874,"title":"Count Per Day \u003c= 3.1 - download.php f Parameter Traversal Arbitrary File Access","url":"http://xforce.iss.net/xforce/xfdb/72385,http://packetstormsecurity.org/files/108631/","osvdb":"78270","secunia":"47529","exploitdb":"18355","created_at":"2014-08-01T10:51:00.896Z","updated_at":"2014-08-01T10:51:00.896Z","fixed_in":"3.1.1"},{"id":92875,"title":"Count Per Day \u003c= 3.1 - map.php map Parameter XSS","url":"http://xforce.iss.net/xforce/xfdb/72385,http://packetstormsecurity.org/files/108631/","osvdb":"78271","secunia":"47529","exploitdb":"18355","created_at":"2014-08-01T10:51:00.959Z","updated_at":"2014-08-01T10:51:00.959Z","fixed_in":"3.1.1"},{"id":92876,"title":"Count per Day \u003c= 2.17 - SQL Injection Vulnerability","osvdb":"75598","secunia":"46051","exploitdb":"17857","created_at":"2014-08-01T10:51:01.022Z","updated_at":"2014-08-01T10:51:01.022Z","fixed_in":"3.0"}]}},{"wp-autoyoutube":{"vulnerabilities":[{"id":92877,"title":"WP-AutoYoutube \u003c= 0.1 - Blind SQL Injection Vulnerability","url":"http://1337day.com/exploit/17368","created_at":"2014-08-01T10:51:01.085Z","updated_at":"2014-08-01T10:51:01.085Z"}]}},{"age-verification":{"vulnerabilities":[{"id":92878,"title":"Age Verification \u003c= 0.4 - Open Redirect","osvdb":"82584","cve":"2012-6499","exploitdb":"18350","created_at":"2014-08-01T10:51:01.136Z","updated_at":"2014-08-01T10:51:01.136Z"}]}},{"yousaytoo-auto-publishing-plugin":{"vulnerabilities":[{"id":92879,"title":"Yousaytoo Auto Publishing \u003c= 1.0 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/108470/","created_at":"2014-08-01T10:51:01.189Z","updated_at":"2014-08-01T10:51:01.189Z"}]}},{"pay-with-tweet":{"vulnerabilities":[{"id":92880,"title":"Pay With Tweet \u003c= 1.1 - Multiple Vulnerabilities","exploitdb":"18330","created_at":"2014-08-01T10:51:01.239Z","updated_at":"2014-08-01T10:51:01.239Z"}]}},{"wp-whois":{"vulnerabilities":[{"id":92881,"title":"Whois Search \u003c= 1.4.2 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/108271/","created_at":"2014-08-01T10:51:01.305Z","updated_at":"2014-08-01T10:51:01.305Z"}]}},{"upm-polls":{"vulnerabilities":[{"id":92882,"title":"UPM-POLLS 1.0.4 - BLIND SQL injection","exploitdb":"18231","created_at":"2014-08-01T10:51:01.359Z","updated_at":"2014-08-01T10:51:01.359Z"}]}},{"disqus-comment-system":{"vulnerabilities":[{"id":92883,"title":"Disqus \u003c= 2.75 - Remote Code Execution Vuln","url":"http://blog.sucuri.net/2014/06/anatomy-of-a-remote-code-execution-bug-on-disqus.html","created_at":"2014-08-01T10:51:01.409Z","updated_at":"2014-08-01T10:51:01.409Z","fixed_in":"2.76"},{"id":92884,"title":"Disqus Comment System \u003c= 2.68 - Reflected Cross-Site Scripting (XSS)","url":"http://www.ethicalhack3r.co.uk/security/wordpress-plugin-disqus-comment-system-xss/","created_at":"2014-08-01T10:51:01.472Z","updated_at":"2014-08-01T10:51:01.472Z","fixed_in":"2.69"},{"id":92885,"title":"Disqus Blog Comments - Blind SQL Injection Vulnerability","osvdb":"85935","exploitdb":"20913","created_at":"2014-08-01T10:51:01.554Z","updated_at":"2014-08-01T10:51:01.554Z"}]}},{"wp-recaptcha":{"vulnerabilities":[{"id":92886,"title":"Google reCAPTCHA \u003c= 3.1.3 - Reflected XSS Vulnerability","url":"http://security-sh3ll.blogspot.com/2011/12/google-recaptcha-wordpress-plugin.html","created_at":"2014-08-01T10:51:01.607Z","updated_at":"2014-08-01T10:51:01.607Z","fixed_in":"3.1.4"}]}},{"link-library":{"vulnerabilities":[{"id":92887,"title":"Link Library 5.8.0.9 - Multiple Unspecified Issues","osvdb":"102842","created_at":"2014-08-01T10:51:01.667Z","updated_at":"2014-08-01T10:51:01.667Z","fixed_in":"5.8.1"},{"id":92888,"title":"Link Library 5.1.6 - link-library-ajax.php Multiple Parameter SQL Injection","osvdb":"102804","created_at":"2014-08-01T10:51:01.730Z","updated_at":"2014-08-01T10:51:01.730Z","fixed_in":"5.1.7"},{"id":92889,"title":"Link Library 5.0.8 - wp-content/plugins/link-library/tracker.php id Parameter XSS","osvdb":"74561","secunia":"45588","created_at":"2014-08-01T10:51:01.796Z","updated_at":"2014-08-01T10:51:01.796Z","fixed_in":"5.0.9"},{"id":92890,"title":"Link Library 5.0.8 - wp-content/plugins/link-library/tracker.php id Parameter SQL Injection","osvdb":"74562","secunia":"45588","created_at":"2014-08-01T10:51:01.860Z","updated_at":"2014-08-01T10:51:01.860Z","fixed_in":"5.0.9"},{"id":92891,"title":"Link Library \u003c= 5.2.1 - SQL Injection","osvdb":"84579","exploitdb":"17887","created_at":"2014-08-01T10:51:01.926Z","updated_at":"2014-08-01T10:51:01.926Z","fixed_in":"5.7.9.7"}]}},{"cevhershare":{"vulnerabilities":[{"id":92892,"title":"CevherShare 2.0 - SQL Injection Vulnerability","exploitdb":"17891","created_at":"2014-08-01T10:51:01.999Z","updated_at":"2014-08-01T10:51:01.999Z"}]}},{"meenews":{"vulnerabilities":[{"id":92893,"title":"meenews 5.1 - Cross-Site Scripting Vulnerabilities","url":"http://seclists.org/bugtraq/2011/Nov/151","created_at":"2014-08-01T10:51:02.055Z","updated_at":"2014-08-01T10:51:02.055Z"}]}},{"clickdesk-live-support-chat":{"vulnerabilities":[{"id":92894,"title":"Click Desk Live Support Chat - Cross Site Scripting Vulnerability","url":"http://seclists.org/bugtraq/2011/Nov/148","created_at":"2014-08-01T10:51:02.107Z","updated_at":"2014-08-01T10:51:02.107Z","fixed_in":"2.0"}]}},{"adminimize":{"vulnerabilities":[{"id":92895,"title":"adminimize 1.7.21 - 'page' Parameter Cross Site Scripting Vulnerability","url":"http://www.securityfocus.com/bid/50745,http://seclists.org/bugtraq/2011/Nov/135","osvdb":"77472","cve":"2011-4926","created_at":"2014-08-01T10:51:02.168Z","updated_at":"2014-08-01T10:51:02.168Z","fixed_in":"1.7.22"}]}},{"advanced-text-widget":{"vulnerabilities":[{"id":92896,"title":"Advanced Text Widget \u003c= 2.0.0 - Cross Site Scripting Vulnerability","url":"http://seclists.org/bugtraq/2011/Nov/133","created_at":"2014-08-01T10:51:02.233Z","updated_at":"2014-08-01T10:51:02.233Z"}]}},{"mm-duplicate":{"vulnerabilities":[{"id":92897,"title":"MM Duplicate \u003c= 1.2 - SQL Injection Vulnerability","exploitdb":"17707","created_at":"2014-08-01T10:51:02.294Z","updated_at":"2014-08-01T10:51:02.294Z"}]}},{"wp-menu-creator":{"vulnerabilities":[{"id":92898,"title":"Menu Creator \u003c= 1.1.7 - SQL Injection Vulnerability","exploitdb":"17689","created_at":"2014-08-01T10:51:02.350Z","updated_at":"2014-08-01T10:51:02.350Z"}]}},{"allow-php-in-posts-and-pages":{"vulnerabilities":[{"id":92899,"title":"Allow PHP in Posts and Pages \u003c= 2.0.0.RC2 - SQL Injection Vulnerability","exploitdb":"17688","created_at":"2014-08-01T10:51:02.402Z","updated_at":"2014-08-01T10:51:02.402Z","fixed_in":"2.1.0"}]}},{"global-content-blocks":{"vulnerabilities":[{"id":92900,"title":"Global Content Blocks \u003c= 1.2 - SQL Injection Vulnerability","exploitdb":"17687","created_at":"2014-08-01T10:51:02.462Z","updated_at":"2014-08-01T10:51:02.462Z"}]}},{"ajaxgallery":{"vulnerabilities":[{"id":92901,"title":"Ajax Gallery \u003c= 3.0 - SQL Injection Vulnerability","exploitdb":"17686","created_at":"2014-08-01T10:51:02.517Z","updated_at":"2014-08-01T10:51:02.517Z"}]}},{"wp-ds-faq":{"vulnerabilities":[{"id":92902,"title":"WP DS FAQ \u003c= 1.3.2 - ajax.php id Parameter SQL Injection","osvdb":"74574","secunia":"45640","exploitdb":"17683","created_at":"2014-08-01T10:51:02.568Z","updated_at":"2014-08-01T10:51:02.568Z"}]}},{"wp-ds-faq-plus":{"vulnerabilities":[{"id":92903,"title":"WP DS FAQ Plus 1.0.12 - Multiple Unspecified Issues","osvdb":"106614","created_at":"2014-08-01T10:51:02.618Z","updated_at":"2014-08-01T10:51:02.618Z","fixed_in":"1.0.13"},{"id":92904,"title":"WP DS FAQ Plus 1.0.11 - Multiple Unspecified Issues","osvdb":"106615","created_at":"2014-08-01T10:51:02.677Z","updated_at":"2014-08-01T10:51:02.677Z","fixed_in":"1.0.12"},{"id":92905,"title":"WP DS FAQ Plus 1.0.3 - Multiple Unspecified CSRF","osvdb":"106618","created_at":"2014-08-01T10:51:02.742Z","updated_at":"2014-08-01T10:51:02.742Z","fixed_in":"1.0.3"},{"id":92906,"title":"WP DS FAQ Plus - Unspecified SQL Injection","osvdb":"106724","created_at":"2014-08-01T10:51:02.808Z","updated_at":"2014-08-01T10:51:02.808Z","fixed_in":"1.0.0"}]}},{"odihost-newsletter-plugin":{"vulnerabilities":[{"id":92907,"title":"OdiHost Newsletter \u003c= 1.0 - SQL Injection Vulnerability","exploitdb":"17681","created_at":"2014-08-01T10:51:02.870Z","updated_at":"2014-08-01T10:51:02.870Z"}]}},{"easy-contact-form-lite":{"vulnerabilities":[{"id":92908,"title":"Easy Contact Form Lite \u003c= 1.0.7 - SQL Injection Vulnerability","exploitdb":"17680","created_at":"2014-08-01T10:51:02.923Z","updated_at":"2014-08-01T10:51:02.923Z"}]}},{"wp-symposium":{"vulnerabilities":[{"id":92909,"title":"WP Symposium 13.04 - invite.php u Parameter Arbitrary Site Redirect","osvdb":"92274","cve":"2013-2694","secunia":"52925","created_at":"2014-08-01T10:51:02.974Z","updated_at":"2014-08-01T10:51:02.974Z"},{"id":92910,"title":"WP Symposium 13.02 - wp-symposium/invite.php u Parameter XSS","osvdb":"92275","cve":"2013-2695","secunia":"52864","created_at":"2014-08-01T10:51:03.028Z","updated_at":"2014-08-01T10:51:03.028Z","fixed_in":"13.04"},{"id":92911,"title":"WP Symposium \u003c= 12.09 - ajax/symposium_groups_functions.php gid Parameter SQL Injection","url":"http://www.securityfocus.com/bid/57478,http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/","osvdb":"89455","secunia":"50674","created_at":"2014-08-01T10:51:03.087Z","updated_at":"2014-08-01T10:51:03.087Z","fixed_in":"12.12"},{"id":92912,"title":"WP Symposium \u003c= 12.09 - index.php uid Parameter SQL Injection","url":"http://www.securityfocus.com/bid/57478,http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/","osvdb":"89456","secunia":"50674","created_at":"2014-08-01T10:51:03.155Z","updated_at":"2014-08-01T10:51:03.155Z","fixed_in":"12.12"},{"id":92913,"title":"WP Symposium \u003c= 12.09 - ajax/symposium_profile_functions.php friend_to Parameter SQL Injection","url":"http://www.securityfocus.com/bid/57478,http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/","osvdb":"89457","secunia":"50674","created_at":"2014-08-01T10:51:03.220Z","updated_at":"2014-08-01T10:51:03.220Z","fixed_in":"12.12"},{"id":92914,"title":"WP Symposium \u003c= 12.09 - ajax/symposium_forum_functions.php Multiple Parameter SQL Injection","url":"http://www.securityfocus.com/bid/57478,http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/","osvdb":"89458","secunia":"50674","created_at":"2014-08-01T10:51:03.282Z","updated_at":"2014-08-01T10:51:03.282Z","fixed_in":"12.12"},{"id":92915,"title":"WP Symposium \u003c= 12.09 - get_album_item.php size Parameter SQL Injection","url":"http://www.securityfocus.com/bid/57478,http://ceriksen.com/2013/02/18/wp-symposium-multiple-sql-injection/","osvdb":"89459","secunia":"50674","created_at":"2014-08-01T10:51:03.359Z","updated_at":"2014-08-01T10:51:03.359Z","fixed_in":"12.12"},{"id":92916,"title":"WP Symposium \u003c= 12.07.07 - ajax/symposium_ajax_functions.php Authentication Bypass","osvdb":"83696","secunia":"49791","created_at":"2014-08-01T10:51:03.420Z","updated_at":"2014-08-01T10:51:03.420Z"},{"id":92917,"title":"WP Symposium \u003c= 12.06.16 - ajax/symposium_forum_functions.php tid Parameter SQL Injection","osvdb":"83662","secunia":"49534","created_at":"2014-08-01T10:51:03.473Z","updated_at":"2014-08-01T10:51:03.473Z","fixed_in":"12.07.01"},{"id":92918,"title":"WP Symposium \u003c= 12.06.16 - ajax/symposium_group_functions.php uid1 Parameter SQL Injection","osvdb":"83663","secunia":"49534","created_at":"2014-08-01T10:51:03.535Z","updated_at":"2014-08-01T10:51:03.535Z","fixed_in":"12.07.01"},{"id":92919,"title":"WP Symposium \u003c= 12.06.16 - ajax/symposium_bar_functions.php chat_to Parameter SQL Injection","osvdb":"83668","secunia":"49534","created_at":"2014-08-01T10:51:03.598Z","updated_at":"2014-08-01T10:51:03.598Z","fixed_in":"12.07.01"},{"id":92920,"title":"WP Symposium \u003c= 12.06.16 - ajax/symposium_mail_functions.php Multiple Parameter SQL Injection","osvdb":"83675","secunia":"49534","created_at":"2014-08-01T10:51:03.666Z","updated_at":"2014-08-01T10:51:03.666Z","fixed_in":"12.07.01"},{"id":92921,"title":"WP Symposium \u003c= 11.11.26 - uploadify/upload_admin_avatar.php File Upload Remote PHP Code Execution","url":"http://xforce.iss.net/xforce/xfdb/72012","osvdb":"78041","cve":"2011-5051","secunia":"46097","created_at":"2014-08-01T10:51:03.728Z","updated_at":"2014-08-01T10:51:03.728Z","fixed_in":"11.12.24"},{"id":92922,"title":"WP Symposium \u003c= 11.11.26 - uploadify/upload_profile_avatar.php File Upload Remote PHP Code Execution","url":"http://xforce.iss.net/xforce/xfdb/72012","osvdb":"78042","cve":"2011-5051","secunia":"46097","created_at":"2014-08-01T10:51:03.790Z","updated_at":"2014-08-01T10:51:03.790Z","fixed_in":"11.12.24"},{"id":92923,"title":"WP Symposium \u003c= 11.11.26 - uploadify/get_profile_avatar.php uid Parameter XSS","url":"http://www.securityfocus.com/bid/51017,http://xforce.iss.net/xforce/xfdb/71748","osvdb":"77634","cve":"2011-3841","secunia":"47243","created_at":"2014-08-01T10:51:03.867Z","updated_at":"2014-08-01T10:51:03.867Z","fixed_in":"11.12.08"},{"id":92924,"title":"WP Symposium \u003c= 0.64 - uploadify/get_profile_avatar.php uid Parameter SQL Injection","osvdb":"74664","secunia":"47243","exploitdb":"17679","created_at":"2014-08-01T10:51:03.950Z","updated_at":"2014-08-01T10:51:03.950Z","fixed_in":"11.08.18"}]}},{"file-groups":{"vulnerabilities":[{"id":92925,"title":"File Groups \u003c= 1.1.2 - SQL Injection Vulnerability","exploitdb":"17677","created_at":"2014-08-01T10:51:04.045Z","updated_at":"2014-08-01T10:51:04.045Z"}]}},{"ip-logger":{"vulnerabilities":[{"id":92926,"title":"IP-Logger \u003c= 3.0 - SQL Injection Vulnerability","exploitdb":"17673","created_at":"2014-08-01T10:51:04.105Z","updated_at":"2014-08-01T10:51:04.105Z"}]}},{"beer-recipes":{"vulnerabilities":[{"id":92927,"title":"Beer Recipes 1.0 - XSS","exploitdb":"17453","created_at":"2014-08-01T10:51:04.161Z","updated_at":"2014-08-01T10:51:04.161Z"}]}},{"is-human":{"vulnerabilities":[{"id":92928,"title":"Is-human \u003c= 1.4.2 - Remote Command Execution Vulnerability","exploitdb":"17299","created_at":"2014-08-01T10:51:04.215Z","updated_at":"2014-08-01T10:51:04.215Z"}]}},{"editormonkey":{"vulnerabilities":[{"id":92929,"title":"EditorMonkey - (FCKeditor) Arbitrary File Upload","exploitdb":"17284","created_at":"2014-08-01T10:51:04.266Z","updated_at":"2014-08-01T10:51:04.266Z"}]}},{"sermon-browser":{"vulnerabilities":[{"id":92930,"title":"SermonBrowser 0.43 - SQL Injection","exploitdb":"17214","created_at":"2014-08-01T10:51:04.324Z","updated_at":"2014-08-01T10:51:04.324Z"}]}},{"ajax-category-dropdown":{"vulnerabilities":[{"id":92931,"title":"Ajax Category Dropdown 0.1.5 - Multiple Vulnerabilities","exploitdb":"17207","created_at":"2014-08-01T10:51:04.397Z","updated_at":"2014-08-01T10:51:04.397Z"}]}},{"wp-custom-pages":{"vulnerabilities":[{"id":92932,"title":"WP Custom Pages 0.5.0.1 - LFI Vulnerability","exploitdb":"17119","created_at":"2014-08-01T10:51:04.460Z","updated_at":"2014-08-01T10:51:04.460Z"}]}},{"flash-album-gallery":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"},{"id":92933,"title":"GRAND Flash Album Gallery 2.70- \"s\" Cross-Site Scripting Vulnerability","osvdb":"93714","cve":"2013-3261","secunia":"53111","created_at":"2014-08-01T10:51:04.577Z","updated_at":"2014-08-01T10:51:04.577Z","fixed_in":"2.72"},{"id":92934,"title":"GRAND Flash Album Gallery 2.55 - \"gid\" SQL Injection Vulnerability","osvdb":"93087","secunia":"53356","created_at":"2014-08-01T10:51:04.638Z","updated_at":"2014-08-01T10:51:04.638Z","fixed_in":"2.56"},{"id":92935,"title":"GRAND Flash Album Gallery - Multiple Vulnerabilities","secunia":"51100","created_at":"2014-08-01T10:51:04.701Z","updated_at":"2014-08-01T10:51:04.701Z","fixed_in":"2.17"},{"id":92936,"title":"GRAND Flash Album Gallery 1.9.0 and 2.0.0 - Multiple Vulnerabilities","url":"http://packetstormsecurity.com/files/117665/,http://www.waraxe.us/advisory-94.html","secunia":"51601","created_at":"2014-08-01T10:51:04.767Z","updated_at":"2014-08-01T10:51:04.767Z"},{"id":92937,"title":"GRAND Flash Album Gallery \u003c= 1.71 - wp-admin/admin.php skin Parameter XSS","url":"http://packetstormsecurity.com/files/112704/","osvdb":"81923","created_at":"2014-08-01T10:51:04.822Z","updated_at":"2014-08-01T10:51:04.822Z","fixed_in":"1.76"},{"id":92938,"title":"GRAND Flash Album Gallery \u003c= 1.56 - XSS Vulnerability","url":"http://seclists.org/bugtraq/2011/Nov/186","created_at":"2014-08-01T10:51:04.882Z","updated_at":"2014-08-01T10:51:04.882Z"},{"id":92939,"title":"GRAND Flash Album Gallery 0.55 - lib/hitcounter.php pid Parameter SQL Injection","osvdb":"71072","secunia":"43648","exploitdb":"16947","created_at":"2014-08-01T10:51:04.940Z","updated_at":"2014-08-01T10:51:04.940Z"},{"id":92940,"title":"GRAND Flash Album Gallery 0.55 - admin/news.php want2Read Parameter Traversal Arbitrary File Access","osvdb":"71073","secunia":"43648","exploitdb":"16947","created_at":"2014-08-01T10:51:04.993Z","updated_at":"2014-08-01T10:51:04.993Z"}]}},{"php_speedy_wp":{"vulnerabilities":[{"id":92941,"title":"PHP Speedy \u003c= 0.5.2 - (admin_container.php) Remote Code Exec Exploit","exploitdb":"16273","created_at":"2014-08-01T10:51:05.044Z","updated_at":"2014-08-01T10:51:05.044Z"}]}},{"old-post-spinner":{"vulnerabilities":[{"id":92942,"title":"OPS Old Post Spinner 2.2.1 - LFI Vulnerability","exploitdb":"16251","created_at":"2014-08-01T10:51:05.098Z","updated_at":"2014-08-01T10:51:05.098Z"}]}},{"jquery-mega-menu":{"vulnerabilities":[{"id":92943,"title":"jQuery Mega Menu 1.0 - Local File Inclusion","exploitdb":"16250","created_at":"2014-08-01T10:51:05.149Z","updated_at":"2014-08-01T10:51:05.149Z"}]}},{"iwant-one-ihave-one":{"vulnerabilities":[{"id":92944,"title":"IWantOneButton 3.0.1 - Multiple Vulnerabilities","exploitdb":"16236","created_at":"2014-08-01T10:51:05.200Z","updated_at":"2014-08-01T10:51:05.200Z"}]}},{"forum-server":{"vulnerabilities":[{"id":92945,"title":"WP Forum Server \u003c= 1.7.3 - wpf-insert.php edit_post_id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/112703/","osvdb":"75463","cve":"2012-6625","secunia":"45974","created_at":"2014-08-01T10:51:05.252Z","updated_at":"2014-08-01T10:51:05.252Z","fixed_in":"1.7.4"},{"id":92946,"title":"WP Forum Server \u003c= 1.7.3 - fs-admin/wpf-add-forum.php groupid Parameter XSS","url":"http://packetstormsecurity.com/files/112703/,http://www.securityfocus.com/bid/65215","osvdb":"102185","cve":"2012-6623","secunia":"49167","created_at":"2014-08-01T10:51:05.335Z","updated_at":"2014-08-01T10:51:05.335Z"},{"id":92947,"title":"WP Forum Server \u003c= 1.7.3 - fs-admin/fs-admin.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/112703/","osvdb":"81914","cve":"2012-6622","secunia":"49155","created_at":"2014-08-01T10:51:05.387Z","updated_at":"2014-08-01T10:51:05.387Z"},{"id":92948,"title":"WP Forum Server \u003c= 1.7 - SQL Injection Vulnerability","exploitdb":"17828","created_at":"2014-08-01T10:51:05.442Z","updated_at":"2014-08-01T10:51:05.442Z"},{"id":92949,"title":"WP Forum Server 1.6.5 - feed.php topic Parameter SQL Injection","url":"http://www.securityfocus.com/bid/46360,http://www.securityfocus.com/bid/46362","osvdb":"70994","cve":"2011-1047","secunia":"43306","exploitdb":"16235","created_at":"2014-08-01T10:51:05.492Z","updated_at":"2014-08-01T10:51:05.492Z"},{"id":92950,"title":"WP Forum Server 1.6.5 - index.php Multiple Parameter SQL Injection","url":"http://www.securityfocus.com/bid/46362","osvdb":"70993","cve":"2011-1047","secunia":"43306","exploitdb":"16235","created_at":"2014-08-01T10:51:05.542Z","updated_at":"2014-08-01T10:51:05.542Z"}]}},{"relevanssi":{"vulnerabilities":[{"id":92951,"title":"Relevanssi 3.2 - Unspecified SQL Injection","url":"http://www.securityfocus.com/bid/65960","osvdb":"104014","secunia":"56641","created_at":"2014-08-01T10:51:05.596Z","updated_at":"2014-08-01T10:51:05.596Z","fixed_in":"3.3"},{"id":92952,"title":"Relevanssi 2.7.2 - Stored XSS Vulnerability","osvdb":"71236","secunia":"43461","exploitdb":"16233","created_at":"2014-08-01T10:51:05.660Z","updated_at":"2014-08-01T10:51:05.660Z","fixed_in":"2.7.3"}]}},{"gigpress":{"vulnerabilities":[{"id":92953,"title":"GigPress 2.1.10 - Stored XSS Vulnerability","exploitdb":"16232","created_at":"2014-08-01T10:51:05.725Z","updated_at":"2014-08-01T10:51:05.725Z"}]}},{"comment-rating":{"vulnerabilities":[{"id":92954,"title":"Comment Rating 2.9.32 - Security Bypass Weakness and SQL Injection","url":"http://packetstormsecurity.com/files/120569/","osvdb":"90676","secunia":"52348","exploitdb":"24552","created_at":"2014-08-01T10:51:05.781Z","updated_at":"2014-08-01T10:51:05.781Z"},{"id":92955,"title":"Comment Rating 2.9.23 - Multiple Vulnerabilities","osvdb":"71044","secunia":"43406","exploitdb":"16221","created_at":"2014-08-01T10:51:05.832Z","updated_at":"2014-08-01T10:51:05.832Z","fixed_in":"2.9.24"}]}},{"z-vote":{"vulnerabilities":[{"id":92956,"title":"Z-Vote 1.1 - SQL Injection Vulnerability","exploitdb":"16218","created_at":"2014-08-01T10:51:05.896Z","updated_at":"2014-08-01T10:51:05.896Z"}]}},{"user-photo":{"vulnerabilities":[{"id":92957,"title":"User Photo - Component Remote File Upload Vulnerability","osvdb":"71071","cve":"2013-1916","exploitdb":"16181","created_at":"2014-08-01T10:51:05.949Z","updated_at":"2014-08-01T10:51:05.949Z","fixed_in":"0.9.5"}]}},{"enable-media-replace":{"vulnerabilities":[{"id":92958,"title":"Enable Media Replace - Multiple Vulnerabilities","exploitdb":"16144","created_at":"2014-08-01T10:51:06.011Z","updated_at":"2014-08-01T10:51:06.011Z"}]}},{"mingle-forum":{"vulnerabilities":[{"id":92959,"title":"Mingle Forum \u003c= 1.0.32.1 - Cross Site Scripting / SQL Injection","url":"http://packetstormsecurity.com/files/108915/","created_at":"2014-08-01T10:51:06.064Z","updated_at":"2014-08-01T10:51:06.064Z"},{"id":92960,"title":"Mingle Forum \u003c= 1.0.31 - SQL Injection Vulnerability","exploitdb":"17894","created_at":"2014-08-01T10:51:06.118Z","updated_at":"2014-08-01T10:51:06.118Z"},{"id":92961,"title":"Mingle Forum \u003c= 1.0.26 - Multiple Vulnerabilities","exploitdb":"15943","created_at":"2014-08-01T10:51:06.168Z","updated_at":"2014-08-01T10:51:06.168Z"},{"id":92962,"title":"Mingle Forum \u003c= 1.0.33 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112696/","secunia":"49171","created_at":"2014-08-01T10:51:06.222Z","updated_at":"2014-08-01T10:51:06.222Z","fixed_in":"1.0.33.2"},{"id":92963,"title":"Mingle Forum 1.0.33.3 - fs-admin.php togroupusers Parameter XSS","osvdb":"90432","cve":"2013-0734","secunia":"52167","created_at":"2014-08-01T10:51:06.282Z","updated_at":"2014-08-01T10:51:06.282Z","fixed_in":"1.0.34"},{"id":92964,"title":"Mingle Forum 1.0.33.3 - wpf.class.php search_words Parameter XSS","osvdb":"90433","cve":"2013-0734","secunia":"52167","created_at":"2014-08-01T10:51:06.350Z","updated_at":"2014-08-01T10:51:06.350Z","fixed_in":"1.0.34"},{"id":92965,"title":"Mingle Forum 1.0.33.3 - wpf.class.php Multiple Parameter SQL Injection","osvdb":"90434","cve":"2013-0735","secunia":"52167","created_at":"2014-08-01T10:51:06.415Z","updated_at":"2014-08-01T10:51:06.415Z","fixed_in":"1.0.34"},{"id":92966,"title":"Mingle Forum 1.0.35 - Privilege Escalation CSRF","osvdb":"96905","cve":"2013-0736","secunia":"47687","created_at":"2014-08-01T10:51:06.478Z","updated_at":"2014-08-01T10:51:06.478Z"}]}},{"accept-signups":{"vulnerabilities":[{"id":92967,"title":"Accept Signups 0.1 - XSS","exploitdb":"15808","created_at":"2014-08-01T10:51:06.536Z","updated_at":"2014-08-01T10:51:06.536Z"}]}},{"events-manager-extended":{"vulnerabilities":[{"id":92968,"title":"Events Manager Extended - Persistent XSS Vulnerability","exploitdb":"14923","created_at":"2014-08-01T10:51:06.587Z","updated_at":"2014-08-01T10:51:06.587Z"}]}},{"nextgen-smooth-gallery":{"vulnerabilities":[{"id":92969,"title":"NextGEN Smooth Gallery - Blind SQL Injection Vulnerability","exploitdb":"14541","created_at":"2014-08-01T10:51:06.636Z","updated_at":"2014-08-01T10:51:06.636Z"},{"id":92970,"title":"NextGen Smooth Gallery - XSS","url":"http://packetstormsecurity.com/files/123074/","created_at":"2014-08-01T10:51:06.686Z","updated_at":"2014-08-01T10:51:06.686Z"}]}},{"mylinksdump":{"vulnerabilities":[{"id":92971,"title":"myLDlinker - SQL Injection Vulnerability","exploitdb":"14441","created_at":"2014-08-01T10:51:06.739Z","updated_at":"2014-08-01T10:51:06.739Z"}]}},{"firestats":{"vulnerabilities":[{"id":92972,"title":"Firestats - Remote Configuration File Download","exploitdb":"14308","created_at":"2014-08-01T10:51:06.789Z","updated_at":"2014-08-01T10:51:06.789Z"}]}},{"simple-press":{"vulnerabilities":[{"id":92973,"title":"Simple Press - SQL Injection Vulnerability","exploitdb":"14198","created_at":"2014-08-01T10:51:06.848Z","updated_at":"2014-08-01T10:51:06.848Z"}]}},{"cimy-counter":{"vulnerabilities":[{"id":92974,"title":"Cimy Counter - Vulnerabilities","exploitdb":"14057","created_at":"2014-08-01T10:51:06.902Z","updated_at":"2014-08-01T10:51:06.902Z"}]}},{"nextgen-gallery":{"vulnerabilities":[{"id":92975,"title":"NextGEN Gallery \u0026 2.0.66 - Arbitrary File Upload (the user must have upload privileges)","url":"http://packetstormsecurity.com/files/127340/wpnextgen2063-shell.txt","created_at":"2014-08-01T10:51:06.953Z","updated_at":"2014-08-01T10:51:06.953Z","fixed_in":"2.0.66"},{"id":92976,"title":"NextGEN Gallery 2.0.0 - Directory Traversal","url":"http://seclists.org/fulldisclosure/2014/Feb/171,https://security.dxw.com/advisories/directory-traversal-in-nextgen-gallery-2-0-0/","osvdb":"103473","created_at":"2014-08-01T10:51:07.015Z","updated_at":"2014-08-01T10:51:07.015Z","fixed_in":"2.0.7"},{"id":92977,"title":"NextGEN Gallery - SWF Vulnerable to XSS","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","secunia":"51271","created_at":"2014-08-01T10:51:07.077Z","updated_at":"2014-08-01T10:51:07.077Z","fixed_in":"1.9.8"},{"id":92978,"title":"NextGEN Gallery - swfupload.swf Multiple Cross Site Scripting Vulnerabilities","url":"http://www.securityfocus.com/bid/60433","created_at":"2014-08-01T10:51:07.137Z","updated_at":"2014-08-01T10:51:07.137Z"},{"id":92979,"title":"NextGEN Gallery 1.9.12 - Arbitrary File Upload","url":"http://wordpress.org/plugins/nextgen-gallery/changelog/","osvdb":"94232","cve":"2013-3684","created_at":"2014-08-01T10:51:07.198Z","updated_at":"2014-08-01T10:51:07.198Z","fixed_in":"1.9.13"},{"id":92980,"title":"NextGEN Gallery 1.9.11 - xml/json.php Crafted Request Parsing Path Disclosure","osvdb":"90242","cve":"2013-0291","secunia":"52137","created_at":"2014-08-01T10:51:07.266Z","updated_at":"2014-08-01T10:51:07.266Z"},{"id":92981,"title":"NextGEN Gallery 1.9.5 - gallerypath Parameter Stored XSS","osvdb":"97690","created_at":"2014-08-01T10:51:07.331Z","updated_at":"2014-08-01T10:51:07.331Z"},{"id":92982,"title":"NextGEN Gallery \u003c= 1.9.0 - admin/manage-galleries.php paged Parameter XSS","osvdb":"78363","secunia":"47588","created_at":"2014-08-01T10:51:07.383Z","updated_at":"2014-08-01T10:51:07.383Z","fixed_in":"1.9.1"},{"id":92983,"title":"NextGEN Gallery \u003c= 1.9.0 - admin/manage-images.php paged Parameter XSS","osvdb":"78364","secunia":"47588","created_at":"2014-08-01T10:51:07.449Z","updated_at":"2014-08-01T10:51:07.449Z","fixed_in":"1.9.1"},{"id":92984,"title":"NextGEN Gallery \u003c= 1.9.0 - admin/manage.php Multiple Parameter XSS","osvdb":"78365","secunia":"47588","created_at":"2014-08-01T10:51:07.518Z","updated_at":"2014-08-01T10:51:07.518Z","fixed_in":"1.9.1"},{"id":92985,"title":"NextGEN Gallery \u003c= 1.8.3 - wp-admin/admin.php search Parameter XSS","osvdb":"76576","secunia":"46602","created_at":"2014-08-01T10:51:07.587Z","updated_at":"2014-08-01T10:51:07.587Z","fixed_in":"1.8.4"},{"id":92986,"title":"NextGEN Gallery \u003c= 1.8.3 - Tag Deletion CSRF","osvdb":"76577","secunia":"46602","created_at":"2014-08-01T10:51:07.650Z","updated_at":"2014-08-01T10:51:07.650Z","fixed_in":"1.8.4"},{"id":92987,"title":"NextGEN Gallery \u003c= 1.7.3 - xml/ajax.php Path Disclosure","osvdb":"72023","created_at":"2014-08-01T10:51:07.713Z","updated_at":"2014-08-01T10:51:07.713Z","fixed_in":"1.7.4"},{"id":92988,"title":"NextGEN Gallery \u003c= 1.5.1 - xml/media-rss.php mode Parameter XSS","url":"http://www.securityfocus.com/bid/39250","osvdb":"63574","secunia":"39341","exploitdb":"12098","created_at":"2014-08-01T10:51:07.777Z","updated_at":"2014-08-01T10:51:07.777Z","fixed_in":"1.5.2"}]}},{"cpl":{"vulnerabilities":[{"id":92989,"title":"Copperleaf Photolog - SQL injection","exploitdb":"11458","created_at":"2014-08-01T10:51:07.843Z","updated_at":"2014-08-01T10:51:07.843Z"}]}},{"events-calendar":{"vulnerabilities":[{"id":92990,"title":"Events Calendar - SQL Injection Vulnerability","osvdb":"95677","exploitdb":"10929","created_at":"2014-08-01T10:51:07.896Z","updated_at":"2014-08-01T10:51:07.896Z","fixed_in":"6.7.10"},{"id":92991,"title":"Events Calendar - wp-admin/admin.php EC_id Parameter XSS","osvdb":"74705","secunia":"45717","created_at":"2014-08-01T10:51:07.955Z","updated_at":"2014-08-01T10:51:07.955Z","fixed_in":"6.7.12a"}]}},{"ImageManager":{"vulnerabilities":[{"id":92992,"title":"Image Manager - Shell Upload Vulnerability","exploitdb":"10325","created_at":"2014-08-01T10:51:08.017Z","updated_at":"2014-08-01T10:51:08.017Z"}]}},{"wp-cumulus":{"vulnerabilities":[{"id":92993,"title":"WP-Cumulus \u003c= 1.20 - Vulnerabilities","exploitdb":"10228","created_at":"2014-08-01T10:51:08.068Z","updated_at":"2014-08-01T10:51:08.068Z"},{"id":92994,"title":"WP-Cumulus - Cross Site Scripting Vulnerabily","url":"http://seclists.org/fulldisclosure/2011/Nov/340","created_at":"2014-08-01T10:51:08.122Z","updated_at":"2014-08-01T10:51:08.122Z","fixed_in":"1.23"}]}},{"wp-syntax":{"vulnerabilities":[{"id":92995,"title":"WP-Syntax \u003c 0.9.10 - Remote Command Execution","exploitdb":"9431","created_at":"2014-08-01T10:51:08.184Z","updated_at":"2014-08-01T10:51:08.184Z","fixed_in":"0.9.10"}]}},{"my-category-order":{"vulnerabilities":[{"id":92996,"title":"My Category Order \u003c= 2.8 - SQL Injection Vulnerability","exploitdb":"9150","created_at":"2014-08-01T10:51:08.246Z","updated_at":"2014-08-01T10:51:08.246Z"}]}},{"related-sites":{"vulnerabilities":[{"id":92997,"title":"Related Sites 2.1 - Blind SQL Injection Vulnerability","exploitdb":"9054","created_at":"2014-08-01T10:51:08.302Z","updated_at":"2014-08-01T10:51:08.302Z"}]}},{"dm-albums":{"vulnerabilities":[{"id":92633,"title":"SWF Vulnerable to XSS Bundled in Many WordPress Plugins","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","created_at":"2014-08-01T10:50:43.917Z","updated_at":"2014-08-01T10:50:43.917Z"},{"id":92998,"title":"DM Albums 1.9.2 - Remote File Disclosure Vulnerability","exploitdb":"9048","created_at":"2014-08-01T10:51:08.417Z","updated_at":"2014-08-01T10:51:08.417Z"},{"id":92999,"title":"DM Albums 1.9.2 - Remote File Inclusion Vuln","exploitdb":"9043","created_at":"2014-08-01T10:51:08.468Z","updated_at":"2014-08-01T10:51:08.468Z"}]}},{"photoracer":{"vulnerabilities":[{"id":93000,"title":"Photoracer 1.0 - (id) SQL Injection Vulnerability","exploitdb":"8961","created_at":"2014-08-01T10:51:08.518Z","updated_at":"2014-08-01T10:51:08.518Z"},{"id":93001,"title":"Photoracer \u003c= 1.0 - SQL Injection Vulnerability","exploitdb":"17720","created_at":"2014-08-01T10:51:08.569Z","updated_at":"2014-08-01T10:51:08.569Z"},{"id":93002,"title":"Photoracer \u003c= 1.0 - Multiple Vulnerabilities","exploitdb":"17731","created_at":"2014-08-01T10:51:08.619Z","updated_at":"2014-08-01T10:51:08.619Z"}]}},{"wp-lytebox":{"vulnerabilities":[{"id":93003,"title":"Lytebox - Local File Inclusion Vulnerability","exploitdb":"8791","created_at":"2014-08-01T10:51:08.674Z","updated_at":"2014-08-01T10:51:08.674Z"}]}},{"fmoblog":{"vulnerabilities":[{"id":93004,"title":"fMoblog 2.1 - (id) SQL Injection Vulnerability","exploitdb":"8229","created_at":"2014-08-01T10:51:08.725Z","updated_at":"2014-08-01T10:51:08.725Z"}]}},{"page-flip-image-gallery":{"vulnerabilities":[{"id":93005,"title":"Page Flip Image Gallery \u003c= 0.2.2 - Remote FD Vuln","url":"http://www.securityfocus.com/bid/32966,http://xforce.iss.net/xforce/xfdb/47568","osvdb":"50902","cve":"2008-5752","secunia":"33274","exploitdb":"7543","created_at":"2014-08-01T10:51:08.775Z","updated_at":"2014-08-01T10:51:08.775Z"}]}},{"wp-shopping-cart":{"vulnerabilities":[{"id":93006,"title":"e-Commerce \u003c= 3.4 - Arbitrary File Upload Exploit","exploitdb":"6867","created_at":"2014-08-01T10:51:08.824Z","updated_at":"2014-08-01T10:51:08.824Z"}]}},{"downloads-manager":{"vulnerabilities":[{"id":93007,"title":"Download Manager 0.2 - Arbitrary File Upload Exploit","exploitdb":"6127","created_at":"2014-08-01T10:51:08.888Z","updated_at":"2014-08-01T10:51:08.888Z"}]}},{"wpSS":{"vulnerabilities":[{"id":93008,"title":"Spreadsheet \u003c= 0.6 - SQL Injection Vulnerability","exploitdb":"5486","created_at":"2014-08-01T10:51:08.938Z","updated_at":"2014-08-01T10:51:08.938Z"}]}},{"wp-download":{"vulnerabilities":[{"id":93009,"title":"Download - (dl_id) SQL Injection Vulnerability","exploitdb":"5326","created_at":"2014-08-01T10:51:08.995Z","updated_at":"2014-08-01T10:51:08.995Z"}]}},{"sniplets":{"vulnerabilities":[{"id":93010,"title":"Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities","exploitdb":"5194","created_at":"2014-08-01T10:51:09.045Z","updated_at":"2014-08-01T10:51:09.045Z"}]}},{"wp-photo-album":{"vulnerabilities":[{"id":93011,"title":"Photo album - Remote SQL Injection Vulnerability","exploitdb":"5135","created_at":"2014-08-01T10:51:09.099Z","updated_at":"2014-08-01T10:51:09.099Z"}]}},{"sf-forum":{"vulnerabilities":[{"id":93012,"title":"Simple Forum 2.0-2.1 - SQL Injection Vulnerability","exploitdb":"5126","created_at":"2014-08-01T10:51:09.154Z","updated_at":"2014-08-01T10:51:09.154Z"},{"id":93013,"title":"Simple Forum 1.10-1.11 - SQL Injection Vulnerability","exploitdb":"5127","created_at":"2014-08-01T10:51:09.213Z","updated_at":"2014-08-01T10:51:09.213Z"}]}},{"st_newsletter":{"vulnerabilities":[{"id":93014,"title":"st_newsletter - Remote SQL Injection Vulnerability","exploitdb":"5053","created_at":"2014-08-01T10:51:09.262Z","updated_at":"2014-08-01T10:51:09.262Z"},{"id":93015,"title":"st_newsletter - (stnl_iframe.php) SQL Injection Vulnerability","exploitdb":"6777","created_at":"2014-08-01T10:51:09.328Z","updated_at":"2014-08-01T10:51:09.328Z"}]}},{"wordspew":{"vulnerabilities":[{"id":93016,"title":"Wordspew - Remote SQL Injection Vulnerability","exploitdb":"5039","created_at":"2014-08-01T10:51:09.377Z","updated_at":"2014-08-01T10:51:09.377Z"}]}},{"dmsguestbook":{"vulnerabilities":[{"id":93017,"title":"dmsguestbook 1.7.0 - Multiple Remote Vulnerabilities","exploitdb":"5035","created_at":"2014-08-01T10:51:09.433Z","updated_at":"2014-08-01T10:51:09.433Z"}]}},{"wassup":{"vulnerabilities":[{"id":93018,"title":"WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit","exploitdb":"5017","created_at":"2014-08-01T10:51:09.483Z","updated_at":"2014-08-01T10:51:09.483Z"}]}},{"wp-adserve":{"vulnerabilities":[{"id":93019,"title":"Adserve 0.2 - adclick.php SQL Injection Exploit","exploitdb":"5013","created_at":"2014-08-01T10:51:09.533Z","updated_at":"2014-08-01T10:51:09.533Z"}]}},{"fgallery":{"vulnerabilities":[{"id":93020,"title":"fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability","exploitdb":"4993","created_at":"2014-08-01T10:51:09.586Z","updated_at":"2014-08-01T10:51:09.586Z"}]}},{"wp-cal":{"vulnerabilities":[{"id":93021,"title":"WP-Cal 0.3 - editevent.php SQL Injection Vulnerability","exploitdb":"4992","created_at":"2014-08-01T10:51:09.653Z","updated_at":"2014-08-01T10:51:09.653Z"}]}},{"wpforum":{"vulnerabilities":[{"id":93022,"title":"plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability","exploitdb":"4939","created_at":"2014-08-01T10:51:09.716Z","updated_at":"2014-08-01T10:51:09.716Z"},{"id":93023,"title":"plugin WP-Forum 1.7.8 - Remote SQL Injection Vulnerability","exploitdb":"7738","created_at":"2014-08-01T10:51:09.773Z","updated_at":"2014-08-01T10:51:09.773Z"}]}},{"wp-filemanager":{"vulnerabilities":[{"id":93024,"title":"wp-FileManager 1.2 - Remote Upload Vulnerability","exploitdb":"4844","created_at":"2014-08-01T10:51:09.822Z","updated_at":"2014-08-01T10:51:09.822Z"},{"id":93025,"title":"wp-FileManager 1.3.0 - File Download Vulnerability","osvdb":"93446","secunia":"53421","exploitdb":"25440","created_at":"2014-08-01T10:51:09.875Z","updated_at":"2014-08-01T10:51:09.875Z","fixed_in":"1.4.0"}]}},{"pictpress":{"vulnerabilities":[{"id":93026,"title":"PictPress \u003c= 0.91 - Remote File Disclosure Vulnerability","exploitdb":"4695","created_at":"2014-08-01T10:51:09.934Z","updated_at":"2014-08-01T10:51:09.934Z"}]}},{"backupwordpress":{"vulnerabilities":[{"id":93027,"title":"BackUp \u003c= 0.4.2b - RFI Vulnerability","exploitdb":"4593","created_at":"2014-08-01T10:51:09.988Z","updated_at":"2014-08-01T10:51:09.988Z","fixed_in":"0.4.3"}]}},{"myflash":{"vulnerabilities":[{"id":93028,"title":"Myflash \u003c= 1.00 - (wppath) RFI Vulnerability","exploitdb":"3828","created_at":"2014-08-01T10:51:10.054Z","updated_at":"2014-08-01T10:51:10.054Z"},{"id":93029,"title":"Myflash - myextractXML.php path Parameter Arbitrary File Access","url":"http://packetstormsecurity.com/files/118400/","osvdb":"88260","created_at":"2014-08-01T10:51:10.108Z","updated_at":"2014-08-01T10:51:10.108Z"}]}},{"wordtube":{"vulnerabilities":[{"id":93030,"title":"plugin wordTube \u003c= 1.43 - (wpPATH) RFI Vulnerability","exploitdb":"3825","created_at":"2014-08-01T10:51:10.158Z","updated_at":"2014-08-01T10:51:10.158Z"}]}},{"wp-table":{"vulnerabilities":[{"id":93031,"title":"plugin wp-Table \u003c= 1.43 - (inc_dir) RFI Vulnerability","exploitdb":"3824","created_at":"2014-08-01T10:51:10.210Z","updated_at":"2014-08-01T10:51:10.210Z"}]}},{"mygallery":{"vulnerabilities":[{"id":93032,"title":"myGallery \u003c= 1.4b4 - Remote File Inclusion Vulnerability","exploitdb":"3814","created_at":"2014-08-01T10:51:10.260Z","updated_at":"2014-08-01T10:51:10.260Z"}]}},{"sendit":{"vulnerabilities":[{"id":93033,"title":"SendIt \u003c= 1.5.9 - Blind SQL Injection Vulnerability","exploitdb":"17716","created_at":"2014-08-01T10:51:10.340Z","updated_at":"2014-08-01T10:51:10.340Z"}]}},{"js-appointment":{"vulnerabilities":[{"id":93034,"title":"Js-appointment \u003c= 1.5 - SQL Injection Vulnerability","exploitdb":"17724","created_at":"2014-08-01T10:51:10.391Z","updated_at":"2014-08-01T10:51:10.391Z"}]}},{"mm-forms-community":{"vulnerabilities":[{"id":93035,"title":"MM Forms Community \u003c= 1.2.3 - SQL Injection Vulnerability","exploitdb":"17725","created_at":"2014-08-01T10:51:10.445Z","updated_at":"2014-08-01T10:51:10.445Z"},{"id":93036,"title":"MM Forms Community 2.2.6 - Arbitrary File Upload","exploitdb":"18997","created_at":"2014-08-01T10:51:10.499Z","updated_at":"2014-08-01T10:51:10.499Z"}]}},{"super-captcha":{"vulnerabilities":[{"id":93037,"title":"Super CAPTCHA \u003c= 2.2.4 - SQL Injection Vulnerability","exploitdb":"17728","created_at":"2014-08-01T10:51:10.550Z","updated_at":"2014-08-01T10:51:10.550Z"}]}},{"collision-testimonials":{"vulnerabilities":[{"id":93038,"title":"Collision Testimonials \u003c= 3.0 - SQL Injection Vulnerability","exploitdb":"17729","created_at":"2014-08-01T10:51:10.605Z","updated_at":"2014-08-01T10:51:10.605Z"}]}},{"oqey-headers":{"vulnerabilities":[{"id":93039,"title":"Oqey Headers \u003c= 0.3 - SQL Injection Vulnerability","exploitdb":"17730","created_at":"2014-08-01T10:51:10.658Z","updated_at":"2014-08-01T10:51:10.658Z"}]}},{"fbpromotions":{"vulnerabilities":[{"id":93040,"title":"Facebook Promotions \u003c= 1.3.3 - SQL Injection Vulnerability","exploitdb":"17737","created_at":"2014-08-01T10:51:10.708Z","updated_at":"2014-08-01T10:51:10.708Z"}]}},{"evarisk":{"vulnerabilities":[{"id":93041,"title":"Evarisk 5.1.5.4 - include/lib/actionsCorrectives/activite/uploadPhotoApres.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113638/","osvdb":"82960","secunia":"49521","created_at":"2014-08-01T10:51:10.758Z","updated_at":"2014-08-01T10:51:10.758Z"},{"id":93042,"title":"Evarisk \u003c= 5.1.3.6 - SQL Injection Vulnerability","exploitdb":"17738","created_at":"2014-08-01T10:51:10.812Z","updated_at":"2014-08-01T10:51:10.812Z"}]}},{"profiles":{"vulnerabilities":[{"id":93043,"title":"Profiles \u003c= 2.0RC1 - SQL Injection Vulnerability","exploitdb":"17739","created_at":"2014-08-01T10:51:10.865Z","updated_at":"2014-08-01T10:51:10.865Z"}]}},{"mystat":{"vulnerabilities":[{"id":93044,"title":"mySTAT \u003c= 2.6 - SQL Injection Vulnerability","exploitdb":"17740","created_at":"2014-08-01T10:51:10.920Z","updated_at":"2014-08-01T10:51:10.920Z"}]}},{"sh-slideshow":{"vulnerabilities":[{"id":93045,"title":"SH Slideshow \u003c= 3.1.4 - SQL Injection Vulnerability","exploitdb":"17748","created_at":"2014-08-01T10:51:10.975Z","updated_at":"2014-08-01T10:51:10.975Z"}]}},{"copyright-licensing-tools":{"vulnerabilities":[{"id":93046,"title":"iCopyright(R) Article Tools \u003c= 1.1.4 - SQL Injection Vulnerability","exploitdb":"17749","created_at":"2014-08-01T10:51:11.026Z","updated_at":"2014-08-01T10:51:11.026Z"}]}},{"advertizer":{"vulnerabilities":[{"id":93047,"title":"Advertizer \u003c= 1.0 - SQL Injection Vulnerability","exploitdb":"17750","created_at":"2014-08-01T10:51:11.078Z","updated_at":"2014-08-01T10:51:11.078Z"}]}},{"event-registration":{"vulnerabilities":[{"id":93048,"title":"Event Registration \u003c= 5.44 - SQL Injection Vulnerability","exploitdb":"17814","created_at":"2014-08-01T10:51:11.129Z","updated_at":"2014-08-01T10:51:11.129Z"},{"id":93049,"title":"Event Registration \u003c= 5.43 - SQL Injection Vulnerability","exploitdb":"17751","created_at":"2014-08-01T10:51:11.183Z","updated_at":"2014-08-01T10:51:11.183Z"},{"id":93050,"title":"Event Registration 5.32 - SQL Injection Vulnerability","exploitdb":"15513","created_at":"2014-08-01T10:51:11.237Z","updated_at":"2014-08-01T10:51:11.237Z"}]}},{"crawlrate-tracker":{"vulnerabilities":[{"id":93051,"title":"Craw Rate Tracker \u003c= 2.0.2 - SQL Injection Vulnerability","exploitdb":"17755","created_at":"2014-08-01T10:51:11.298Z","updated_at":"2014-08-01T10:51:11.298Z"}]}},{"wp-audio-gallery-playlist":{"vulnerabilities":[{"id":93052,"title":"wp audio gallery playlist \u003c= 0.12 - SQL Injection Vulnerability","exploitdb":"17756","created_at":"2014-08-01T10:51:11.352Z","updated_at":"2014-08-01T10:51:11.352Z"}]}},{"yolink-search":{"vulnerabilities":[{"id":93053,"title":"yolink Search 2.5 - \"s\" Cross-Site Scripting Vulnerability","url":"http://www.securityfocus.com/bid/57665","osvdb":"89756","secunia":"52030","created_at":"2014-08-01T10:51:11.407Z","updated_at":"2014-08-01T10:51:11.407Z","fixed_in":"2.6"},{"id":93054,"title":"yolink Search \u003c= 1.1.4 - includes/bulkcrawl.php Multiple Parameter SQL Injection","osvdb":"74832","secunia":"45801","exploitdb":"17757","created_at":"2014-08-01T10:51:11.472Z","updated_at":"2014-08-01T10:51:11.472Z"}]}},{"pure-html":{"vulnerabilities":[{"id":93055,"title":"PureHTML \u003c= 1.0.0 - SQL Injection Vulnerability","exploitdb":"17758","created_at":"2014-08-01T10:51:11.524Z","updated_at":"2014-08-01T10:51:11.524Z"}]}},{"couponer":{"vulnerabilities":[{"id":93056,"title":"Couponer \u003c= 1.2 - SQL Injection Vulnerability","exploitdb":"17759","created_at":"2014-08-01T10:51:11.597Z","updated_at":"2014-08-01T10:51:11.597Z"}]}},{"grapefile":{"vulnerabilities":[{"id":93057,"title":"grapefile \u003c= 1.1 - Arbitrary File Upload","exploitdb":"17760","created_at":"2014-08-01T10:51:11.652Z","updated_at":"2014-08-01T10:51:11.652Z"}]}},{"image-gallery-with-slideshow":{"vulnerabilities":[{"id":93058,"title":"image-gallery-with-slideshow \u003c= 1.5 - Arbitrary File Upload / SQL Injection","exploitdb":"17761","created_at":"2014-08-01T10:51:11.702Z","updated_at":"2014-08-01T10:51:11.702Z"}]}},{"wordpress-donation-plugin-with-goals-and-paypal-ipn-by-nonprofitcmsorg":{"vulnerabilities":[{"id":93059,"title":"Donation \u003c= 1.0 - SQL Injection Vulnerability","exploitdb":"17763","created_at":"2014-08-01T10:51:11.754Z","updated_at":"2014-08-01T10:51:11.754Z"}]}},{"wp-bannerize":{"vulnerabilities":[{"id":93060,"title":"WP Bannerize \u003c= 2.8.6 - SQL Injection Vulnerability","osvdb":"74835","secunia":"45811","exploitdb":"17764","created_at":"2014-08-01T10:51:11.805Z","updated_at":"2014-08-01T10:51:11.805Z","fixed_in":"2.8.7"},{"id":93061,"title":"WP Bannerize \u003c= 2.8.7 - SQL Injection Vulnerability","osvdb":"76658","secunia":"46236","exploitdb":"17906","created_at":"2014-08-01T10:51:11.868Z","updated_at":"2014-08-01T10:51:11.868Z","fixed_in":"2.8.8"}]}},{"search-autocomplete":{"vulnerabilities":[{"id":93062,"title":"SearchAutocomplete \u003c= 1.0.8 - SQL Injection Vulnerability","exploitdb":"17767","created_at":"2014-08-01T10:51:11.935Z","updated_at":"2014-08-01T10:51:11.935Z"}]}},{"videowhisper-video-presentation":{"vulnerabilities":[{"id":93063,"title":"VideoWhisper Video Presentation \u003c= 1.1 - SQL Injection Vulnerability","exploitdb":"17771","created_at":"2014-08-01T10:51:11.989Z","updated_at":"2014-08-01T10:51:11.989Z"},{"id":93064,"title":"VideoWhisper Video Presentation 3.17 - 'vw_upload.php' Arbitrary File Upload Vulnerability","url":"http://www.securityfocus.com/bid/53851","created_at":"2014-08-01T10:51:12.043Z","updated_at":"2014-08-01T10:51:12.043Z"}]}},{"facebook-opengraph-meta-plugin":{"vulnerabilities":[{"id":93065,"title":"Facebook Opengraph Meta \u003c= 1.0 - SQL Injection Vulnerability","exploitdb":"17773","created_at":"2014-08-01T10:51:12.093Z","updated_at":"2014-08-01T10:51:12.093Z"}]}},{"zotpress":{"vulnerabilities":[{"id":93066,"title":"Zotpress \u003c= 4.4 - SQL Injection Vulnerability","exploitdb":"17778","created_at":"2014-08-01T10:51:12.143Z","updated_at":"2014-08-01T10:51:12.143Z"}]}},{"oqey-gallery":{"vulnerabilities":[{"id":93067,"title":"oQey Gallery \u003c= 0.4.8 - SQL Injection Vulnerability","exploitdb":"17779","created_at":"2014-08-01T10:51:12.199Z","updated_at":"2014-08-01T10:51:12.199Z"}]}},{"tweet-old-post":{"vulnerabilities":[{"id":93068,"title":"Tweet Old Post \u003c= 3.2.5 - SQL Injection Vulnerability","exploitdb":"17789","created_at":"2014-08-01T10:51:12.252Z","updated_at":"2014-08-01T10:51:12.252Z"}]}},{"post-highlights":{"vulnerabilities":[{"id":93069,"title":"post highlights \u003c= 2.2 - SQL Injection Vulnerability","exploitdb":"17790","created_at":"2014-08-01T10:51:12.312Z","updated_at":"2014-08-01T10:51:12.312Z"}]}},{"knr-author-list-widget":{"vulnerabilities":[{"id":93070,"title":"KNR Author List Widget \u003c= 2.0.0 - SQL Injection Vulnerability","exploitdb":"17791","created_at":"2014-08-01T10:51:12.365Z","updated_at":"2014-08-01T10:51:12.365Z"}]}},{"scormcloud":{"vulnerabilities":[{"id":93071,"title":"SCORM Cloud \u003c= 1.0.6.6 - SQL Injection Vulnerability","osvdb":"77679","exploitdb":"17793","created_at":"2014-08-01T10:51:12.420Z","updated_at":"2014-08-01T10:51:12.420Z","fixed_in":"1.0.7"}]}},{"eventify":{"vulnerabilities":[{"id":93072,"title":"Eventify - Simple Events \u003c= 1.7.f - SQL Injection Vulnerability","exploitdb":"17794","created_at":"2014-08-01T10:51:12.479Z","updated_at":"2014-08-01T10:51:12.479Z"}]}},{"paid-downloads":{"vulnerabilities":[{"id":93073,"title":"Paid Downloads \u003c= 2.01 - SQL Injection Vulnerability","exploitdb":"17797","created_at":"2014-08-01T10:51:12.533Z","updated_at":"2014-08-01T10:51:12.533Z"}]}},{"community-events":{"vulnerabilities":[{"id":93074,"title":"Community Events \u003c= 1.2.1 - SQL Injection Vulnerability","exploitdb":"17798","created_at":"2014-08-01T10:51:12.582Z","updated_at":"2014-08-01T10:51:12.582Z"}]}},{"1-flash-gallery":{"vulnerabilities":[{"id":93075,"title":"1-flash-gallery \u003c= 1.9.0 - XSS in ZeroClipboard.swf","url":"http://1337day.com/exploit/20396","created_at":"2014-08-01T10:51:12.636Z","updated_at":"2014-08-01T10:51:12.636Z"},{"id":93076,"title":"1 Flash Gallery - Arbiraty File Upload Exploit (MSF)","exploitdb":"17801","created_at":"2014-08-01T10:51:12.688Z","updated_at":"2014-08-01T10:51:12.688Z"}]}},{"wp-filebase":{"vulnerabilities":[{"id":93077,"title":"WP-Filebase Download Manager 0.3.0.02 - class/Admin.php GetFileHash Function Remote Command Execution","url":"http://www.securityfocus.com/bid/66341","osvdb":"105039","secunia":"57456","created_at":"2014-08-01T10:51:12.738Z","updated_at":"2014-08-01T10:51:12.738Z","fixed_in":"0.3.0.03"},{"id":93078,"title":"WP-Filebase 0.2.9.24- Unspecified Vulnerabilities","url":"http://xforce.iss.net/xforce/xfdb/80034","osvdb":"87294","secunia":"51269","created_at":"2014-08-01T10:51:12.797Z","updated_at":"2014-08-01T10:51:12.797Z","fixed_in":"0.2.9.25"},{"id":93079,"title":"WP-Filebase Download Manager \u003c= 0.2.9 - wpfb-ajax.php base Parameter SQL Injection","osvdb":"75308","secunia":"45931","exploitdb":"17808","created_at":"2014-08-01T10:51:12.859Z","updated_at":"2014-08-01T10:51:12.859Z"}]}},{"a-to-z-category-listing":{"vulnerabilities":[{"id":93080,"title":"A to Z Category Listing \u003c= 1.3 - SQL Injection Vulnerability","exploitdb":"17809","created_at":"2014-08-01T10:51:12.911Z","updated_at":"2014-08-01T10:51:12.911Z"}]}},{"wp-e-commerce":{"vulnerabilities":[{"id":93081,"title":"WP-e-Commerce 3.8.9.5 - Cross Site Scripting Vulnerability","url":"http://1337day.com/exploit/20517","created_at":"2014-08-01T10:51:12.962Z","updated_at":"2014-08-01T10:51:12.962Z"},{"id":93082,"title":"WP-e-Commerce 3.8.9.5 - display-sales-logs.php c Parameter Remote Code Execution","url":"http://packetstormsecurity.com/files/124921/","osvdb":"102484","created_at":"2014-08-01T10:51:13.017Z","updated_at":"2014-08-01T10:51:13.017Z"},{"id":93083,"title":"WP-e-Commerce 3.8.9.5 - misc.functions.php image_name Parameter Local File Inclusion","url":"http://packetstormsecurity.com/files/124921/","osvdb":"102485","created_at":"2014-08-01T10:51:13.070Z","updated_at":"2014-08-01T10:51:13.070Z"},{"id":93084,"title":"WP-e-Commerce 3.8.9.5 - ajax.php wpsc_action Parameter Remote Code Execution","url":"http://packetstormsecurity.com/files/124921/","osvdb":"102486","created_at":"2014-08-01T10:51:13.125Z","updated_at":"2014-08-01T10:51:13.125Z"},{"id":93085,"title":"WP-e-Commerce 3.8.9.5 - save-data.functions.php GIF File Upload","url":"http://packetstormsecurity.com/files/124921/","osvdb":"102497","created_at":"2014-08-01T10:51:13.176Z","updated_at":"2014-08-01T10:51:13.176Z"},{"id":93086,"title":"WP-e-Commerce 3.8.9 - purchase-log-list-table-class.php m Parameter XSS","url":"http://www.securityfocus.com/bid/56499,http://xforce.iss.net/xforce/xfdb/80048","osvdb":"88231","created_at":"2014-08-01T10:51:13.240Z","updated_at":"2014-08-01T10:51:13.240Z","fixed_in":"3.8.9.1"},{"id":93087,"title":"WP-e-Commerce 3.8.9 - purchaselogs.class.php view_purchlogs_by_status Parameter SQL Injection","url":"http://www.securityfocus.com/bid/56499,http://xforce.iss.net/xforce/xfdb/80042","osvdb":"88232","created_at":"2014-08-01T10:51:13.319Z","updated_at":"2014-08-01T10:51:13.319Z","fixed_in":"3.8.9.1"},{"id":93088,"title":"WP e-Commerce 3.8.6 - wpsc-cart_widget.php cart_messages Parameter XSS","osvdb":"74295","secunia":"45513","created_at":"2014-08-01T10:51:13.393Z","updated_at":"2014-08-01T10:51:13.393Z","fixed_in":"3.8.8"},{"id":93089,"title":"WP e-Commerce \u003c= 3.8.6 - SQL Injection Vulnerability","exploitdb":"17832","created_at":"2014-08-01T10:51:13.458Z","updated_at":"2014-08-01T10:51:13.458Z"}]}},{"filedownload":{"vulnerabilities":[{"id":93090,"title":"Filedownload 0.1 - (download.php) Remote File Disclosure Vulnerability","exploitdb":"17858","created_at":"2014-08-01T10:51:13.512Z","updated_at":"2014-08-01T10:51:13.512Z"}]}},{"thecartpress":{"vulnerabilities":[{"id":93091,"title":"TheCartPress \u003c= 1.6 - Cross Site Sripting","url":"http://packetstormsecurity.com/files/108272/","created_at":"2014-08-01T10:51:13.562Z","updated_at":"2014-08-01T10:51:13.562Z"},{"id":93092,"title":"TheCartPress 1.1.1 - Remote File Inclusion","osvdb":"75616","exploitdb":"17860","created_at":"2014-08-01T10:51:13.615Z","updated_at":"2014-08-01T10:51:13.615Z","fixed_in":"1.1.2"}]}},{"wpeasystats":{"vulnerabilities":[{"id":93093,"title":"WPEasyStats 1.8 - Remote File Inclusion","exploitdb":"17862","created_at":"2014-08-01T10:51:13.674Z","updated_at":"2014-08-01T10:51:13.674Z"}]}},{"annonces":{"vulnerabilities":[{"id":93094,"title":"Annonces 1.2.0.1 - admin/theme.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113637/","osvdb":"82948","secunia":"49488","created_at":"2014-08-01T10:51:13.731Z","updated_at":"2014-08-01T10:51:13.731Z"}]}},{"livesig":{"vulnerabilities":[{"id":93095,"title":"Livesig 0.4 - Remote File Inclusion","exploitdb":"17864","created_at":"2014-08-01T10:51:13.781Z","updated_at":"2014-08-01T10:51:13.781Z"}]}},{"disclosure-policy-plugin":{"vulnerabilities":[{"id":93096,"title":"Disclosure Policy 1.0 - Remote File Inclusion","exploitdb":"17865","created_at":"2014-08-01T10:51:13.836Z","updated_at":"2014-08-01T10:51:13.836Z"}]}},{"mailz":{"vulnerabilities":[{"id":93097,"title":"Mailing List 1.3.2 - Remote File Inclusion","osvdb":"75617","exploitdb":"17866","created_at":"2014-08-01T10:51:13.886Z","updated_at":"2014-08-01T10:51:13.886Z","fixed_in":"1.3.4"},{"id":93098,"title":"Mailing List - Arbitrary file download","exploitdb":"18276","created_at":"2014-08-01T10:51:13.955Z","updated_at":"2014-08-01T10:51:13.955Z","fixed_in":"1.4.1"}]}},{"g-web-shop":{"vulnerabilities":[{"id":93099,"title":"Zingiri Web Shop 2.2.0 - Remote File Inclusion","exploitdb":"17867","created_at":"2014-08-01T10:51:14.025Z","updated_at":"2014-08-01T10:51:14.025Z"},{"id":93100,"title":"Zingiri Web Shop \u003c= 2.2.3 - Remote Code Execution","exploitdb":"18111","created_at":"2014-08-01T10:51:14.081Z","updated_at":"2014-08-01T10:51:14.081Z"}]}},{"mini-mail-dashboard-widget":{"vulnerabilities":[{"id":93101,"title":"Mini Mail Dashboard Widget 1.36 - wp-mini-mail.php abspath Parameter Remote File Inclusion","osvdb":"75402","secunia":"45953","exploitdb":"17868","created_at":"2014-08-01T10:51:14.132Z","updated_at":"2014-08-01T10:51:14.132Z","fixed_in":"1.37"},{"id":93102,"title":"Mini Mail Dashboard Widget 1.42 - Message Body XSS","osvdb":"85135","exploitdb":"20358","created_at":"2014-08-01T10:51:14.192Z","updated_at":"2014-08-01T10:51:14.192Z","fixed_in":"1.43"}]}},{"relocate-upload":{"vulnerabilities":[{"id":93103,"title":"Relocate Upload 0.14 - Remote File Inclusion","exploitdb":"17869","created_at":"2014-08-01T10:51:14.254Z","updated_at":"2014-08-01T10:51:14.254Z"}]}},{"category-grid-view-gallery":{"vulnerabilities":[{"id":93104,"title":"Category Grid View Gallery 0.1.1 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.316Z","updated_at":"2014-08-01T10:51:14.316Z"},{"id":93105,"title":"Category Grid View Gallery 2.3.1 - CatGridPost.php ID Parameter XSS","url":"http://packetstormsecurity.com/files/122259/","osvdb":"94805","cve":"2013-4117","secunia":"54035","created_at":"2014-08-01T10:51:14.368Z","updated_at":"2014-08-01T10:51:14.368Z","fixed_in":"2.3.3"}]}},{"auto-attachments":{"vulnerabilities":[{"id":93106,"title":"Auto Attachments 0.2.9 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.432Z","updated_at":"2014-08-01T10:51:14.432Z"}]}},{"wp-marketplace":{"vulnerabilities":[{"id":93107,"title":"WP Marketplace 1.1.0 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.484Z","updated_at":"2014-08-01T10:51:14.484Z"}]}},{"dp-thumbnail":{"vulnerabilities":[{"id":93108,"title":"DP Thumbnail 1.0 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.538Z","updated_at":"2014-08-01T10:51:14.538Z"}]}},{"vk-gallery":{"vulnerabilities":[{"id":93109,"title":"Vk Gallery 1.1.0 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.587Z","updated_at":"2014-08-01T10:51:14.587Z"}]}},{"rekt-slideshow":{"vulnerabilities":[{"id":93110,"title":"Rekt Slideshow 1.0.5 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.640Z","updated_at":"2014-08-01T10:51:14.640Z"}]}},{"cac-featured-content":{"vulnerabilities":[{"id":93111,"title":"CAC Featured Content 0.8 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.689Z","updated_at":"2014-08-01T10:51:14.689Z"}]}},{"rent-a-car":{"vulnerabilities":[{"id":93112,"title":"Rent A Car 1.0 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.740Z","updated_at":"2014-08-01T10:51:14.740Z"}]}},{"lisl-last-image-slider":{"vulnerabilities":[{"id":93113,"title":"LISL Last Image Slider 1.0 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.789Z","updated_at":"2014-08-01T10:51:14.789Z"}]}},{"islidex":{"vulnerabilities":[{"id":93114,"title":"Islidex 2.7 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.839Z","updated_at":"2014-08-01T10:51:14.839Z"}]}},{"kino-gallery":{"vulnerabilities":[{"id":93115,"title":"Kino Gallery 1.0 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.889Z","updated_at":"2014-08-01T10:51:14.889Z"}]}},{"cms-pack-cache":{"vulnerabilities":[{"id":93116,"title":"Cms Pack 1.3 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.938Z","updated_at":"2014-08-01T10:51:14.938Z"}]}},{"a-gallery":{"vulnerabilities":[{"id":93117,"title":"A Gallery 0.9 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:14.991Z","updated_at":"2014-08-01T10:51:14.991Z"}]}},{"category-list-portfolio-page":{"vulnerabilities":[{"id":93118,"title":"Category List Portfolio Page 0.9 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:15.041Z","updated_at":"2014-08-01T10:51:15.041Z"}]}},{"really-easy-slider":{"vulnerabilities":[{"id":93119,"title":"Really Easy Slider 0.1 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:15.094Z","updated_at":"2014-08-01T10:51:15.094Z"}]}},{"verve-meta-boxes":{"vulnerabilities":[{"id":93120,"title":"Verve Meta Boxes 1.2.8 - Shell Upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:15.155Z","updated_at":"2014-08-01T10:51:15.155Z"}]}},{"user-avatar":{"vulnerabilities":[{"id":93121,"title":"User Avatar 1.3.7 - shell upload vulnerability","exploitdb":"17872","created_at":"2014-08-01T10:51:15.222Z","updated_at":"2014-08-01T10:51:15.222Z"}]}},{"extend-wordpress":{"vulnerabilities":[{"id":93122,"title":"Extend 1.3.7 - Shell Upload vulnerability","url":"http://markmaunder.com/2011/08/01/zero-day-vulnerability-in-many-wordpress-themes/","osvdb":"75638","cve":"2011-4106","exploitdb":"17872","created_at":"2014-08-01T10:51:15.278Z","updated_at":"2014-08-01T10:51:15.278Z"}]}},{"adrotate":{"vulnerabilities":[{"id":93123,"title":"AdRotate \u003c= 3.9.4 - clicktracker.php track Parameter SQL Injection","url":"http://packetstormsecurity.com/files/125330/","osvdb":"103578","cve":"2014-1854","secunia":"57079","exploitdb":"31834","created_at":"2014-08-01T10:51:15.359Z","updated_at":"2014-08-01T10:51:15.359Z","fixed_in":"3.9.5"},{"id":93124,"title":"AdRotate \u003c= 3.6.6 - SQL Injection Vulnerability","osvdb":"77507","cve":"2011-4671","secunia":"46814","exploitdb":"18114","created_at":"2014-08-01T10:51:15.419Z","updated_at":"2014-08-01T10:51:15.419Z","fixed_in":"3.6.8"},{"id":93125,"title":"AdRotate \u003c= 3.6.5 - SQL Injection Vulnerability","url":"http://unconciousmind.blogspot.com/2011/09/wordpress-adrotate-plugin-365-sql.html","osvdb":"77507","cve":"2011-4671","exploitdb":"17888","created_at":"2014-08-01T10:51:15.487Z","updated_at":"2014-08-01T10:51:15.487Z","fixed_in":"3.6.8"}]}},{"wp-spamfree":{"vulnerabilities":[{"id":93126,"title":"WP-SpamFree 3.2.1 - Spam SQL Injection Vulnerability","exploitdb":"17970","created_at":"2014-08-01T10:51:15.548Z","updated_at":"2014-08-01T10:51:15.548Z"}]}},{"gd-star-rating":{"vulnerabilities":[{"id":93127,"title":"GD Star Rating 1.9.22 - gd-star-rating-stats.php s Parameter SQL Injection","url":"http://packetstormsecurity.com/files/125932/,http://seclists.org/fulldisclosure/2014/Mar/399,https://security.dxw.com/advisories/xss-csrf-and-blind-sql-injection-in-gd-star-rating-1-9-22/","osvdb":"105085","created_at":"2014-08-01T10:51:15.599Z","updated_at":"2014-08-01T10:51:15.599Z"},{"id":93128,"title":"GD Star Rating 1.9.22 - gd-star-rating-stats.php Setting Manipulation CSRF","url":"http://packetstormsecurity.com/files/125932/,http://seclists.org/fulldisclosure/2014/Mar/399,https://security.dxw.com/advisories/xss-csrf-and-blind-sql-injection-in-gd-star-rating-1-9-22/","osvdb":"105086","secunia":"57667","created_at":"2014-08-01T10:51:15.652Z","updated_at":"2014-08-01T10:51:15.652Z"},{"id":93129,"title":"GD Star Rating 1.9.18 - Export Security Bypass Security Issue","osvdb":"105086","secunia":"49850","created_at":"2014-08-01T10:51:15.702Z","updated_at":"2014-08-01T10:51:15.702Z","fixed_in":"1.9.19"},{"id":93130,"title":"GD Star Rating \u003c= 1.9.16 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/112702/","created_at":"2014-08-01T10:51:15.767Z","updated_at":"2014-08-01T10:51:15.767Z"},{"id":93131,"title":"GD Star Rating \u003c= 1.9.10 - gd-star-rating/export.php de Parameter SQL Injection","osvdb":"83466","exploitdb":"17973","created_at":"2014-08-01T10:51:15.819Z","updated_at":"2014-08-01T10:51:15.819Z"},{"id":93132,"title":"GD Star Rating 1.9.7 - gd-star-rating/widgets/widget_top.php wpfn Parameter XSS","url":"http://seclists.org/bugtraq/2011/Feb/219","osvdb":"71060","secunia":"43403","created_at":"2014-08-01T10:51:15.869Z","updated_at":"2014-08-01T10:51:15.869Z"}]}},{"contact-form-wordpress":{"vulnerabilities":[{"id":93133,"title":"Contact Form \u003c= 2.7.5 - SQL Injection","exploitdb":"17980","created_at":"2014-08-01T10:51:15.919Z","updated_at":"2014-08-01T10:51:15.919Z"}]}},{"wp-photo-album-plus":{"vulnerabilities":[{"id":93134,"title":"WP Photo Album Plus \u003c= 4.1.1 - SQL Injection","exploitdb":"17983","created_at":"2014-08-01T10:51:15.972Z","updated_at":"2014-08-01T10:51:15.972Z"},{"id":93135,"title":"WP Photo Album Plus \u003c= 4.8.12 - wp-photo-album-plus.php wppa-searchstring XSS","osvdb":"88851","secunia":"51669,51679","created_at":"2014-08-01T10:51:16.022Z","updated_at":"2014-08-01T10:51:16.022Z"},{"id":93136,"title":"WP Photo Album Plus - Full Path Disclosure","url":"http://1337day.com/exploit/20125","created_at":"2014-08-01T10:51:16.072Z","updated_at":"2014-08-01T10:51:16.072Z","fixed_in":"4.9.1"},{"id":93137,"title":"WP Photo Album Plus - index.php wppa-tag Parameter XSS","osvdb":"89165","secunia":"51829","created_at":"2014-08-01T10:51:16.132Z","updated_at":"2014-08-01T10:51:16.132Z","fixed_in":"4.9.3"},{"id":93138,"title":"WP Photo Album Plus - \"commentid\" Cross-Site Scripting Vulnerability","osvdb":"93033","cve":"2013-3254","secunia":"53105","created_at":"2014-08-01T10:51:16.197Z","updated_at":"2014-08-01T10:51:16.197Z","fixed_in":"5.0.3"},{"id":93139,"title":"WP Photo Album Plus - wp-admin/admin.php edit_id Parameter XSS","osvdb":"94465","secunia":"53915","created_at":"2014-08-01T10:51:16.262Z","updated_at":"2014-08-01T10:51:16.262Z","fixed_in":"5.0.11"}]}},{"backwpup":{"vulnerabilities":[{"id":93140,"title":"BackWPUp 2.1.4 - Code Execution","exploitdb":"17987","created_at":"2014-08-01T10:51:16.339Z","updated_at":"2014-08-01T10:51:16.339Z"},{"id":93141,"title":"plugin BackWPup 1.5.2, 1.6.1, 1.7.1 - Remote and Local Code Execution Vulnerability","osvdb":"71481","created_at":"2014-08-01T10:51:16.391Z","updated_at":"2014-08-01T10:51:16.391Z"},{"id":93142,"title":"BackWPup 3.0.12 - wp-admin/admin.php tab Parameter XSS","url":"https://www.htbridge.com/advisory/HTB23161,http://packetstormsecurity.com/files/122916/","osvdb":"96505","cve":"2013-4626","secunia":"54515","created_at":"2014-08-01T10:51:16.445Z","updated_at":"2014-08-01T10:51:16.445Z","fixed_in":"3.0.13"}]}},{"portable-phpmyadmin":{"vulnerabilities":[{"id":93143,"title":"portable-phpMyAdmin - Authentication Bypass","osvdb":"88391","cve":"2012-5469","secunia":"51520","exploitdb":"23356","created_at":"2014-08-01T10:51:16.504Z","updated_at":"2014-08-01T10:51:16.504Z","fixed_in":"1.3.1"},{"id":93144,"title":"Portable phpMyAdmin - /pma/phpinfo.php Direct Request System Information Disclosure","url":"http://www.securityfocus.com/bid/63249,http://seclists.org/oss-sec/2013/q4/138","osvdb":"98766","cve":"2013-4454","created_at":"2014-08-01T10:51:16.566Z","updated_at":"2014-08-01T10:51:16.566Z"},{"id":93145,"title":"Portable phpMyAdmin 1.4.1 - Multiple Script Direct Request Authentication Bypass","url":"http://seclists.org/oss-sec/2013/q4/138","osvdb":"98767","cve":"2013-4462","secunia":"55270","created_at":"2014-08-01T10:51:16.617Z","updated_at":"2014-08-01T10:51:16.617Z"}]}},{"super-refer-a-friend":{"vulnerabilities":[{"id":93146,"title":"super-refer-a-friend - Full Path Disclosure","url":"http://1337day.com/exploit/20126","created_at":"2014-08-01T10:51:16.671Z","updated_at":"2014-08-01T10:51:16.671Z","fixed_in":"1.0"}]}},{"w3-total-cache":{"vulnerabilities":[{"id":93147,"title":"W3 Total Cache - Username and Hash Extract","url":"http://seclists.org/fulldisclosure/2012/Dec/242,https://github.com/FireFart/W3TotalCacheExploit","osvdb":"92742,92741","cve":"2012-6079,2012-6078","created_at":"2014-08-01T10:51:16.736Z","updated_at":"2014-08-01T10:51:16.736Z","metasploit":"auxiliary/gather/wp_w3_total_cache_hash_extract","fixed_in":"0.9.2.5"},{"id":93148,"title":"W3 Total Cache - Remote Code Execution","url":"http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/,http://wordpress.org/support/topic/pwn3d,http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html","osvdb":"92652","cve":"2013-2010","secunia":"53052","exploitdb":"25137","created_at":"2014-08-01T10:51:16.796Z","updated_at":"2014-08-01T10:51:16.796Z","metasploit":"exploits/unix/webapp/php_wordpress_total_cache","fixed_in":"0.9.2.9"}]}},{"wp-super-cache":{"vulnerabilities":[{"id":93149,"title":"WP-Super-Cache 1.3 - Remote Code Execution","url":"http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/,http://wordpress.org/support/topic/pwn3d,http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html","created_at":"2014-08-01T10:51:16.860Z","updated_at":"2014-08-01T10:51:16.860Z","fixed_in":"1.3.1"},{"id":93150,"title":"WP Super Cache 1.3 - trunk/wp-cache.php wp_nonce_url Function URI XSS","osvdb":"92832","cve":"2013-2008","created_at":"2014-08-01T10:51:16.927Z","updated_at":"2014-08-01T10:51:16.927Z","fixed_in":"1.3.1"},{"id":93151,"title":"WP Super Cache 1.3 - trunk/plugins/wptouch.php URI XSS","osvdb":"92831","cve":"2013-2008","created_at":"2014-08-01T10:51:16.988Z","updated_at":"2014-08-01T10:51:16.988Z","fixed_in":"1.3.1"},{"id":93152,"title":"WP Super Cache 1.3 - trunk/plugins/searchengine.php URI XSS","osvdb":"92830","cve":"2013-2008","created_at":"2014-08-01T10:51:17.049Z","updated_at":"2014-08-01T10:51:17.049Z","fixed_in":"1.3.1"},{"id":93153,"title":"WP Super Cache 1.3 - trunk/plugins/domain-mapping.php URI XSS","osvdb":"92829","cve":"2013-2008","created_at":"2014-08-01T10:51:17.116Z","updated_at":"2014-08-01T10:51:17.116Z","fixed_in":"1.3.1"},{"id":93154,"title":"WP Super Cache 1.3 - trunk/plugins/badbehaviour.php URI XSS","osvdb":"92828","cve":"2013-2008","created_at":"2014-08-01T10:51:17.180Z","updated_at":"2014-08-01T10:51:17.180Z","fixed_in":"1.3.1"},{"id":93155,"title":"WP Super Cache 1.3 - trunk/plugins/awaitingmoderation.php URI XSS","osvdb":"92827","cve":"2013-2008","created_at":"2014-08-01T10:51:17.245Z","updated_at":"2014-08-01T10:51:17.245Z","fixed_in":"1.3.1"}]}},{"ripe-hd-player":{"vulnerabilities":[{"id":93156,"title":"ripe-hd-player 1.0 - ripe-hd-player/config.php id Parameter SQL Injection","url":"http://xforce.iss.net/xforce/xfdb/81415","osvdb":"89437","exploitdb":"24229","created_at":"2014-08-01T10:51:17.341Z","updated_at":"2014-08-01T10:51:17.341Z"},{"id":93157,"title":"ripe-hd-player 1.0 - Multiple Script Direct Request Path Disclosure","url":"http://www.securityfocus.com/bid/57473,http://xforce.iss.net/xforce/xfdb/81414","osvdb":"89438","exploitdb":"24229","created_at":"2014-08-01T10:51:17.404Z","updated_at":"2014-08-01T10:51:17.404Z"}]}},{"floating-tweets":{"vulnerabilities":[{"id":93158,"title":"floating-tweets - persistent XSS","url":"http://packetstormsecurity.com/files/119499/,http://websecurity.com.ua/6023/","created_at":"2014-08-01T10:51:17.462Z","updated_at":"2014-08-01T10:51:17.462Z"},{"id":93159,"title":"floating-tweets - directory traversal","url":"http://packetstormsecurity.com/files/119499/,http://websecurity.com.ua/6023/","created_at":"2014-08-01T10:51:17.514Z","updated_at":"2014-08-01T10:51:17.514Z"}]}},{"ipfeuilledechou":{"vulnerabilities":[{"id":93160,"title":"ipfeuilledechou - SQL Injection Vulnerability","url":"http://www.exploit4arab.com/exploits/377,http://1337day.com/exploit/20206","created_at":"2014-08-01T10:51:17.565Z","updated_at":"2014-08-01T10:51:17.565Z"}]}},{"simple-login-log":{"vulnerabilities":[{"id":93161,"title":"Simple Login Log - XSS","secunia":"51780","created_at":"2014-08-01T10:51:17.615Z","updated_at":"2014-08-01T10:51:17.615Z","fixed_in":"0.9.4"},{"id":93162,"title":"Simple Login Log - SQL Injection","secunia":"51780","created_at":"2014-08-01T10:51:17.675Z","updated_at":"2014-08-01T10:51:17.675Z","fixed_in":"0.9.4"}]}},{"wp-slimstat":{"vulnerabilities":[{"id":93163,"title":"WP SlimStat 3.5.5 - Overview URI Stored XSS","osvdb":"104428","secunia":"57305","created_at":"2014-08-01T10:51:17.741Z","updated_at":"2014-08-01T10:51:17.741Z","fixed_in":"3.5.6"},{"id":93164,"title":"WP SlimStat 2.8.4 - wp-content/plugins/wp-slimstat/admin/view/panel1.php s Parameter XSS","osvdb":"89052","secunia":"51721","created_at":"2014-08-01T10:51:17.806Z","updated_at":"2014-08-01T10:51:17.806Z","fixed_in":"2.8.5"}]}},{"wp-slimstat-ex":{"vulnerabilities":[{"id":93165,"title":"SlimStat-Ex - Open Flash Chart Arbitrary File Creation Vulnerability","url":"http://packetstormsecurity.com/files/123494/","secunia":"55160","created_at":"2014-08-01T10:51:17.867Z","updated_at":"2014-08-01T10:51:17.867Z"}]}},{"browser-rejector":{"vulnerabilities":[{"id":93166,"title":"Browser Rejector - Remote and Local File Inclusion","osvdb":"89053","secunia":"51739","created_at":"2014-08-01T10:51:17.920Z","updated_at":"2014-08-01T10:51:17.920Z","fixed_in":"2.11"}]}},{"wp-file-uploader":{"vulnerabilities":[{"id":93167,"title":"File Uploader - PHP File Upload Vulnerability","url":"http://la.usch.io/2013/01/21/wordpress-file-uploader-plugin-php-file-upload-vulnerability/","created_at":"2014-08-01T10:51:17.979Z","updated_at":"2014-08-01T10:51:17.979Z"}]}},{"cardoza-wordpress-poll":{"vulnerabilities":[{"id":93168,"title":"Cardoza WordPress poll 34.05 - Multiple External Function Remote Poll Manipulation","url":"http://seclists.org/bugtraq/2013/Jan/86,http://packetstormsecurity.com/files/119736/","osvdb":"89443","cve":"2013-1401","secunia":"51925","created_at":"2014-08-01T10:51:18.048Z","updated_at":"2014-08-01T10:51:18.048Z","fixed_in":"34.06"},{"id":93169,"title":"Cardoza WordPress poll - CWPPoll.js Multiple Method pollid Parameter SQL Injection","url":"http://packetstormsecurity.com/files/119736/,http://www.girlinthemiddle.net/2013/01/multiple-sql-injection-vulnerabilities.html,http://seclists.org/bugtraq/2013/Jan/86","osvdb":"89444","cve":"2013-1400","created_at":"2014-08-01T10:51:18.123Z","updated_at":"2014-08-01T10:51:18.123Z"},{"id":93170,"title":"Cardoza WordPress poll - Multiple SQL Injection Vulnerabilities","secunia":"50910","created_at":"2014-08-01T10:51:18.174Z","updated_at":"2014-08-01T10:51:18.174Z","fixed_in":"33.6"}]}},{"devformatter":{"vulnerabilities":[{"id":93171,"title":"Developer Formatter 2013.0.1.40 - devformatter.php Multiple Action CSRF","url":"http://packetstormsecurity.com/files/119731/,http://seclists.org/bugtraq/2013/Jan/91,http://1337day.com/exploit/20210","osvdb":"89475","secunia":"51912","exploitdb":"24294","created_at":"2014-08-01T10:51:18.238Z","updated_at":"2014-08-01T10:51:18.238Z","fixed_in":"2013.0.1.41"},{"id":93172,"title":"Developer Formatter 2013.0.1.40 - devformatter.php Multiple Field XSS","url":"http://seclists.org/bugtraq/2013/Jan/91","osvdb":"89474","created_at":"2014-08-01T10:51:18.307Z","updated_at":"2014-08-01T10:51:18.307Z","fixed_in":"2013.0.1.41"}]}},{"dvs-custom-notification":{"vulnerabilities":[{"id":93173,"title":"DVS Custom Notification - Cross-Site Request Forgery Vulnerability","osvdb":"89441","cve":"2012-4921","secunia":"51531","created_at":"2014-08-01T10:51:18.371Z","updated_at":"2014-08-01T10:51:18.371Z","fixed_in":"1.0.1"}]}},{"events-manager":{"vulnerabilities":[{"id":93174,"title":"Events Manager 5.5.1 - Multiple Unspecified XSS Vulnerabilities","osvdb":"98198","secunia":"55182","created_at":"2014-08-01T10:51:18.437Z","updated_at":"2014-08-01T10:51:18.437Z","fixed_in":"5.5.2"},{"id":93175,"title":"Events Manager 5.3.8 - Event Search Form em_search Parameter XSS","url":"http://www.securityfocus.com/bid/60078","osvdb":"93556","secunia":"53478","created_at":"2014-08-01T10:51:18.498Z","updated_at":"2014-08-01T10:51:18.498Z","fixed_in":"5.3.9"},{"id":93176,"title":"Events Manager 5.3.8 - wp-admin/edit.php author Parameter XSS","url":"http://www.securityfocus.com/bid/60078","osvdb":"93557","secunia":"53478","created_at":"2014-08-01T10:51:18.561Z","updated_at":"2014-08-01T10:51:18.561Z","fixed_in":"5.3.9"},{"id":93177,"title":"Events Manager 5.3.8 - Event Editing redirect_to Parameter XSS","url":"http://www.securityfocus.com/bid/60078","osvdb":"93558","secunia":"53478","created_at":"2014-08-01T10:51:18.624Z","updated_at":"2014-08-01T10:51:18.624Z","fixed_in":"5.3.9"},{"id":93178,"title":"Events Manager 5.3.5 - wp-admin/admin-ajax.php dbem_phone Parameter XSS","osvdb":"90913","secunia":"52475","created_at":"2014-08-01T10:51:18.687Z","updated_at":"2014-08-01T10:51:18.687Z","fixed_in":"5.3.6"},{"id":93179,"title":"Events Manager 5.3.5 - index.php event_owner_name Parameter XSS","osvdb":"90914","secunia":"52475","created_at":"2014-08-01T10:51:18.759Z","updated_at":"2014-08-01T10:51:18.759Z","fixed_in":"5.3.6"},{"id":93180,"title":"Events Manager 5.3.5 - wp-admin/post.php Multiple Parameter XSS","osvdb":"90915","secunia":"52475","created_at":"2014-08-01T10:51:18.822Z","updated_at":"2014-08-01T10:51:18.822Z","fixed_in":"5.3.6"},{"id":93181,"title":"Events Manager 5.3.3 - templates/forms/bookingform/booking-fields.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/120688/,http://www.securityfocus.com/bid/57477","osvdb":"89488","cve":"2013-1407","secunia":"51869","created_at":"2014-08-01T10:51:18.891Z","updated_at":"2014-08-01T10:51:18.891Z","fixed_in":"5.3.4"},{"id":93182,"title":"Events Manager 5.3.3 - templates/templates/events-search.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/120688/,http://www.securityfocus.com/bid/57477","osvdb":"89487","cve":"2013-1407","secunia":"51869","created_at":"2014-08-01T10:51:18.958Z","updated_at":"2014-08-01T10:51:18.958Z","fixed_in":"5.3.4"},{"id":93183,"title":"Events Manager 5.3.3 - XSS classes/em-bookings-table.php wp_nonce Parameter XSS","url":"http://packetstormsecurity.com/files/120688/,http://www.securityfocus.com/bid/57477","osvdb":"89486","cve":"2013-1407","secunia":"51869","created_at":"2014-08-01T10:51:19.020Z","updated_at":"2014-08-01T10:51:19.020Z","fixed_in":"5.3.4"}]}},{"solvemedia":{"vulnerabilities":[{"id":93184,"title":"SolveMedia 1.1.0 - plugins.php API Key Manipulation CSRF","url":"http://1337day.com/exploit/20222","osvdb":"89585","secunia":"51927","exploitdb":"24364","created_at":"2014-08-01T10:51:19.083Z","updated_at":"2014-08-01T10:51:19.083Z","fixed_in":"1.1.1"},{"id":93185,"title":"SolveMedia 1.1.0 -  solvemedia.admin.inc Admin Options Page CSRF","osvdb":"106320","created_at":"2014-08-01T10:51:19.149Z","updated_at":"2014-08-01T10:51:19.149Z","fixed_in":"1.1.1"}]}},{"usc-e-shop":{"vulnerabilities":[{"id":93186,"title":"Welcart e-Commerce 1.3.12 - wp-admin/admin-ajax.php Multiple Parameter DOM-Based XSS","url":"http://packetstormsecurity.com/files/125513/,http://www.securityfocus.com/bid/65954","osvdb":"103956","secunia":"57222","created_at":"2014-08-01T10:51:19.214Z","updated_at":"2014-08-01T10:51:19.214Z"},{"id":93187,"title":"Welcart e-Commerce 1.3.12 - purchase_limit Parameter DOM-based XSS","url":"http://packetstormsecurity.com/files/125513/,http://www.securityfocus.com/bid/65954","osvdb":"103955","created_at":"2014-08-01T10:51:19.269Z","updated_at":"2014-08-01T10:51:19.269Z"},{"id":93188,"title":"Welcart e-Commerce 1.3.12 - wp-admin/admin.php Multiple Parameter SQL Injection","url":"http://packetstormsecurity.com/files/125513/,http://www.securityfocus.com/bid/65954","osvdb":"103954","created_at":"2014-08-01T10:51:19.349Z","updated_at":"2014-08-01T10:51:19.349Z"},{"id":93189,"title":"Welcart e-Commerce - wp-admin/admin.php Multiple Parameter SQL Injection","url":"http://packetstormsecurity.com/files/125513/,http://www.securityfocus.com/bid/65954","osvdb":"103954","created_at":"2014-08-01T10:51:19.402Z","updated_at":"2014-08-01T10:51:19.402Z"},{"id":93190,"title":"Welcart e-Commerce - Cross-Site Scripting and Request Forgery Vulnerabilities","secunia":"51581","created_at":"2014-08-01T10:51:19.454Z","updated_at":"2014-08-01T10:51:19.454Z"}]}},{"knews":{"vulnerabilities":[{"id":93191,"title":"Knews 1.2.5 - Multilingual Newsletters Cross-Site Request Forgery Vulnerability","url":"http://www.securityfocus.com/bid/56926,http://xforce.iss.net/xforce/xfdb/80661","osvdb":"88427","secunia":"51543","created_at":"2014-08-01T10:51:19.508Z","updated_at":"2014-08-01T10:51:19.508Z","fixed_in":"1.2.6"},{"id":93192,"title":"Knews 1.2.5 - Unspecified XSS","osvdb":"88426","created_at":"2014-08-01T10:51:19.576Z","updated_at":"2014-08-01T10:51:19.576Z","fixed_in":"1.2.6"},{"id":93193,"title":"Knews 1.1.0 - wysiwyg/fontpicker/index.php ff Parameter XSS","osvdb":"83643","secunia":"49825","created_at":"2014-08-01T10:51:19.644Z","updated_at":"2014-08-01T10:51:19.644Z","fixed_in":"1.1.1"}]}},{"video-lead-form":{"vulnerabilities":[{"id":93194,"title":"Video Lead Form - \"errMsg\" Cross-Site Scripting Vulnerability","osvdb":"88002","cve":"2012-6312","secunia":"51419","created_at":"2014-08-01T10:51:19.706Z","updated_at":"2014-08-01T10:51:19.706Z"}]}},{"sagepay-direct-for-woocommerce-payment-gateway":{"vulnerabilities":[{"id":93195,"title":"WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DRedirect.php Multiple Parameter Reflected XSS","osvdb":"102882","secunia":"56801","created_at":"2014-08-01T10:51:19.761Z","updated_at":"2014-08-01T10:51:19.761Z","fixed_in":"0.1.6.7"},{"id":93196,"title":"WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DCallBack.php Multiple Parameter Reflected XSS","osvdb":"102746","secunia":"56801","created_at":"2014-08-01T10:51:19.821Z","updated_at":"2014-08-01T10:51:19.821Z","fixed_in":"0.1.6.7"},{"id":93197,"title":"WooCommerce SagePay Direct Payment Gateway 0.1.6.6 - pages/3DComplete.php Multiple Parameter Reflected XSS","osvdb":"102747","secunia":"56801","created_at":"2014-08-01T10:51:19.885Z","updated_at":"2014-08-01T10:51:19.885Z","fixed_in":"0.1.6.7"}]}},{"woocommerce-predictive-search":{"vulnerabilities":[{"id":93198,"title":"WooCommerce Predictive Search - index.php rs Parameter XSS","url":"http://www.securityfocus.com/bid/56703","osvdb":"87890","secunia":"51385","created_at":"2014-08-01T10:51:19.947Z","updated_at":"2014-08-01T10:51:19.947Z","fixed_in":"1.0.6"}]}},{"woocommerce":{"vulnerabilities":[{"id":93199,"title":"WooCommerce 2.0.17 - hide-wc-extensions-message Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123684/,http://www.securityfocus.com/bid/63228","osvdb":"98754","created_at":"2014-08-01T10:51:20.008Z","updated_at":"2014-08-01T10:51:20.008Z","fixed_in":"2.0.17"},{"id":93200,"title":"WooCommerce 2.0.12 - index.php calc_shipping_state Parameter XSS","url":"http://packetstormsecurity.com/files/122465/","osvdb":"95480","secunia":"53930","created_at":"2014-08-01T10:51:20.071Z","updated_at":"2014-08-01T10:51:20.071Z","fixed_in":"2.0.13"}]}},{"wp-e-commerce-predictive-search":{"vulnerabilities":[{"id":93201,"title":"WP e-Commerce Predictive Search - \"rs\" Cross-Site Scripting Vulnerability","secunia":"51384","created_at":"2014-08-01T10:51:20.133Z","updated_at":"2014-08-01T10:51:20.133Z"}]}},{"wp-tiger":{"vulnerabilities":[{"id":93202,"title":"vTiger - CRM Lead Capture Unspecified Vulnerability","secunia":"51305","created_at":"2014-08-01T10:51:20.185Z","updated_at":"2014-08-01T10:51:20.185Z","fixed_in":"1.1.0"}]}},{"wp-postviews":{"vulnerabilities":[{"id":93203,"title":"WP-PostViews - \"search_input\" Cross-Site Scripting Vulnerability","secunia":"50982","created_at":"2014-08-01T10:51:20.245Z","updated_at":"2014-08-01T10:51:20.245Z"},{"id":93204,"title":"WP-PostViews 1.62 - Setting Manipulation CSRF","osvdb":"93096","cve":"2013-3252","secunia":"53127","created_at":"2014-08-01T10:51:20.308Z","updated_at":"2014-08-01T10:51:20.308Z","fixed_in":"1.63"}]}},{"dx-contribute":{"vulnerabilities":[{"id":93205,"title":"DX-Contribute - Cross-Site Request Forgery Vulnerability","secunia":"51082","created_at":"2014-08-01T10:51:20.371Z","updated_at":"2014-08-01T10:51:20.371Z"}]}},{"wysija-newsletters":{"vulnerabilities":[{"id":93206,"title":"MailPoet (Wysija Newsletters) - Remote File Upload","url":"http://blog.sucuri.net/2014/07/remote-file-upload-vulnerability-on-mailpoet-wysija-newsletters.html,http://www.openwall.com/lists/oss-security/2014/07/02/1","cve":"2014-4725","created_at":"2014-08-01T10:51:20.422Z","updated_at":"2014-08-01T10:51:20.422Z","metasploit":"exploit/unix/webapp/wp_wysija_newsletters_upload","fixed_in":"2.6.8"},{"id":93207,"title":"Wysija Newsletters 2.2 - SQL Injection Vulnerability","url":"https://www.htbridge.com/advisory/HTB23140,http://packetstormsecurity.com/files/120089/,http://seclists.org/bugtraq/2013/Feb/29,http://cxsecurity.com/issue/WLB-2013020039","osvdb":"89924","cve":"2013-1408","created_at":"2014-08-01T10:51:20.485Z","updated_at":"2014-08-01T10:51:20.485Z","fixed_in":"2.2.1"},{"id":93208,"title":"Wysija Newsletters - swfupload Cross-Site Scripting Vulnerability","url":"http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html","secunia":"51249","created_at":"2014-08-01T10:51:20.551Z","updated_at":"2014-08-01T10:51:20.551Z","fixed_in":"2.1.7"}]}},{"hitasoft_player":{"vulnerabilities":[{"id":93209,"title":"Hitasoft FLV Player - \"id\" SQL Injection Vulnerability","secunia":"51179","created_at":"2014-08-01T10:51:20.611Z","updated_at":"2014-08-01T10:51:20.611Z"}]}},{"spider-calendar":{"vulnerabilities":[{"id":93210,"title":"Spider Calendar 1.3.0 - Multiple Vulnerabilities","osvdb":"93584","secunia":"53481","exploitdb":"25723","created_at":"2014-08-01T10:51:20.667Z","updated_at":"2014-08-01T10:51:20.667Z"},{"id":93211,"title":"Spider Calendar 1.1.0 - \"many_sp_calendar\" Cross-Site Scripting Vulnerability","osvdb":"86604","secunia":"50981","created_at":"2014-08-01T10:51:20.722Z","updated_at":"2014-08-01T10:51:20.722Z","fixed_in":"1.1.1"},{"id":93212,"title":"Spider Calendar 1.0.1 - front_end/spidercalendarbig.php date Parameter XSS","url":"http://packetstormsecurity.org/files/117078/","osvdb":"85897","secunia":"50812","exploitdb":"21715","created_at":"2014-08-01T10:51:20.784Z","updated_at":"2014-08-01T10:51:20.784Z","fixed_in":"1.1.3"},{"id":93213,"title":"Spider Calendar 1.0.1 - spidercalendarbig_seemore.php calendar_id Parameter SQL Injection","url":"http://packetstormsecurity.org/files/117078/","osvdb":"85898","secunia":"50812","exploitdb":"21715","created_at":"2014-08-01T10:51:20.846Z","updated_at":"2014-08-01T10:51:20.846Z","fixed_in":"1.1.3"}]}},{"dynamic-font-replacement-4wp":{"vulnerabilities":[{"id":93214,"title":"Dynamic Font Replacement 1.3 - SQL Injection Vulnerability","url":"http://1337day.com/exploit/20239","created_at":"2014-08-01T10:51:20.910Z","updated_at":"2014-08-01T10:51:20.910Z"}]}},{"form":{"vulnerabilities":[{"id":93215,"title":"Zingiri Form Builder - \"error\" Cross-Site Scripting Vulnerability","secunia":"50983","created_at":"2014-08-01T10:51:20.962Z","updated_at":"2014-08-01T10:51:20.962Z","fixed_in":"1.2.1"}]}},{"white-label-cms":{"vulnerabilities":[{"id":93216,"title":"White Label CMS - Cross-Site Request Forgery Vulnerability","secunia":"50487","created_at":"2014-08-01T10:51:21.028Z","updated_at":"2014-08-01T10:51:21.028Z","fixed_in":"1.5.1"}]}},{"download-shortcode":{"vulnerabilities":[{"id":93217,"title":"Download Shortcode - \"file\" Arbitrary File Disclosure Vulnerability","secunia":"50924","created_at":"2014-08-01T10:51:21.091Z","updated_at":"2014-08-01T10:51:21.091Z","fixed_in":"0.2.1"}]}},{"eshop-magic":{"vulnerabilities":[{"id":93218,"title":"eShop Magic 0.1 - eshop-magic/download.php file Parameter Traversal Arbitrary File Access","url":"http://xforce.iss.net/xforce/xfdb/79222","osvdb":"86155","secunia":"50933","created_at":"2014-08-01T10:51:21.153Z","updated_at":"2014-08-01T10:51:21.153Z","fixed_in":"0.2"}]}},{"pinterest-pin-it-button":{"vulnerabilities":[{"id":93219,"title":"Pinterest \"Pin It\" Button Lite 1.3.1 - Multiple Unspecified Vulnerabilities","osvdb":"85956","secunia":"50868","created_at":"2014-08-01T10:51:21.222Z","updated_at":"2014-08-01T10:51:21.222Z","fixed_in":"1.4.0"}]}},{"css-plus":{"vulnerabilities":[{"id":93220,"title":"CSS Plus 1.3.1 - Unspecified Vulnerabilities","osvdb":"85875","secunia":"50793","created_at":"2014-08-01T10:51:21.285Z","updated_at":"2014-08-01T10:51:21.285Z","fixed_in":"1.3.2"}]}},{"multisite-plugin-manager":{"vulnerabilities":[{"id":93221,"title":"Multisite plugin Manager 3.1.1 - Two Cross-Site Scripting Vulnerabilities","osvdb":"85818","secunia":"50762","created_at":"2014-08-01T10:51:21.361Z","updated_at":"2014-08-01T10:51:21.361Z","fixed_in":"3.1.2"}]}},{"abc-test":{"vulnerabilities":[{"id":93222,"title":"ABC Test - \"id\" Cross-Site Scripting Vulnerability","url":"http://scott-herbert.com/?p=142","osvdb":"85773","secunia":"50608","created_at":"2014-08-01T10:51:21.424Z","updated_at":"2014-08-01T10:51:21.424Z"}]}},{"token-manager":{"vulnerabilities":[{"id":93223,"title":"Token Manager 1.0.2 - \"tid\" Cross-Site Scripting Vulnerabilities","osvdb":"85738","secunia":"50722","created_at":"2014-08-01T10:51:21.479Z","updated_at":"2014-08-01T10:51:21.479Z"}]}},{"sexy-add-template":{"vulnerabilities":[{"id":93224,"title":"Sexy Add Template 1.0 - PHP Code Execution CSRF","osvdb":"85730","secunia":"50709","created_at":"2014-08-01T10:51:21.534Z","updated_at":"2014-08-01T10:51:21.534Z"}]}},{"notices":{"vulnerabilities":[{"id":93225,"title":"Notices Ticker 5.0 - Cross-Site Request Forgery Vulnerability","url":"http://packetstormsecurity.org/files/116774/","osvdb":"85729","secunia":"50717","created_at":"2014-08-01T10:51:21.591Z","updated_at":"2014-08-01T10:51:21.591Z"}]}},{"mf-gig-calendar":{"vulnerabilities":[{"id":93226,"title":"MF Gig Calendar 0.9.4.1 - URL Cross-Site Scripting Vulnerability","url":"http://packetstormsecurity.org/files/116713/","osvdb":"85682","cve":"2012-4242","secunia":"50571","created_at":"2014-08-01T10:51:21.649Z","updated_at":"2014-08-01T10:51:21.649Z"}]}},{"wp-topbar":{"vulnerabilities":[{"id":93227,"title":"WP-TopBar 4.02 - wp-topbar.php wptbbartext Parameter XSS","osvdb":"85659","secunia":"50693","exploitdb":"21393","created_at":"2014-08-01T10:51:21.700Z","updated_at":"2014-08-01T10:51:21.700Z","fixed_in":"4.03"},{"id":93228,"title":"WP-TopBar 4.02 - TopBar Message Manipulation CSRF","osvdb":"85660","secunia":"50693","exploitdb":"21393","created_at":"2014-08-01T10:51:21.766Z","updated_at":"2014-08-01T10:51:21.766Z","fixed_in":"4.03"},{"id":93229,"title":"wp-topbar \u003c= 3.04 - XSS in ZeroClipboard.swf","url":"http://1337day.com/exploit/20396","created_at":"2014-08-01T10:51:21.833Z","updated_at":"2014-08-01T10:51:21.833Z"}]}},{"webplayer":{"vulnerabilities":[{"id":93230,"title":"HD Webplayer - Two SQL Injection Vulnerabilities","osvdb":"87832","secunia":"50466","created_at":"2014-08-01T10:51:21.884Z","updated_at":"2014-08-01T10:51:21.884Z"}]}},{"cloudsafe365-for-wp":{"vulnerabilities":[{"id":93231,"title":"Cloudsafe365 - Multiple Vulnerabilities","secunia":"50392","created_at":"2014-08-01T10:51:21.936Z","updated_at":"2014-08-01T10:51:21.936Z","fixed_in":"1.47"}]}},{"vitamin":{"vulnerabilities":[{"id":93232,"title":"Vitamin 1.0 - add_headers.php path Parameter Traversal Arbitrary File Access","osvdb":"84463","cve":"2012-6651","secunia":"50176","created_at":"2014-08-01T10:51:21.995Z","updated_at":"2014-08-01T10:51:21.995Z","fixed_in":"1.1"},{"id":93233,"title":"Vitamin 1.0 - minify.php path Parameter Traversal Arbitrary File Access","osvdb":"84464","cve":"2012-6651","secunia":"50176","created_at":"2014-08-01T10:51:22.057Z","updated_at":"2014-08-01T10:51:22.057Z","fixed_in":"1.1"}]}},{"featured-post-with-thumbnail":{"vulnerabilities":[{"id":93234,"title":"Featured Post with thumbnail 1.4 - Unspecified timthumb Vulnerability","osvdb":"84460","secunia":"50161","created_at":"2014-08-01T10:51:22.118Z","updated_at":"2014-08-01T10:51:22.118Z","fixed_in":"1.5"}]}},{"wp-effective-lead-management":{"vulnerabilities":[{"id":93235,"title":"WP Lead Management 3.0.0 - Script Insertion Vulnerabilities","osvdb":"84462","secunia":"50166","exploitdb":"20270","created_at":"2014-08-01T10:51:22.179Z","updated_at":"2014-08-01T10:51:22.179Z"}]}},{"xve-various-embed":{"vulnerabilities":[{"id":93236,"title":"XVE Various Embed - JW Player Multiple Cross-Site Scripting Vulnerabilities","secunia":"50173","created_at":"2014-08-01T10:51:22.235Z","updated_at":"2014-08-01T10:51:22.235Z","fixed_in":"1.0.4"}]}},{"g-lock-double-opt-in-manager":{"vulnerabilities":[{"id":93237,"title":"G-Lock Double Opt-in Manager - Two Security Bypass Vulnerabilities","url":"http://packetstormsecurity.org/files/115173/","osvdb":"84434","secunia":"50100","created_at":"2014-08-01T10:51:22.302Z","updated_at":"2014-08-01T10:51:22.302Z"}]}},{"kau-boys-backend-localization":{"vulnerabilities":[{"id":93238,"title":"Backend Localization 1.6.1 - options-general.php kau-boys_backend_localization_language Parameter XSS","osvdb":"84418","secunia":"50099","created_at":"2014-08-01T10:51:22.364Z","updated_at":"2014-08-01T10:51:22.364Z","fixed_in":"2.0"},{"id":93239,"title":"Backend Localization 1.6.1 - wp-login.php kau-boys_backend_localization_language Parameter XSS","osvdb":"84419","secunia":"50099","created_at":"2014-08-01T10:51:22.435Z","updated_at":"2014-08-01T10:51:22.435Z","fixed_in":"2.0"}]}},{"flexi-quote-rotator":{"vulnerabilities":[{"id":93240,"title":"Flexi Quote Rotator - Cross-Site Request Forgery and SQL Injection Vulnerabilities","secunia":"49910","created_at":"2014-08-01T10:51:22.497Z","updated_at":"2014-08-01T10:51:22.497Z","fixed_in":"0.9.2"}]}},{"gotmls":{"vulnerabilities":[{"id":93241,"title":"Get Off Malicious Scripts - Cross-Site Scripting Vulnerability","secunia":"50030","created_at":"2014-08-01T10:51:22.562Z","updated_at":"2014-08-01T10:51:22.562Z","fixed_in":"1.2.07.20"}]}},{"cimy-user-extra-fields":{"vulnerabilities":[{"id":93242,"title":"Cimy User Extra Fields - Arbitrary File Upload Vulnerability","secunia":"49975","created_at":"2014-08-01T10:51:22.627Z","updated_at":"2014-08-01T10:51:22.627Z","fixed_in":"2.3.9"}]}},{"nmedia-user-file-uploader":{"vulnerabilities":[{"id":93243,"title":"Nmedia Users File Uploader - Arbitrary File Upload Vulnerability","secunia":"49996","created_at":"2014-08-01T10:51:22.688Z","updated_at":"2014-08-01T10:51:22.688Z","fixed_in":"2.0"}]}},{"wp-explorer-gallery":{"vulnerabilities":[{"id":93244,"title":"wp-explorer-gallery - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20251","created_at":"2014-08-01T10:51:22.750Z","updated_at":"2014-08-01T10:51:22.750Z"}]}},{"accordion":{"vulnerabilities":[{"id":93245,"title":"accordion - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20254","created_at":"2014-08-01T10:51:22.803Z","updated_at":"2014-08-01T10:51:22.803Z"}]}},{"wp-catpro":{"vulnerabilities":[{"id":93246,"title":"wp-catpro - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/20256","created_at":"2014-08-01T10:51:22.856Z","updated_at":"2014-08-01T10:51:22.856Z"}]}},{"RLSWordPressSearch":{"vulnerabilities":[{"id":93247,"title":"RLSWordPressSearch - register.php agentid Parameter SQL Injection","url":"http://packetstormsecurity.com/files/119938/","osvdb":"89824","created_at":"2014-08-01T10:51:22.912Z","updated_at":"2014-08-01T10:51:22.912Z"}]}},{"wordpress-simple-shout-box":{"vulnerabilities":[{"id":93248,"title":"wordpress-simple-shout-box - SQL Injection","url":"http://cxsecurity.com/issue/WLB-2013010235","created_at":"2014-08-01T10:51:22.964Z","updated_at":"2014-08-01T10:51:22.964Z"}]}},{"portfolio-slideshow-pro":{"vulnerabilities":[{"id":93249,"title":"portfolio-slideshow-pro v3 - SQL Injection","url":"http://cxsecurity.com/issue/WLB-2013010236","created_at":"2014-08-01T10:51:23.016Z","updated_at":"2014-08-01T10:51:23.016Z"}]}},{"simple-history":{"vulnerabilities":[{"id":93250,"title":"Simple History - RSS Feed \"rss_secret\" Disclosure Weakness","url":"http://www.securityfocus.com/bid/57628","osvdb":"89640","secunia":"51998","created_at":"2014-08-01T10:51:23.070Z","updated_at":"2014-08-01T10:51:23.070Z","fixed_in":"1.0.8"}]}},{"p1m-media-manager":{"vulnerabilities":[{"id":93251,"title":"p1m media manager - SQL Injection Vulnerability","url":"http://1337day.com/exploit/20270","created_at":"2014-08-01T10:51:23.136Z","updated_at":"2014-08-01T10:51:23.136Z"}]}},{"wp-table-reloaded":{"vulnerabilities":[{"id":93252,"title":"wp-table-reloaded \u003c= 1.9.3 - zeroclipboard.swf id Parameter XSS","url":"http://packetstormsecurity.com/files/119968/,http://seclists.org/bugtraq/2013/Feb/28,http://www.securityfocus.com/bid/57664","osvdb":"89754","cve":"2013-1463","secunia":"52027","created_at":"2014-08-01T10:51:23.195Z","updated_at":"2014-08-01T10:51:23.195Z","fixed_in":"1.9.4"}]}},{"wordpress-gallery":{"vulnerabilities":[{"id":93253,"title":"Gallery - \"load\" Remote File Inclusion Vulnerability","url":"http://www.securityfocus.com/bid/57650","osvdb":"89753","cve":"2012-4919","secunia":"51347","created_at":"2014-08-01T10:51:23.263Z","updated_at":"2014-08-01T10:51:23.263Z"}]}},{"forumconverter":{"vulnerabilities":[{"id":93254,"title":"ForumConverter - SQL Injection Vulnerability","url":"http://1337day.com/exploit/20275","created_at":"2014-08-01T10:51:23.340Z","updated_at":"2014-08-01T10:51:23.340Z"}]}},{"newsletter":{"vulnerabilities":[{"id":93255,"title":"Newsletter - SQL Injection Vulnerability","url":"http://1337day.com/exploit/20287","created_at":"2014-08-01T10:51:23.400Z","updated_at":"2014-08-01T10:51:23.400Z","fixed_in":"3.0.9"},{"id":93256,"title":"Newsletter 3.2.6 - \"alert\" Cross-Site Scripting Vulnerability","url":"http://packetstormsecurity.com/files/121634/,http://www.securityfocus.com/bid/59856,http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5141.php","osvdb":"93421","secunia":"53398","created_at":"2014-08-01T10:51:23.472Z","updated_at":"2014-08-01T10:51:23.472Z","fixed_in":"3.2.7"}]}},{"commentluv":{"vulnerabilities":[{"id":93257,"title":"CommentLuv 2.92.3 - Cross Site Scripting Vulnerability","url":"https://www.htbridge.com/advisory/HTB23138,http://packetstormsecurity.com/files/120090/,http://seclists.org/bugtraq/2013/Feb/30,http://cxsecurity.com/issue/WLB-2013020040","osvdb":"89925","cve":"2013-1409","secunia":"52092","created_at":"2014-08-01T10:51:23.541Z","updated_at":"2014-08-01T10:51:23.541Z","fixed_in":"2.92.4"}]}},{"wp-forum":{"vulnerabilities":[{"id":93258,"title":"wp-forum - SQL Injection","url":"http://cxsecurity.com/issue/WLB-2013020035","created_at":"2014-08-01T10:51:23.610Z","updated_at":"2014-08-01T10:51:23.610Z"}]}},{"wp-ecommerce-shop-styling":{"vulnerabilities":[{"id":93259,"title":"WP ecommerce Shop Styling 1.7.2 - generate-pdf.php dompdf Parameter Remote File Inclusion","osvdb":"89921","cve":"2013-0724","secunia":"51707","created_at":"2014-08-01T10:51:23.675Z","updated_at":"2014-08-01T10:51:23.675Z","fixed_in":"1.8"}]}},{"audio-player":{"vulnerabilities":[{"id":93260,"title":"Audio Player - player.swf playerID Parameter XSS","url":"http://packetstormsecurity.com/files/120129/,http://seclists.org/bugtraq/2013/Feb/35","osvdb":"89963","cve":"2013-1464","secunia":"52083","created_at":"2014-08-01T10:51:23.739Z","updated_at":"2014-08-01T10:51:23.739Z","fixed_in":"2.0.4.6"}]}},{"ckeditor-for-wordpress":{"vulnerabilities":[{"id":93261,"title":"CKEditor 4.0 - Arbitrary File Upload Exploit","url":"http://1337day.com/exploit/20318","created_at":"2014-08-01T10:51:23.800Z","updated_at":"2014-08-01T10:51:23.800Z"}]}},{"myftp-ftp-like-plugin-for-wordpress":{"vulnerabilities":[{"id":93262,"title":"myftp-ftp-like-plugin-for-wordpress v2 - SQL Injection","url":"http://cxsecurity.com/issue/WLB-2013020061","created_at":"2014-08-01T10:51:23.857Z","updated_at":"2014-08-01T10:51:23.857Z"}]}},{"password-protected":{"vulnerabilities":[{"id":93263,"title":"Password Protected 1.4 - Login Process redirect_to Parameter Arbitrary Site Redirect","osvdb":"90559","created_at":"2014-08-01T10:51:23.911Z","updated_at":"2014-08-01T10:51:23.911Z"}]}},{"contact-form-plugin":{"vulnerabilities":[{"id":93264,"title":"Contact Form 3.34 - contact_form.php cntctfrm_contact_message Parameter XSS","osvdb":"90502","secunia":"52179","created_at":"2014-08-01T10:51:23.965Z","updated_at":"2014-08-01T10:51:23.965Z","fixed_in":"3.35"},{"id":93265,"title":"Contact Form 3.36 - contact_form.php cntctfrm_contact_email Parameter XSS","osvdb":"90503","secunia":"52250","created_at":"2014-08-01T10:51:24.031Z","updated_at":"2014-08-01T10:51:24.031Z"}]}},{"smart-flv":{"vulnerabilities":[{"id":93266,"title":"smart-flv - jwplayer.swf XSS","url":"http://www.openwall.com/lists/oss-security/2013/02/24/7,http://packetstormsecurity.com/files/115100/","osvdb":"90606","cve":"2013-1765","created_at":"2014-08-01T10:51:24.084Z","updated_at":"2014-08-01T10:51:24.084Z"}]}},{"GoogleAlertandtwitterplugin":{"vulnerabilities":[{"id":93267,"title":"Google Alert And Twitter 3.1.5 - XSS Exploit, SQL Injection","url":"http://1337day.com/exploit/20433","created_at":"2014-08-01T10:51:24.135Z","updated_at":"2014-08-01T10:51:24.135Z"}]}},{"php-shell":{"vulnerabilities":[{"id":93268,"title":"PHP Shell Plugin","url":"https://github.com/wpscanteam/wpscan/issues/138,http://plugins.svn.wordpress.org/php-shell/trunk/shell.php","created_at":"2014-08-01T10:51:24.186Z","updated_at":"2014-08-01T10:51:24.186Z"}]}},{"marekkis-watermark":{"vulnerabilities":[{"id":93269,"title":"Marekkis Watermark 0.9.2 - wp-admin/options-general.php pfad Parameter XSS","url":"http://packetstormsecurity.com/files/120378/,http://seclists.org/bugtraq/2013/Feb/83","osvdb":"90362","cve":"2013-1758","secunia":"52227","created_at":"2014-08-01T10:51:24.235Z","updated_at":"2014-08-01T10:51:24.235Z"}]}},{"responsive-logo-slideshow":{"vulnerabilities":[{"id":93270,"title":"Responsive Logo Slideshow - URL and Image Field XSS","url":"http://packetstormsecurity.com/files/120379/,http://seclists.org/bugtraq/2013/Feb/84","osvdb":"90406","cve":"2013-1759","created_at":"2014-08-01T10:51:24.295Z","updated_at":"2014-08-01T10:51:24.295Z"}]}},{"zopim-live-chat":{"vulnerabilities":[{"id":93271,"title":"zopim-live-chat \u003c= 1.2.5 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","osvdb":"90374","cve":"2013-1808","created_at":"2014-08-01T10:51:24.355Z","updated_at":"2014-08-01T10:51:24.355Z"}]}},{"ed2k-link-selector":{"vulnerabilities":[{"id":93272,"title":"ed2k-link-selector \u003c= 1.1.7 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:24.409Z","updated_at":"2014-08-01T10:51:24.409Z"}]}},{"wppygments":{"vulnerabilities":[{"id":93273,"title":"wppygments \u003c= 0.3.2 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","osvdb":"90374","cve":"2013-1808","created_at":"2014-08-01T10:51:24.460Z","updated_at":"2014-08-01T10:51:24.460Z"}]}},{"copy-in-clipboard":{"vulnerabilities":[{"id":93274,"title":"copy-in-clipboard \u003c= 0.8 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:24.515Z","updated_at":"2014-08-01T10:51:24.515Z"}]}},{"search-and-share":{"vulnerabilities":[{"id":93275,"title":"search-and-share 0.9.3 - SearchAndShare.php Direct Request Path Disclosure","url":"http://packetstormsecurity.com/files/121595/,http://seclists.org/fulldisclosure/2013/May/49","osvdb":"93260","created_at":"2014-08-01T10:51:24.568Z","updated_at":"2014-08-01T10:51:24.568Z"},{"id":93276,"title":"search-and-share \u003c= 0.9.3 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:24.627Z","updated_at":"2014-08-01T10:51:24.627Z"}]}},{"placester":{"vulnerabilities":[{"id":93277,"title":"placester \u003c= 0.3.12 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:24.678Z","updated_at":"2014-08-01T10:51:24.678Z"}]}},{"drp-coupon":{"vulnerabilities":[{"id":93278,"title":"drp-coupon \u003c= 2.1 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:24.732Z","updated_at":"2014-08-01T10:51:24.732Z"}]}},{"coupon-code-plugin":{"vulnerabilities":[{"id":93279,"title":"coupon-code-plugin \u003c= 2.1 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:24.791Z","updated_at":"2014-08-01T10:51:24.791Z"}]}},{"q2w3-inc-manager":{"vulnerabilities":[{"id":93280,"title":"q2w3-inc-manager \u003c= 2.3.1 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:24.850Z","updated_at":"2014-08-01T10:51:24.850Z"}]}},{"scorerender":{"vulnerabilities":[{"id":93281,"title":"scorerender \u003c= 0.3.4 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:24.907Z","updated_at":"2014-08-01T10:51:24.907Z"}]}},{"wp-link-to-us":{"vulnerabilities":[{"id":93282,"title":"wp-link-to-us \u003c= 2.0 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:24.968Z","updated_at":"2014-08-01T10:51:24.968Z"}]}},{"buckets":{"vulnerabilities":[{"id":93283,"title":"buckets \u003c= 0.1.9.2 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.024Z","updated_at":"2014-08-01T10:51:25.024Z"}]}},{"java-trackback":{"vulnerabilities":[{"id":93284,"title":"java-trackback \u003c= 0.2 - XSS in ZeroClipboard","url":"http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.091Z","updated_at":"2014-08-01T10:51:25.091Z"}]}},{"slidedeck2":{"vulnerabilities":[{"id":93285,"title":"slidedeck2 2.3.3 - Unspecified File Inclusion","osvdb":"105132","created_at":"2014-08-01T10:51:25.159Z","updated_at":"2014-08-01T10:51:25.159Z","fixed_in":"2.3.5"},{"id":93286,"title":"slidedeck2 \u003c= 2.1.20130228 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.236Z","updated_at":"2014-08-01T10:51:25.236Z"}]}},{"wp-clone-by-wp-academy":{"vulnerabilities":[{"id":93287,"title":"wp-clone-by-wp-academy \u003c= 2.1.1 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.307Z","updated_at":"2014-08-01T10:51:25.307Z"}]}},{"tiny-url":{"vulnerabilities":[{"id":93288,"title":"tiny-url \u003c= 1.3.2 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.365Z","updated_at":"2014-08-01T10:51:25.365Z"}]}},{"thethe-layout-grid":{"vulnerabilities":[{"id":93289,"title":"thethe-layout-grid \u003c= 1.0.0 - XSS in ZeroClipboard.","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.420Z","updated_at":"2014-08-01T10:51:25.420Z"}]}},{"paypal-digital-goods-monetization-powered-by-cleeng":{"vulnerabilities":[{"id":93290,"title":"paypal-digital-goods-monetization-powered-by-cleeng \u003c= 2.2.13 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.472Z","updated_at":"2014-08-01T10:51:25.472Z"}]}},{"mobileview":{"vulnerabilities":[{"id":93291,"title":"mobileview \u003c= 1.0.7 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.526Z","updated_at":"2014-08-01T10:51:25.526Z"}]}},{"jaspreetchahals-coupons-lite":{"vulnerabilities":[{"id":93292,"title":"jaspreetchahals-coupons-lite \u003c= 2.1 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.590Z","updated_at":"2014-08-01T10:51:25.590Z"}]}},{"geshi-source-colorer":{"vulnerabilities":[{"id":93293,"title":"geshi-source-colorer \u003c= 0.13 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.654Z","updated_at":"2014-08-01T10:51:25.654Z"}]}},{"click-to-copy-grab-box":{"vulnerabilities":[{"id":93294,"title":"click-to-copy-grab-box \u003c= 0.1.1 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.715Z","updated_at":"2014-08-01T10:51:25.715Z"}]}},{"cleeng":{"vulnerabilities":[{"id":93295,"title":"cleeng \u003c= 2.3.2 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.768Z","updated_at":"2014-08-01T10:51:25.768Z"}]}},{"bp-code-snippets":{"vulnerabilities":[{"id":93296,"title":"bp-code-snippets \u003c= 2.0 - XSS in ZeroClipboard","url":"http://www.openwall.com/lists/oss-security/2013/03/10/2,http://1337day.com/exploit/20396","cve":"2013-1808","created_at":"2014-08-01T10:51:25.821Z","updated_at":"2014-08-01T10:51:25.821Z"}]}},{"snazzy-archives":{"vulnerabilities":[{"id":93297,"title":"snazzy-archives \u003c= 1.7.1 - swf/tagcloud.swf tagcloud Parameter XSS","url":"http://www.openwall.com/lists/oss-security/2013/03/10/3","osvdb":"91127","cve":"2009-4168","secunia":"52527","created_at":"2014-08-01T10:51:25.872Z","updated_at":"2014-08-01T10:51:25.872Z","fixed_in":"1.7.2"}]}},{"vkontakte-api":{"vulnerabilities":[{"id":93298,"title":"vkontakte-api - vkontakte-api/swf/tagcloud.swf tagcloud Parameter XSS","url":"http://seclists.org/oss-sec/2013/q1/616,http://www.openwall.com/lists/oss-security/2013/03/11/1","osvdb":"91128","cve":"2009-4168","secunia":"52539","created_at":"2014-08-01T10:51:25.953Z","updated_at":"2014-08-01T10:51:25.953Z"}]}},{"terillion-reviews":{"vulnerabilities":[{"id":93299,"title":"Terillion Reviews \u003c 1.2 - Profile Id Field XSS","url":"http://packetstormsecurity.com/files/120730/,http://www.securityfocus.com/bid/58415,http://xforce.iss.net/xforce/xfdb/82727","osvdb":"91123","cve":"2013-2501","created_at":"2014-08-01T10:51:26.035Z","updated_at":"2014-08-01T10:51:26.035Z"}]}},{"o2s-gallery":{"vulnerabilities":[{"id":93300,"title":"o2s-gallery - Cross Site Scripting Vulnerability","url":"http://1337day.com/exploit/20516","created_at":"2014-08-01T10:51:26.112Z","updated_at":"2014-08-01T10:51:26.112Z"}]}},{"bp-gallery":{"vulnerabilities":[{"id":93301,"title":"bp-gallery 1.2.5 - Cross Site Scripting Vulnerability","url":"http://1337day.com/exploit/20518","created_at":"2014-08-01T10:51:26.191Z","updated_at":"2014-08-01T10:51:26.191Z"}]}},{"simply-poll":{"vulnerabilities":[{"id":93302,"title":"Simply Poll 1.4.1 - wp-admin/admin.php question Parameter XSS","url":"http://packetstormsecurity.com/files/120833/","osvdb":"91446","exploitdb":"24850","created_at":"2014-08-01T10:51:26.270Z","updated_at":"2014-08-01T10:51:26.270Z"},{"id":93303,"title":"Simply Poll 1.4.1 - wp-admin/admin.php Poll Manipulation CSRF","url":"http://packetstormsecurity.com/files/120833/","osvdb":"91447","secunia":"52681","exploitdb":"24850","created_at":"2014-08-01T10:51:26.359Z","updated_at":"2014-08-01T10:51:26.359Z"}]}},{"occasions":{"vulnerabilities":[{"id":93304,"title":"Occasions 1.0.4 - Manipulation CSRF","url":"http://packetstormsecurity.com/files/120871/","osvdb":"91489","secunia":"52651","exploitdb":"24858","created_at":"2014-08-01T10:51:26.424Z","updated_at":"2014-08-01T10:51:26.424Z"},{"id":93305,"title":"Occasions 1.0.4 - occasions/occasions.php occ_content1 Parameter XSS","url":"http://packetstormsecurity.com/files/120871/","osvdb":"91490","exploitdb":"24858","created_at":"2014-08-01T10:51:26.484Z","updated_at":"2014-08-01T10:51:26.484Z"}]}},{"mathjax-latex":{"vulnerabilities":[{"id":93306,"title":"Mathjax Latex 1.1 - Setting Manipulation CSRF","url":"http://packetstormsecurity.com/files/120931/,http://1337day.com/exploit/20566","osvdb":"91737","exploitdb":"24889","created_at":"2014-08-01T10:51:26.549Z","updated_at":"2014-08-01T10:51:26.549Z","fixed_in":"1.2"}]}},{"wp-banners-lite":{"vulnerabilities":[{"id":93307,"title":"WP-Banners-Lite 1.4.0 - XSS vulnerability","url":"http://packetstormsecurity.com/files/120928/,http://seclists.org/fulldisclosure/2013/Mar/209,http://threatpost.com/en_us/blogs/xss-flaw-wordpress-plugin-allows-injection-malicious-code-032513","created_at":"2014-08-01T10:51:26.621Z","updated_at":"2014-08-01T10:51:26.621Z"}]}},{"backupbuddy":{"vulnerabilities":[{"id":93308,"title":"Backupbuddy - importbuddy.php Direct Request Remote Backup File Disclosure","url":"http://packetstormsecurity.com/files/120923/,http://seclists.org/fulldisclosure/2013/Mar/206","osvdb":"91631","cve":"2013-2741","created_at":"2014-08-01T10:51:26.684Z","updated_at":"2014-08-01T10:51:26.684Z"},{"id":93309,"title":"Backupbuddy - importbuddy.php step Parameter Manipulation Authentication Bypass","url":"http://packetstormsecurity.com/files/120923/,http://seclists.org/fulldisclosure/2013/Mar/206","osvdb":"91890","cve":"2013-2743","created_at":"2014-08-01T10:51:26.744Z","updated_at":"2014-08-01T10:51:26.744Z"},{"id":93310,"title":"Backupbuddy - importbuddy.php step Parameter Remote PHP Information Disclosure","url":"http://packetstormsecurity.com/files/120923/,http://seclists.org/fulldisclosure/2013/Mar/206,http://archives.neohapsis.com/archives/fulldisclosure/2013-03/0205.html","osvdb":"91891","cve":"2013-2744","created_at":"2014-08-01T10:51:26.800Z","updated_at":"2014-08-01T10:51:26.800Z"},{"id":93311,"title":"Backupbuddy - importbuddy.php Restore Operation Persistence Weakness","url":"http://packetstormsecurity.com/files/120923/,http://seclists.org/fulldisclosure/2013/Mar/206","osvdb":"91892","cve":"2013-2742","created_at":"2014-08-01T10:51:26.861Z","updated_at":"2014-08-01T10:51:26.861Z"}]}},{"wp-funeral-press":{"vulnerabilities":[{"id":93312,"title":"FuneralPress 1.1.6 - Persistent XSS","url":"http://seclists.org/fulldisclosure/2013/Mar/282","osvdb":"91868","cve":"2013-3529","exploitdb":"24914","created_at":"2014-08-01T10:51:26.926Z","updated_at":"2014-08-01T10:51:26.926Z"}]}},{"chikuncount":{"vulnerabilities":[{"id":93313,"title":"chikuncount - ofc_upload_image.php Arbitrary File Upload Vulnerability","exploitdb":"24492","created_at":"2014-08-01T10:51:26.988Z","updated_at":"2014-08-01T10:51:26.988Z","metasploit":"exploit/unix/webapp/open_flash_chart_upload_exec"}]}},{"open-flash-chart-core-wordpress-plugin":{"vulnerabilities":[{"id":93314,"title":"open-flash-chart-core - ofc_upload_image.php Arbitrary File Upload Vulnerability","cve":"2009-4140","secunia":"37903","exploitdb":"24492","created_at":"2014-08-01T10:51:27.062Z","updated_at":"2014-08-01T10:51:27.062Z","metasploit":"exploit/unix/webapp/open_flash_chart_upload_exec","fixed_in":"0.5"}]}},{"spamtask":{"vulnerabilities":[{"id":93315,"title":"spamtask - ofc_upload_image.php Arbitrary File Upload Vulnerability","exploitdb":"24492","created_at":"2014-08-01T10:51:27.145Z","updated_at":"2014-08-01T10:51:27.145Z","metasploit":"exploit/unix/webapp/open_flash_chart_upload_exec"}]}},{"php-analytics":{"vulnerabilities":[{"id":93316,"title":"php-analytics - ofc_upload_image.php Arbitrary File Upload Vulnerability","exploitdb":"24492","created_at":"2014-08-01T10:51:27.202Z","updated_at":"2014-08-01T10:51:27.202Z","metasploit":"exploit/unix/webapp/open_flash_chart_upload_exec"}]}},{"seo-spy-google-wordpress-plugin":{"vulnerabilities":[{"id":93317,"title":"seo-spy-google - ofc_upload_image.php Arbitrary File Upload Vulnerability","exploitdb":"24492","created_at":"2014-08-01T10:51:27.257Z","updated_at":"2014-08-01T10:51:27.257Z","metasploit":"exploit/unix/webapp/open_flash_chart_upload_exec"}]}},{"wp-seo-spy-google":{"vulnerabilities":[{"id":93318,"title":"wp-seo-spy-google - ofc_upload_image.php Arbitrary File Upload Vulnerability","exploitdb":"24492","created_at":"2014-08-01T10:51:27.335Z","updated_at":"2014-08-01T10:51:27.335Z","metasploit":"exploit/unix/webapp/open_flash_chart_upload_exec"}]}},{"podpress":{"vulnerabilities":[{"id":93319,"title":"podPress 8.8.10.13 - players/1pixelout/1pixelout_player.swf playerID Parameter XSS","url":"http://packetstormsecurity.com/files/121011/","osvdb":"91129","cve":"2013-2714","secunia":"52544","created_at":"2014-08-01T10:51:27.392Z","updated_at":"2014-08-01T10:51:27.392Z","fixed_in":"8.8.10.17"}]}},{"fbsurveypro":{"vulnerabilities":[{"id":93320,"title":"fbsurveypro - XSS Vulnerability","url":"http://1337day.com/exploit/20623","created_at":"2014-08-01T10:51:27.464Z","updated_at":"2014-08-01T10:51:27.464Z"}]}},{"timelineoptinpro":{"vulnerabilities":[{"id":93321,"title":"timelineoptinpro - XSS Vulnerability","url":"http://1337day.com/exploit/20620","created_at":"2014-08-01T10:51:27.528Z","updated_at":"2014-08-01T10:51:27.528Z"}]}},{"kioskprox":{"vulnerabilities":[{"id":93322,"title":"kioskprox - XSS Vulnerability","url":"http://1337day.com/exploit/20624","created_at":"2014-08-01T10:51:27.587Z","updated_at":"2014-08-01T10:51:27.587Z"}]}},{"bigcontact":{"vulnerabilities":[{"id":93323,"title":"bigcontact - SQLI","url":"http://plugins.trac.wordpress.org/changeset/689798","created_at":"2014-08-01T10:51:27.648Z","updated_at":"2014-08-01T10:51:27.648Z","fixed_in":"1.4.7"}]}},{"drawblog":{"vulnerabilities":[{"id":93324,"title":"drawblog - CSRF","url":"http://plugins.trac.wordpress.org/changeset/691178","created_at":"2014-08-01T10:51:27.715Z","updated_at":"2014-08-01T10:51:27.715Z","fixed_in":"0.81"}]}},{"social-media-widget":{"vulnerabilities":[{"id":93325,"title":"Social Media Widget - malicious code","url":"https://plugins.trac.wordpress.org/changeset?reponame=\u0026old=691839@social-media-widget/trunk\u0026new=693941@social-media-widget/trunk,http://slashdot.org/submission/2592777/top-wordpress-widget-sold-off-turned-into-seo-spambot","created_at":"2014-08-01T10:51:27.783Z","updated_at":"2014-08-01T10:51:27.783Z","fixed_in":"4.0.2"},{"id":93326,"title":"Social Media Widget 4.0 - social-widget.php MITM Weakness Arbitrary Code Injection","url":"http://seclists.org/oss-sec/2013/q2/10","osvdb":"92312","cve":"2013-1949","secunia":"53020","created_at":"2014-08-01T10:51:27.850Z","updated_at":"2014-08-01T10:51:27.850Z","fixed_in":"4.0.1"}]}},{"facebook-members":{"vulnerabilities":[{"id":93327,"title":"facebook-members 5.0.4 - Setting Manipulation CSRF","osvdb":"92642","cve":"2013-2703","secunia":"52962","created_at":"2014-08-01T10:51:27.913Z","updated_at":"2014-08-01T10:51:27.913Z","fixed_in":"5.0.5"}]}},{"foursquare-checkins":{"vulnerabilities":[{"id":93328,"title":"foursquare-checkins - CSRF","osvdb":"92641","cve":"2013-2709","secunia":"53151","created_at":"2014-08-01T10:51:27.977Z","updated_at":"2014-08-01T10:51:27.977Z","fixed_in":"1.3"}]}},{"formidable":{"vulnerabilities":[{"id":93329,"title":"Formidable Forms 1.06.03 - ofc_upload_image.php Shell Upload Remote Code Execution","url":"http://www.securityfocus.com/bid/67390,http://packetstormsecurity.com/files/126583/","osvdb":"106985","created_at":"2014-08-01T10:51:28.055Z","updated_at":"2014-08-01T10:51:28.055Z"},{"id":93330,"title":"formidable Pro - Unspecified Vulnerabilities","secunia":"53121","created_at":"2014-08-01T10:51:28.116Z","updated_at":"2014-08-01T10:51:28.116Z","fixed_in":"1.06.09"}]}},{"all-in-one-webmaster":{"vulnerabilities":[{"id":93331,"title":"All in one webmaster 8.2.3 - Script Insertion CSRF","osvdb":"92640","cve":"2013-2696","secunia":"52877","created_at":"2014-08-01T10:51:28.183Z","updated_at":"2014-08-01T10:51:28.183Z","fixed_in":"8.2.4"}]}},{"background-music":{"vulnerabilities":[{"id":93332,"title":"background-music 1.0 - jPlayer.swf XSS","secunia":"53057","created_at":"2014-08-01T10:51:28.249Z","updated_at":"2014-08-01T10:51:28.249Z"}]}},{"haiku-minimalist-audio-player":{"vulnerabilities":[{"id":93333,"title":"haiku-minimalist-audio-player \u003c= 1.1.0 - jPlayer.swf XSS","osvdb":"92254","secunia":"51336","created_at":"2014-08-01T10:51:28.316Z","updated_at":"2014-08-01T10:51:28.316Z","fixed_in":"1.1.0"}]}},{"jammer":{"vulnerabilities":[{"id":93334,"title":"jammer \u003c= 0.2 - jPlayer.swf XSS","osvdb":"92254","secunia":"53106","created_at":"2014-08-01T10:51:28.392Z","updated_at":"2014-08-01T10:51:28.392Z"}]}},{"syntaxhighlighter":{"vulnerabilities":[{"id":93335,"title":"SyntaxHighlighter Evolved 3.1.9 - Unspecified XSS","osvdb":"106587","created_at":"2014-08-01T10:51:28.477Z","updated_at":"2014-08-01T10:51:28.477Z","fixed_in":"3.1.10"},{"id":93336,"title":"SyntaxHighlighter Evolved 3.1.5 - clipboard.swf Unspecified XSS","osvdb":"92848","secunia":"53235","created_at":"2014-08-01T10:51:28.539Z","updated_at":"2014-08-01T10:51:28.539Z","fixed_in":"3.1.6"}]}},{"top-10":{"vulnerabilities":[{"id":93337,"title":"top-10 1.9.2 - Setting Manipulation CSRF","osvdb":"92849","secunia":"53205","created_at":"2014-08-01T10:51:28.605Z","updated_at":"2014-08-01T10:51:28.605Z","fixed_in":"1.9.3"}]}},{"easy-adsense-lite":{"vulnerabilities":[{"id":93338,"title":"Easy AdSense Lite 6.06 - Setting Manipulation CSRF","osvdb":"92910","cve":"2013-2702","secunia":"52953","created_at":"2014-08-01T10:51:28.665Z","updated_at":"2014-08-01T10:51:28.665Z","fixed_in":"6.10"}]}},{"uk-cookie":{"vulnerabilities":[{"id":93339,"title":"uk-cookie - XSS","url":"http://seclists.org/bugtraq/2012/Nov/50","osvdb":"87561","cve":"2012-5856","created_at":"2014-08-01T10:51:28.733Z","updated_at":"2014-08-01T10:51:28.733Z"},{"id":93340,"title":"uk-cookie - CSRF","url":"http://www.openwall.com/lists/oss-security/2013/06/06/10","osvdb":"94032","cve":"2013-2180","created_at":"2014-08-01T10:51:28.796Z","updated_at":"2014-08-01T10:51:28.796Z"}]}},{"wp-cleanfix":{"vulnerabilities":[{"id":93341,"title":"wp-cleanfix - Remote Command Execution, CSRF and XSS","url":"https://github.com/wpscanteam/wpscan/issues/186,http://wordpress.org/support/topic/plugin-wp-cleanfix-remote-code-execution-warning","osvdb":"93450,93468","cve":"2013-2108,2013-2109","secunia":"53395","created_at":"2014-08-01T10:51:28.874Z","updated_at":"2014-08-01T10:51:28.874Z","fixed_in":"3.0.2"}]}},{"mail-on-update":{"vulnerabilities":[{"id":93342,"title":"Mail On Update 5.1.0 - Email Option Manipulation CSRF","url":"http://www.openwall.com/lists/oss-security/2013/05/16/8","osvdb":"93452","secunia":"53449","created_at":"2014-08-01T10:51:28.966Z","updated_at":"2014-08-01T10:51:28.966Z","fixed_in":"5.2.0"}]}},{"advanced-xml-reader":{"vulnerabilities":[{"id":93343,"title":"Advanced XML Reader 0.3.4 - XML External Entity (XXE) Injection","url":"http://packetstormsecurity.com/files/121492/","created_at":"2014-08-01T10:51:29.037Z","updated_at":"2014-08-01T10:51:29.037Z"},{"id":93344,"title":"Advanced XML Reader 0.1.1 - XML External Entity (XXE) Data Parsing Arbitrary File Disclosure","url":"http://seclists.org/bugtraq/2013/May/5","osvdb":"92904","created_at":"2014-08-01T10:51:29.105Z","updated_at":"2014-08-01T10:51:29.105Z"}]}},{"related-posts-by-zemanta":{"vulnerabilities":[{"id":93345,"title":"Related Posts by Zemanta 1.3.1 - Cross-Site Request Forgery Vulnerability","osvdb":"93364","cve":"2013-3477","secunia":"53321","created_at":"2014-08-01T10:51:29.168Z","updated_at":"2014-08-01T10:51:29.168Z","fixed_in":"1.3.2"}]}},{"wordpress-23-related-posts-plugin":{"vulnerabilities":[{"id":93346,"title":"WordPress Related Posts 2.6.1 - Cross-Site Request Forgery Vulnerability","osvdb":"93362","cve":"2013-3476","secunia":"53279","created_at":"2014-08-01T10:51:29.245Z","updated_at":"2014-08-01T10:51:29.245Z","fixed_in":"2.7.2"}]}},{"related-posts":{"vulnerabilities":[{"id":93347,"title":"Related Posts 2.7.1 - Cross-Site Request Forgery Vulnerability","url":"http://www.securityfocus.com/bid/59836","osvdb":"93363","cve":"2013-3257","secunia":"53122","created_at":"2014-08-01T10:51:29.335Z","updated_at":"2014-08-01T10:51:29.335Z","fixed_in":"2.7.2"}]}},{"wp-print-friendly":{"vulnerabilities":[{"id":93348,"title":"WP Print Friendly 3.3.7 - wp-admin/options.php printfriendly_option custom_image Parameter XSS","url":"http://packetstormsecurity.com/files/125420/","osvdb":"103874","created_at":"2014-08-01T10:51:29.401Z","updated_at":"2014-08-01T10:51:29.401Z","fixed_in":"0.5.3"},{"id":93349,"title":"WP Print Friendly \u003c= 0.5.2 - Security Bypass Vulnerability","osvdb":"93243","secunia":"53371","created_at":"2014-08-01T10:51:29.472Z","updated_at":"2014-08-01T10:51:29.472Z","fixed_in":"0.5.3"}]}},{"contextual-related-posts":{"vulnerabilities":[{"id":93350,"title":"Contextual Related Posts 1.8.10.1 - contextual-related-posts.php Multiple Parameter SQL Injection","url":"http://www.securityfocus.com/bid/67853","osvdb":"104655","cve":"2014-3937","created_at":"2014-08-01T10:51:29.544Z","updated_at":"2014-08-01T10:51:29.544Z","fixed_in":"1.8.10.2"},{"id":93351,"title":"Contextual Related Posts 1.8.6 - Cross-Site Request Forgery Vulnerability","osvdb":"93088","cve":"2013-2710","secunia":"52960","created_at":"2014-08-01T10:51:29.610Z","updated_at":"2014-08-01T10:51:29.610Z","fixed_in":"1.8.7"}]}},{"calendar":{"vulnerabilities":[{"id":93352,"title":"Calendar 1.3.2 - Entry Addition CSRF","osvdb":"93025","cve":"2013-2698","secunia":"52841","created_at":"2014-08-01T10:51:29.672Z","updated_at":"2014-08-01T10:51:29.672Z","fixed_in":"1.3.3"}]}},{"feedweb":{"vulnerabilities":[{"id":93353,"title":"Feedweb 2.4 - feedweb_settings.php _wp_http_referer Parameter DOM-based XSS","url":"http://www.securityfocus.com/bid/65800","osvdb":"103788","secunia":"57108","created_at":"2014-08-01T10:51:29.736Z","updated_at":"2014-08-01T10:51:29.736Z"},{"id":93354,"title":"Feedweb 1.8.8 - widget_remove.php wp_post_id Parameter XSS","url":"http://www.securityfocus.com/bid/58771","osvdb":"91951","cve":"2013-3720","secunia":"52855","created_at":"2014-08-01T10:51:29.801Z","updated_at":"2014-08-01T10:51:29.801Z","fixed_in":"1.9"}]}},{"wp-print":{"vulnerabilities":[{"id":93355,"title":"WP-Print 2.51 - Setting Manipulation CSRF","url":"http://www.securityfocus.com/bid/58900","osvdb":"92053","cve":"2013-2693","secunia":"52878","created_at":"2014-08-01T10:51:29.873Z","updated_at":"2014-08-01T10:51:29.873Z","fixed_in":"2.52"}]}},{"trafficanalyzer":{"vulnerabilities":[{"id":93356,"title":"Traffic Analyzer 3.3.2 - js/ta_loaded.js.php aoid Parameter XSS","url":"http://packetstormsecurity.com/files/121167/","osvdb":"92197","cve":"2013-3526","secunia":"52929","created_at":"2014-08-01T10:51:29.939Z","updated_at":"2014-08-01T10:51:29.939Z"}]}},{"wp-download-manager":{"vulnerabilities":[{"id":93357,"title":"WP-DownloadManager 1.60 - Script Insertion CSRF","url":"http://www.securityfocus.com/bid/58937","osvdb":"92119","cve":"2013-2697","secunia":"52863","created_at":"2014-08-01T10:51:29.993Z","updated_at":"2014-08-01T10:51:29.993Z","fixed_in":"1.61"}]}},{"digg-digg":{"vulnerabilities":[{"id":93358,"title":"Digg Digg 5.3.4 - Setting Manipulation CSRF","url":"http://www.securityfocus.com/bid/60046,http://xforce.iss.net/xforce/xfdb/84418","osvdb":"93544","cve":"2013-3258","secunia":"53120","created_at":"2014-08-01T10:51:30.065Z","updated_at":"2014-08-01T10:51:30.065Z","fixed_in":"5.3.5"}]}},{"ssquiz":{"vulnerabilities":[{"id":93359,"title":"SS Quiz - Multiple Unspecified Vulnerabilities","url":"http://wordpress.org/plugins/ssquiz/changelog/","osvdb":"93531","secunia":"53378","created_at":"2014-08-01T10:51:30.150Z","updated_at":"2014-08-01T10:51:30.150Z","fixed_in":"2.0"}]}},{"funcaptcha":{"vulnerabilities":[{"id":93360,"title":"FunCaptcha 0.3.2- Setting Manipulation CSRF","url":"http://wordpress.org/extend/plugins/funcaptcha/changelog/","osvdb":"92272","secunia":"53021","created_at":"2014-08-01T10:51:30.228Z","updated_at":"2014-08-01T10:51:30.228Z","fixed_in":"0.3.3"},{"id":93361,"title":"FunCaptcha 0.4.3 - wp_funcaptcha_admin_activate.php URI XSS","osvdb":"100392","secunia":"55863","created_at":"2014-08-01T10:51:30.303Z","updated_at":"2014-08-01T10:51:30.303Z","fixed_in":"0.4.4"}]}},{"xili-language":{"vulnerabilities":[{"id":93362,"title":"xili-language - index.php lang Parameter XSS","osvdb":"93233","secunia":"53364","created_at":"2014-08-01T10:51:30.376Z","updated_at":"2014-08-01T10:51:30.376Z","fixed_in":"2.8.6"}]}},{"wordpress-seo":{"vulnerabilities":[{"id":93363,"title":"WordPress SEO - Security issue which allowed any user to reset settings","url":"http://wordpress.org/plugins/wordpress-seo/changelog/","created_at":"2014-08-01T10:51:30.438Z","updated_at":"2014-08-01T10:51:30.438Z","fixed_in":"1.4.5"},{"id":93364,"title":"WordPress SEO 1.14.15 - index.php s Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123028/","osvdb":"97885","created_at":"2014-08-01T10:51:30.501Z","updated_at":"2014-08-01T10:51:30.501Z"},{"id":93365,"title":"WordPress SEO 1.4.6 - Reset Settings Feature Access Restriction Bypass","osvdb":"92147","secunia":"52949","created_at":"2014-08-01T10:51:30.558Z","updated_at":"2014-08-01T10:51:30.558Z"}]}},{"underconstruction":{"vulnerabilities":[{"id":93366,"title":"Under Construction 1.09 - Authenticated Single Page Viewing Unspecified Issue","osvdb":"102507","created_at":"2014-08-01T10:51:30.614Z","updated_at":"2014-08-01T10:51:30.614Z","fixed_in":"1.10"},{"id":93367,"title":"Under Construction 1.08 - Setting Manipulation CSRF","url":"http://wordpress.org/plugins/underconstruction/changelog/","osvdb":"93857","cve":"2013-2699","secunia":"52881","created_at":"2014-08-01T10:51:30.676Z","updated_at":"2014-08-01T10:51:30.676Z","fixed_in":"1.09"}]}},{"adif-log-search-widget":{"vulnerabilities":[{"id":93368,"title":"ADIF Log Search Widget - XSS Arbitrary Vulnerability","url":"http://packetstormsecurity.com/files/121777/","osvdb":"93721","secunia":"53599","created_at":"2014-08-01T10:51:30.746Z","updated_at":"2014-08-01T10:51:30.746Z"}]}},{"exploit-scanner":{"vulnerabilities":[{"id":93369,"title":"Exploit Scanner - FPD and Security bypass vulnerabilities","url":"http://seclists.org/fulldisclosure/2013/May/216","osvdb":"93799","created_at":"2014-08-01T10:51:30.798Z","updated_at":"2014-08-01T10:51:30.798Z"}]}},{"ga-universal":{"vulnerabilities":[{"id":93370,"title":"GA Universal 1.0 - Setting Manipulation CSRF","url":"http://wordpress.org/plugins/ga-universal/changelog/","osvdb":"92237","secunia":"52976","created_at":"2014-08-01T10:51:30.850Z","updated_at":"2014-08-01T10:51:30.850Z","fixed_in":"1.0.1"}]}},{"export-to-text":{"vulnerabilities":[{"id":93371,"title":"Export to text - Remote File Inclusion Vulnerability","osvdb":"93715","secunia":"51348","created_at":"2014-08-01T10:51:30.915Z","updated_at":"2014-08-01T10:51:30.915Z","fixed_in":"2.3"}]}},{"qtranslate":{"vulnerabilities":[{"id":93372,"title":"qTranslate 2.5.34 - Setting Manipulation CSRF","osvdb":"93873","cve":"2013-3251","secunia":"53126","created_at":"2014-08-01T10:51:30.981Z","updated_at":"2014-08-01T10:51:30.981Z"}]}},{"image-slider-with-description":{"vulnerabilities":[{"id":93373,"title":"Image slider with description - Unspecified Vulnerability","osvdb":"93691","secunia":"53588","created_at":"2014-08-01T10:51:31.034Z","updated_at":"2014-08-01T10:51:31.034Z","fixed_in":"7.0"}]}},{"user-role-editor":{"vulnerabilities":[{"id":93374,"title":"User Role Editor - Cross-Site Request Forgery Vulnerability","osvdb":"93699","secunia":"53593","exploitdb":"25721","created_at":"2014-08-01T10:51:31.099Z","updated_at":"2014-08-01T10:51:31.099Z","fixed_in":"3.14"}]}},{"eelv-newsletter":{"vulnerabilities":[{"id":93375,"title":"EELV Newsletter 3.4.3 - lettreinfo.php Unspecified XSS","osvdb":"104875","created_at":"2014-08-01T10:51:31.164Z","updated_at":"2014-08-01T10:51:31.164Z","fixed_in":"3.5.0"},{"id":93376,"title":"EELV Newsletter - Cross-Site Scripting Vulnerability","osvdb":"93685","secunia":"53546","created_at":"2014-08-01T10:51:31.229Z","updated_at":"2014-08-01T10:51:31.229Z","fixed_in":"3.3.1"}]}},{"frontier-post":{"vulnerabilities":[{"id":93377,"title":"Frontier Post - Publishing Posts Security Bypass","osvdb":"93639","secunia":"53474","created_at":"2014-08-01T10:51:31.306Z","updated_at":"2014-08-01T10:51:31.306Z"}]}},{"spider-catalog":{"vulnerabilities":[{"id":93378,"title":"Spider Catalog - Cross-Site Scripting and SQL Injection Vulnerabilities","osvdb":"93591,93593,93594,93595,93596,93597,93598","secunia":"53491","created_at":"2014-08-01T10:51:31.364Z","updated_at":"2014-08-01T10:51:31.364Z"}]}},{"spider-event-calendar":{"vulnerabilities":[{"id":93379,"title":"Spider Event Calendar - Security Bypass, Cross-Site Scripting and SQLi Vulnerabilities","osvdb":"93582,93583,93584,93585,93586,93587,93588","secunia":"53481","created_at":"2014-08-01T10:51:31.418Z","updated_at":"2014-08-01T10:51:31.418Z"}]}},{"antivirus":{"vulnerabilities":[{"id":93380,"title":"AntiVirus 1.0 - PHP Backdoor Detection Bypass","url":"http://packetstormsecurity.com/files/121833/,http://seclists.org/fulldisclosure/2013/Jun/0","osvdb":"95134","created_at":"2014-08-01T10:51:31.470Z","updated_at":"2014-08-01T10:51:31.470Z"},{"id":93381,"title":"AntiVirus 1.0 - uninstall.php Direct Request Path Disclosure","url":"http://packetstormsecurity.com/files/121833/,http://seclists.org/fulldisclosure/2013/Jun/0","osvdb":"95135","created_at":"2014-08-01T10:51:31.534Z","updated_at":"2014-08-01T10:51:31.534Z","fixed_in":"1.1"}]}},{"wp-maintenance-mode":{"vulnerabilities":[{"id":93382,"title":"WP Maintenance Mode 1.8.7 - Setting Manipulation CSRF","osvdb":"94450","cve":"2013-3250","secunia":"53125","created_at":"2014-08-01T10:51:31.598Z","updated_at":"2014-08-01T10:51:31.598Z","fixed_in":"1.8.8"}]}},{"ultimate-auction":{"vulnerabilities":[{"id":93383,"title":"Ultimate Auction 1.0 - CSRF Vulnerability","osvdb":"94407","exploitdb":"26240","created_at":"2014-08-01T10:51:31.670Z","updated_at":"2014-08-01T10:51:31.670Z"}]}},{"mapsmarker":{"vulnerabilities":[{"id":93384,"title":"Leaflet Maps Marker - Multiple security issues","url":"http://www.mapsmarker.com/2012/06/06/leaflet-maps-marker-v2-4-is-available/","secunia":"49845","created_at":"2014-08-01T10:51:31.724Z","updated_at":"2014-08-01T10:51:31.724Z","fixed_in":"2.4"},{"id":93385,"title":"Leaflet Maps Marker - Tag Multiple Parameter SQL Injection","url":"http://www.mapsmarker.com/2013/05/24/v3-5-4-with-lots-of-translation-updates-bugfixes-is-available/","osvdb":"94388","secunia":"53855","created_at":"2014-08-01T10:51:31.790Z","updated_at":"2014-08-01T10:51:31.790Z","fixed_in":"3.5.4"}]}},{"leaflet-maps-marker-pro":{"vulnerabilities":[{"id":93386,"title":"Leaflet Maps Marker Pro - SQLI, XSS, Shell Upload, file delete","url":"http://www.mapsmarker.com/2014/03/26/pro-v1-5-8-with-wordpress-3-9-compatibility-improvements-based-on-a-security-audit-by-the-city-of-vienna-is-available/","created_at":"2014-08-01T10:51:31.877Z","updated_at":"2014-08-01T10:51:31.877Z","fixed_in":"1.5.8"}]}},{"xorbin-analog-flash-clock":{"vulnerabilities":[{"id":93387,"title":"Xorbin Analog Flash Clock 1.0 - Flash-based XSS","url":"http://packetstormsecurity.com/files/122222/","cve":"2013-4692","created_at":"2014-08-01T10:51:31.943Z","updated_at":"2014-08-01T10:51:31.943Z"}]}},{"xorbin-digital-flash-clock":{"vulnerabilities":[{"id":93388,"title":"Xorbin Digital Flash Clock 1.0 - Flash-based XSS","url":"http://packetstormsecurity.com/files/122223/","cve":"2013-4693","created_at":"2014-08-01T10:51:31.999Z","updated_at":"2014-08-01T10:51:31.999Z"}]}},{"dropdown-menu-widget":{"vulnerabilities":[{"id":93389,"title":"Dropdown Menu Widget 1.9.1 - Script Insertion CSRF","osvdb":"94771","cve":"2013-2704","secunia":"52958","created_at":"2014-08-01T10:51:32.059Z","updated_at":"2014-08-01T10:51:32.059Z"}]}},{"buddypress-extended-friendship-request":{"vulnerabilities":[{"id":93390,"title":"BuddyPress Extended Friendship Request - wp-admin/admin-ajax.php friendship_request_message Parameter XSS","osvdb":"94807","cve":"2013-4944","secunia":"54048","created_at":"2014-08-01T10:51:32.112Z","updated_at":"2014-08-01T10:51:32.112Z","fixed_in":"1.0.2"}]}},{"wp-private-messages":{"vulnerabilities":[{"id":93391,"title":"wp-private-messages - /wp-admin/profile.php msgid Parameter SQL Injection","osvdb":"94702","created_at":"2014-08-01T10:51:32.180Z","updated_at":"2014-08-01T10:51:32.180Z"}]}},{"stream-video-player":{"vulnerabilities":[{"id":93392,"title":"Stream Video Player \u003c= 1.4.0 - Setting Manipulation CSRF","osvdb":"94466","cve":"2013-2706","secunia":"52954","created_at":"2014-08-01T10:51:32.237Z","updated_at":"2014-08-01T10:51:32.237Z"}]}},{"duplicator":{"vulnerabilities":[{"id":93393,"title":"Duplicator - installer.cleanup.php package Parameter XSS","url":"http://packetstormsecurity.com/files/122535/","osvdb":"95627","cve":"2013-4625","created_at":"2014-08-01T10:51:32.302Z","updated_at":"2014-08-01T10:51:32.302Z","fixed_in":"0.4.5"}]}},{"citizen-space":{"vulnerabilities":[{"id":93394,"title":"Citizen Space 1.0 - Script Insertion CSRF","osvdb":"95570","secunia":"54256","created_at":"2014-08-01T10:51:32.366Z","updated_at":"2014-08-01T10:51:32.366Z","fixed_in":"1.1"}]}},{"spicy-blogroll":{"vulnerabilities":[{"id":93395,"title":"Spicy Blogroll - spicy-blogroll-ajax.php Multiple Parameter Remote File Inclusion","url":"http://packetstormsecurity.com/files/122396/","osvdb":"95557","exploitdb":"26804","created_at":"2014-08-01T10:51:32.433Z","updated_at":"2014-08-01T10:51:32.433Z"}]}},{"pie-register":{"vulnerabilities":[{"id":93396,"title":"Pie Register - wp-login.php Multiple Parameter XSS","url":"http://www.securityfocus.com/bid/61140,http://xforce.iss.net/xforce/xfdb/85604","osvdb":"95160","cve":"2013-4954","secunia":"54123","created_at":"2014-08-01T10:51:32.486Z","updated_at":"2014-08-01T10:51:32.486Z","fixed_in":"1.31"}]}},{"xhanch-my-twitter":{"vulnerabilities":[{"id":93397,"title":"Xhanch my Twitter - CSRF in admin/setting.php","osvdb":"96027","cve":"2013-3253","secunia":"53133","created_at":"2014-08-01T10:51:32.553Z","updated_at":"2014-08-01T10:51:32.553Z","fixed_in":"2.7.7"}]}},{"sexybookmarks":{"vulnerabilities":[{"id":93398,"title":"SexyBookmarks - Setting Manipulation CSRF","osvdb":"95908","cve":"2013-3256","secunia":"53138","created_at":"2014-08-01T10:51:32.618Z","updated_at":"2014-08-01T10:51:32.618Z","fixed_in":"6.1.5.0"}]}},{"hms-testimonials":{"vulnerabilities":[{"id":93399,"title":"HMS Testimonials 2.0.10 - CSRF","url":"http://wordpress.org/plugins/hms-testimonials/changelog/,http://packetstormsecurity.com/files/122761/","osvdb":"96107,96108,96109,96110,96111","cve":"2013-4240","secunia":"54402","exploitdb":"27531","created_at":"2014-08-01T10:51:32.681Z","updated_at":"2014-08-01T10:51:32.681Z","fixed_in":"2.0.11"},{"id":93400,"title":"HMS Testimonials 2.0.10 - XSS","url":"http://wordpress.org/plugins/hms-testimonials/changelog/,http://packetstormsecurity.com/files/122761/","osvdb":"96107,96108,96109,96110,96111","cve":"2013-4241","secunia":"54402","exploitdb":"27531","created_at":"2014-08-01T10:51:32.746Z","updated_at":"2014-08-01T10:51:32.746Z","fixed_in":"2.0.11"}]}},{"indianic-testimonial":{"vulnerabilities":[{"id":93401,"title":"IndiaNIC Testimonial 2.2 - Setting Manipulation CSRF","url":"http://packetstormsecurity.com/files/123036/,http://seclists.org/fulldisclosure/2013/Sep/5","osvdb":"96792","cve":"2013-5672","exploitdb":"28054","created_at":"2014-08-01T10:51:32.807Z","updated_at":"2014-08-01T10:51:32.807Z"},{"id":93402,"title":"IndiaNIC Testimonial 2.2 - testimonial.php custom_query Parameter SQL Injection","url":"http://packetstormsecurity.com/files/123036/,http://seclists.org/fulldisclosure/2013/Sep/5","osvdb":"96793","cve":"2013-5673","exploitdb":"28054","created_at":"2014-08-01T10:51:32.859Z","updated_at":"2014-08-01T10:51:32.859Z"},{"id":93403,"title":"IndiaNIC Testimonial 2.2 - iNIC_testimonial_save Action Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/123036/,http://seclists.org/fulldisclosure/2013/Sep/5","osvdb":"96795","exploitdb":"28054","created_at":"2014-08-01T10:51:32.912Z","updated_at":"2014-08-01T10:51:32.912Z"}]}},{"usernoise":{"vulnerabilities":[{"id":93404,"title":"Usernoise 3.7.8 - Feedback Submission summary Field XSS","url":"http://packetstormsecurity.com/files/122701/","osvdb":"96000","exploitdb":"27403","created_at":"2014-08-01T10:51:32.966Z","updated_at":"2014-08-01T10:51:32.966Z","fixed_in":"3.7.9"}]}},{"platinum-seo-pack":{"vulnerabilities":[{"id":93405,"title":"platinum_seo_pack.php - s Parameter Reflected XSS","osvdb":"97263","cve":"2013-5918","created_at":"2014-08-01T10:51:33.030Z","updated_at":"2014-08-01T10:51:33.030Z","fixed_in":"1.3.8"}]}},{"design-approval-system":{"vulnerabilities":[{"id":93406,"title":"Design Approval System 3.6 - XSS Vulnerability","url":"http://seclists.org/bugtraq/2013/Sep/54,http://packetstormsecurity.com/files/123227/","osvdb":"97192,97279","cve":"2013-5711","secunia":"54704","created_at":"2014-08-01T10:51:33.097Z","updated_at":"2014-08-01T10:51:33.097Z","fixed_in":"3.7"}]}},{"event-easy-calendar":{"vulnerabilities":[{"id":93407,"title":"Event Easy Calendar 1.0.0 - Multiple Administrator Action CSRF","url":"http://packetstormsecurity.com/files/123132/","osvdb":"97042","created_at":"2014-08-01T10:51:33.158Z","updated_at":"2014-08-01T10:51:33.158Z"},{"id":93408,"title":"Event Easy Calendar 1.0.0 - Multiple Unspecified XSS","url":"http://packetstormsecurity.com/files/123132/","osvdb":"97041","created_at":"2014-08-01T10:51:33.214Z","updated_at":"2014-08-01T10:51:33.214Z"}]}},{"bradesco-gateway":{"vulnerabilities":[{"id":93409,"title":"Bradesco - falha.php URI Reflected XSS","url":"http://packetstormsecurity.com/files/123356/","osvdb":"97624","cve":"2013-5916","created_at":"2014-08-01T10:51:33.264Z","updated_at":"2014-08-01T10:51:33.264Z"}]}},{"social-hashtags":{"vulnerabilities":[{"id":93410,"title":"Social Hashtags 2.0.0 - New Post Title Field Stored XSS","url":"http://packetstormsecurity.com/files/123485/","osvdb":"98027","created_at":"2014-08-01T10:51:33.346Z","updated_at":"2014-08-01T10:51:33.346Z"}]}},{"simple-flickr-display":{"vulnerabilities":[{"id":93411,"title":"Simple Flickr Display - Username Field Stored XSS","osvdb":"97991","created_at":"2014-08-01T10:51:33.398Z","updated_at":"2014-08-01T10:51:33.398Z"}]}},{"lazy-seo":{"vulnerabilities":[{"id":93412,"title":"Lazy SEO 1.1.9 - lazyseo.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/123349/,http://xforce.iss.net/xforce/xfdb/87384","osvdb":"97662","cve":"2013-5961","exploitdb":"28452","created_at":"2014-08-01T10:51:33.448Z","updated_at":"2014-08-01T10:51:33.448Z"}]}},{"seo-watcher":{"vulnerabilities":[{"id":93413,"title":"SEO Watcher - Open Flash Chart Arbitrary File Creation Vulnerability","url":"http://packetstormsecurity.com/files/123493/","secunia":"55162","created_at":"2014-08-01T10:51:33.501Z","updated_at":"2014-08-01T10:51:33.501Z"}]}},{"all-in-one-seo-pack":{"vulnerabilities":[{"id":93414,"title":"All in One SEO Pack \u003c= 2.1.5 - aioseop_functions.php new_meta Parameter XSS","url":"http://blog.sucuri.net/2014/05/vulnerability-found-in-the-all-in-one-seo-pack-wordpress-plugin.html","osvdb":"107640","created_at":"2014-08-01T10:51:33.551Z","updated_at":"2014-08-01T10:51:33.551Z","fixed_in":"2.1.6"},{"id":93415,"title":"All in One SEO Pack \u003c= 2.1.5 - Unspecified Privilege Escalation","url":"http://blog.sucuri.net/2014/05/vulnerability-found-in-the-all-in-one-seo-pack-wordpress-plugin.html","osvdb":"107641","created_at":"2014-08-01T10:51:33.612Z","updated_at":"2014-08-01T10:51:33.612Z","fixed_in":"2.1.6"},{"id":93416,"title":"All in One SEO Pack \u003c= 2.0.3 - XSS Vulnerability","url":"http://archives.neohapsis.com/archives/bugtraq/2013-10/0006.html,http://packetstormsecurity.com/files/123490/,http://www.securityfocus.com/bid/62784,http://seclists.org/bugtraq/2013/Oct/8","osvdb":"98023","cve":"2013-5988","secunia":"55133","created_at":"2014-08-01T10:51:33.676Z","updated_at":"2014-08-01T10:51:33.676Z","fixed_in":"2.0.3.1"}]}},{"simple-dropbox-upload-form":{"vulnerabilities":[{"id":93417,"title":"Simple Dropbox Upload - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123235/,http://xforce.iss.net/xforce/xfdb/87166","osvdb":"97457","cve":"2013-5963","secunia":"54856","created_at":"2014-08-01T10:51:33.741Z","updated_at":"2014-08-01T10:51:33.741Z","fixed_in":"1.8.8.1"}]}},{"wp-ultimate-email-marketer":{"vulnerabilities":[{"id":93418,"title":"WP Ultimate Email Marketer - Multiple Vulnerabilities","url":"http://www.securityfocus.com/bid/62621","osvdb":"97648,97649,97650,97651,97652,97653,97654,97655,97656","cve":"2013-3263,2013-3264","secunia":"53170","created_at":"2014-08-01T10:51:33.806Z","updated_at":"2014-08-01T10:51:33.806Z"}]}},{"wp-miniaudioplayer":{"vulnerabilities":[{"id":93419,"title":"mb.miniAudioPlayer 1.4.2 - TinyMCE Popup Unspecified Issue","osvdb":"101718","created_at":"2014-08-01T10:51:33.860Z","updated_at":"2014-08-01T10:51:33.860Z","fixed_in":"1.4.3"},{"id":93420,"title":"miniAudioPlayer 1.3.8 - maplayertinymce.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/123372/,http://www.securityfocus.com/bid/62629","osvdb":"97768","secunia":"54979","created_at":"2014-08-01T10:51:33.923Z","updated_at":"2014-08-01T10:51:33.923Z"}]}},{"simple-custom-website-data":{"vulnerabilities":[{"id":93421,"title":"Custom Website Data 1.2 - Record Deletion CSRF","osvdb":"101642","secunia":"54823","created_at":"2014-08-01T10:51:33.987Z","updated_at":"2014-08-01T10:51:33.987Z","fixed_in":"1.3"},{"id":93422,"title":"Custom Website Data 1.0 - wp-admin/admin.php ref Parameter XSS","url":"http://www.securityfocus.com/bid/62624","osvdb":"97668","secunia":"54865","created_at":"2014-08-01T10:51:34.048Z","updated_at":"2014-08-01T10:51:34.048Z","fixed_in":"1.1"}]}},{"complete-gallery-manager":{"vulnerabilities":[{"id":93423,"title":"Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123303/,http://xforce.iss.net/xforce/xfdb/87172","osvdb":"97481","cve":"2013-5962","secunia":"54894","exploitdb":"28377","created_at":"2014-08-01T10:51:34.113Z","updated_at":"2014-08-01T10:51:34.113Z","fixed_in":"3.3.4"}]}},{"lbg_zoominoutslider":{"vulnerabilities":[{"id":93424,"title":"LBG Zoominoutslider - add_banner.php name Parameter Stored XSS","url":"http://packetstormsecurity.com/files/123367/","osvdb":"97887","secunia":"54983","created_at":"2014-08-01T10:51:34.177Z","updated_at":"2014-08-01T10:51:34.177Z"},{"id":93425,"title":"LBG Zoominoutslider - settings_form.php Multiple Parameter Stored XSS","url":"http://packetstormsecurity.com/files/123914/,http://seclists.org/fulldisclosure/2013/Nov/30","osvdb":"99339","created_at":"2014-08-01T10:51:34.234Z","updated_at":"2014-08-01T10:51:34.234Z"},{"id":93426,"title":"LBG Zoominoutslider - add_playlist_record.php Multiple Parameter Stored XSS","url":"http://packetstormsecurity.com/files/123914/,http://seclists.org/fulldisclosure/2013/Nov/30","osvdb":"99340","created_at":"2014-08-01T10:51:34.291Z","updated_at":"2014-08-01T10:51:34.291Z"},{"id":93427,"title":"LBG Zoominoutslider - add_banner.php Unspecified XSS","url":"http://packetstormsecurity.com/files/123367/","osvdb":"99320","created_at":"2014-08-01T10:51:34.355Z","updated_at":"2014-08-01T10:51:34.355Z"},{"id":93428,"title":"LBG Zoominoutslider - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Nov/30","osvdb":"99341","created_at":"2014-08-01T10:51:34.406Z","updated_at":"2014-08-01T10:51:34.406Z"}]}},{"woopra":{"vulnerabilities":[{"id":93429,"title":"Woopra - Remote Code Execution","url":"http://packetstormsecurity.com/files/123525/","created_at":"2014-08-01T10:51:34.461Z","updated_at":"2014-08-01T10:51:34.461Z"}]}},{"fgallery_plus":{"vulnerabilities":[{"id":93430,"title":"fGallery_Plus - fim_rss.php album Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123347/,http://seclists.org/bugtraq/2013/Sep/105,http://seclists.org/bugtraq/2013/Sep/107,http://seclists.org/bugtraq/2013/Sep/108","osvdb":"97625","created_at":"2014-08-01T10:51:34.514Z","updated_at":"2014-08-01T10:51:34.514Z"}]}},{"nospampti":{"vulnerabilities":[{"id":93431,"title":"NOSpamPTI 2.1 - wp-comments-post.php comment_post_ID Parameter SQL Injection","url":"http://packetstormsecurity.com/files/123331/","osvdb":"97528","cve":"2013-5917","exploitdb":"28485","created_at":"2014-08-01T10:51:34.569Z","updated_at":"2014-08-01T10:51:34.569Z"}]}},{"comment-attachment":{"vulnerabilities":[{"id":93432,"title":"Comment Attachment 1.0 - XSS Vulnerability","url":"http://packetstormsecurity.com/files/123327/,http://www.securityfocus.com/bid/62438","osvdb":"97600","cve":"2013-6010","created_at":"2014-08-01T10:51:34.621Z","updated_at":"2014-08-01T10:51:34.621Z"}]}},{"mukioplayer-for-wordpress":{"vulnerabilities":[{"id":93433,"title":"Mukioplayer 1.6 - SQL Injection","url":"http://packetstormsecurity.com/files/123231/","osvdb":"97609","created_at":"2014-08-01T10:51:34.677Z","updated_at":"2014-08-01T10:51:34.677Z"}]}},{"encrypted-blog":{"vulnerabilities":[{"id":93434,"title":"Encrypted Blog 0.0.6.2 - encrypt_blog_form.php redirect_to Parameter Arbitrary Site Redirect","url":"http://packetstormsecurity.com/files/122992/","osvdb":"97881","created_at":"2014-08-01T10:51:34.729Z","updated_at":"2014-08-01T10:51:34.729Z"},{"id":93435,"title":"Encrypted Blog 0.0.6.2 - encrypt_blog_form.php redirect_to Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/122992/","osvdb":"97882","created_at":"2014-08-01T10:51:34.783Z","updated_at":"2014-08-01T10:51:34.783Z"}]}},{"wp-simple-login-registration-plugin":{"vulnerabilities":[{"id":93436,"title":"Simple Login Registration 1.0.1 - XSS","url":"http://packetstormsecurity.com/files/122963/","osvdb":"96660","secunia":"54583","created_at":"2014-08-01T10:51:34.836Z","updated_at":"2014-08-01T10:51:34.836Z"}]}},{"post-gallery":{"vulnerabilities":[{"id":93437,"title":"Post Gallery - XSS","url":"http://packetstormsecurity.com/files/122957/","created_at":"2014-08-01T10:51:34.888Z","updated_at":"2014-08-01T10:51:34.888Z"}]}},{"proplayer":{"vulnerabilities":[{"id":93438,"title":"ProPlayer 4.7.9.1 - SQL Injection","osvdb":"93564","exploitdb":"25605","created_at":"2014-08-01T10:51:34.944Z","updated_at":"2014-08-01T10:51:34.944Z"}]}},{"booking":{"vulnerabilities":[{"id":93439,"title":"Booking Calendar 4.1.4 - CSRF Vulnerability","url":"http://packetstormsecurity.com/files/122691/,http://wpbookingcalendar.com/","osvdb":"96088","secunia":"54461","exploitdb":"27399","created_at":"2014-08-01T10:51:35.001Z","updated_at":"2014-08-01T10:51:35.001Z","fixed_in":"4.1.6"}]}},{"thinkit-wp-contact-form":{"vulnerabilities":[{"id":93440,"title":"ThinkIT \u003c= 0.3 - wp-admin/admin.php Contact Form Deletion CSRF","url":"http://packetstormsecurity.com/files/122898/","osvdb":"96514","secunia":"54592","exploitdb":"27751","created_at":"2014-08-01T10:51:35.068Z","updated_at":"2014-08-01T10:51:35.068Z"},{"id":93441,"title":"ThinkIT \u003c= 0.2 - wp-admin/admin.php toitcf_current_id Parameter XSS","url":"http://packetstormsecurity.com/files/122898/","osvdb":"96515","secunia":"54592","exploitdb":"27751","created_at":"2014-08-01T10:51:35.123Z","updated_at":"2014-08-01T10:51:35.123Z","fixed_in":"0.3"}]}},{"quick-contact-form":{"vulnerabilities":[{"id":93442,"title":"Quick Contact Form 6.2 - Unspecified XSS","osvdb":"101782","created_at":"2014-08-01T10:51:35.186Z","updated_at":"2014-08-01T10:51:35.186Z","fixed_in":"6.3"},{"id":93443,"title":"Quick Contact Form 6.0 - Persistent XSS","url":"http://packetstormsecurity.com/files/123549/,http://quick-plugins.com/quick-contact-form/","osvdb":"98279","secunia":"55172","exploitdb":"28808","created_at":"2014-08-01T10:51:35.249Z","updated_at":"2014-08-01T10:51:35.249Z","fixed_in":"6.1"}]}},{"quick-paypal-payments":{"vulnerabilities":[{"id":93444,"title":"Quick Paypal Payments 3.0 - Payment Sending Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/123662/","osvdb":"98715","secunia":"55292","created_at":"2014-08-01T10:51:35.325Z","updated_at":"2014-08-01T10:51:35.325Z"}]}},{"email-newsletter":{"vulnerabilities":[{"id":93445,"title":"Email Newsletter 8.0 - 'option' Parameter Information Disclosure Vulnerability","url":"http://www.securityfocus.com/bid/53850","osvdb":"83541","secunia":"49758","created_at":"2014-08-01T10:51:35.377Z","updated_at":"2014-08-01T10:51:35.377Z"},{"id":93446,"title":"Email Newsletter 8.0 - csv/export.php Direct Request Information Disclosure","url":"http://packetstormsecurity.org/files/113322/","osvdb":"82812","created_at":"2014-08-01T10:51:35.429Z","updated_at":"2014-08-01T10:51:35.429Z"}]}},{"faqs-manager":{"vulnerabilities":[{"id":93447,"title":"IndiaNIC FAQs Manager 1.0 - Blind SQL Injection","url":"http://packetstormsecurity.com/files/120911/","osvdb":"91623","exploitdb":"24868","created_at":"2014-08-01T10:51:35.484Z","updated_at":"2014-08-01T10:51:35.484Z"},{"id":93448,"title":"IndiaNIC FAQs Manager 1.0 - Ask Question Form question Parameter XSS","url":"http://packetstormsecurity.com/files/120910/","osvdb":"91624","secunia":"52780","exploitdb":"24867","created_at":"2014-08-01T10:51:35.534Z","updated_at":"2014-08-01T10:51:35.534Z"},{"id":93449,"title":"IndiaNIC FAQs Manager 1.0 - CAPTCHA Value Disclosure","url":"http://packetstormsecurity.com/files/120910/","osvdb":"91625","exploitdb":"24867","created_at":"2014-08-01T10:51:35.588Z","updated_at":"2014-08-01T10:51:35.588Z"},{"id":93450,"title":"IndiaNIC FAQs Manager 1.0 - FAQ Setting Manipulation CSRF","url":"http://packetstormsecurity.com/files/120910/","osvdb":"91626","secunia":"52780","exploitdb":"24867","created_at":"2014-08-01T10:51:35.639Z","updated_at":"2014-08-01T10:51:35.639Z"}]}},{"booking-system":{"vulnerabilities":[{"id":93451,"title":"Booking System - events_facualty_list.php eid Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/122289/","osvdb":"96740","created_at":"2014-08-01T10:51:35.690Z","updated_at":"2014-08-01T10:51:35.690Z"},{"id":93452,"title":"Booking System 1.2 - dopbs-backend-forms.php booking_form_id Parameter SQL injection","url":"http://www.securityfocus.com/archive/1/532168","osvdb":"107204","cve":"2014-3210","created_at":"2014-08-01T10:51:35.745Z","updated_at":"2014-08-01T10:51:35.745Z","fixed_in":"1.3"}]}},{"js-restaurant":{"vulnerabilities":[{"id":93453,"title":"JS Restaurant - popup.php restuarant_id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/122316/","osvdb":"96743","created_at":"2014-08-01T10:51:35.807Z","updated_at":"2014-08-01T10:51:35.807Z"}]}},{"FlagEm":{"vulnerabilities":[{"id":93454,"title":"FlagEm - flagit.php cID Parameter XSS","url":"http://www.securityfocus.com/bid/61401,http://xforce.iss.net/xforce/xfdb/85925,http://packetstormsecurity.com/files/122505/","osvdb":"98226","created_at":"2014-08-01T10:51:35.861Z","updated_at":"2014-08-01T10:51:35.861Z"}]}},{"chat":{"vulnerabilities":[{"id":93455,"title":"Chat - message Parameter XSS","osvdb":"95984","secunia":"54403","created_at":"2014-08-01T10:51:35.918Z","updated_at":"2014-08-01T10:51:35.918Z"}]}},{"shareaholic":{"vulnerabilities":[{"id":93456,"title":"Shareaholic - Unspecified CSRF","osvdb":"96321","secunia":"54529","created_at":"2014-08-01T10:51:35.971Z","updated_at":"2014-08-01T10:51:35.971Z","fixed_in":"7.0.3.4"}]}},{"page-showcaser-boxes":{"vulnerabilities":[{"id":93457,"title":"Page Showcaser Boxes - Title Field Stored XSS","osvdb":"97579","created_at":"2014-08-01T10:51:36.032Z","updated_at":"2014-08-01T10:51:36.032Z"}]}},{"a-forms":{"vulnerabilities":[{"id":93458,"title":"A Forms 1.4.0 - a-forms.php a_form_tracking_page FunctionMultiple Parameters SQL Injection","osvdb":"96404","created_at":"2014-08-01T10:51:36.089Z","updated_at":"2014-08-01T10:51:36.089Z","fixed_in":"1.4.2"},{"id":93459,"title":"A Forms 1.4.0 - Form Submission CSRF","osvdb":"96381","secunia":"54489","created_at":"2014-08-01T10:51:36.154Z","updated_at":"2014-08-01T10:51:36.154Z","fixed_in":"1.4.1"},{"id":93460,"title":"A Forms 1.4.0 - a-forms.php a_form_shortcode Function Multiple Parameter XSS","osvdb":"96410","secunia":"54489","created_at":"2014-08-01T10:51:36.220Z","updated_at":"2014-08-01T10:51:36.220Z","fixed_in":"1.4.2"},{"id":93461,"title":"A Forms 1.4.0 - a-forms.php aform_css_file_selector() Function css_file_selection Parameter XSS","osvdb":"96809","secunia":"54489","created_at":"2014-08-01T10:51:36.280Z","updated_at":"2014-08-01T10:51:36.280Z","fixed_in":"1.4.2"},{"id":93462,"title":"A Forms 1.4.0 - a-forms.php add_field_to_section Function Multiple Parameter XSS","osvdb":"96810","secunia":"54489","created_at":"2014-08-01T10:51:36.363Z","updated_at":"2014-08-01T10:51:36.363Z","fixed_in":"1.4.2"},{"id":93463,"title":"A Forms 1.4.0 - a-forms.php a_form_initial_page Function Multiple Parameter XSS","osvdb":"96811","secunia":"54489","created_at":"2014-08-01T10:51:36.425Z","updated_at":"2014-08-01T10:51:36.425Z","fixed_in":"1.4.2"},{"id":93464,"title":"A Forms 1.4.0 - a-forms.php a_form_page Function Multiple Parameter XSS","osvdb":"96812","secunia":"54489","created_at":"2014-08-01T10:51:36.488Z","updated_at":"2014-08-01T10:51:36.488Z","fixed_in":"1.4.2"},{"id":93465,"title":"A Forms 1.4.0 -  a-forms.php a_form_section_page Function message Parameter XSS","osvdb":"96813","secunia":"54489","created_at":"2014-08-01T10:51:36.554Z","updated_at":"2014-08-01T10:51:36.554Z","fixed_in":"1.4.2"},{"id":93466,"title":"A Forms 1.4.0 - a-forms.php a_form_tracking_page Function Multiple Parameter XSS","osvdb":"96814","secunia":"54489","created_at":"2014-08-01T10:51:36.619Z","updated_at":"2014-08-01T10:51:36.619Z","fixed_in":"1.4.2"}]}},{"share-this":{"vulnerabilities":[{"id":93467,"title":"ShareThis 7.0.3 - Setting Manipulation CSRF","url":"http://www.securityfocus.com/bid/62154","osvdb":"96884","cve":"2013-3479","secunia":"53135","created_at":"2014-08-01T10:51:36.685Z","updated_at":"2014-08-01T10:51:36.685Z","fixed_in":"7.0.6"}]}},{"simple-flash-video":{"vulnerabilities":[{"id":93468,"title":"Simple Flash Video 1.7 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/123562/,http://www.securityfocus.com/bid/62950","osvdb":"98371","created_at":"2014-08-01T10:51:36.749Z","updated_at":"2014-08-01T10:51:36.749Z"}]}},{"landing-pages":{"vulnerabilities":[{"id":93469,"title":"Landing Pages 1.2.3 - Unspecified Issue","osvdb":"102442","created_at":"2014-08-01T10:51:36.803Z","updated_at":"2014-08-01T10:51:36.803Z","fixed_in":"1.3.1"},{"id":93470,"title":"Landing Pages 1.2.1 - module.utils.php post Parameter SQL Injection","url":"http://www.securityfocus.com/bid/62942,http://xforce.iss.net/xforce/xfdb/87803","osvdb":"98334","cve":"2013-6243","secunia":"55192","created_at":"2014-08-01T10:51:36.864Z","updated_at":"2014-08-01T10:51:36.864Z","fixed_in":"1.2.3"},{"id":93471,"title":"Landing Pages 1.2.1 - module.redirect-ab-testing.php permalink_name Parameter SQL Injection","osvdb":"102407","created_at":"2014-08-01T10:51:36.929Z","updated_at":"2014-08-01T10:51:36.929Z","fixed_in":"1.2.3"}]}},{"cart66-lite":{"vulnerabilities":[{"id":93472,"title":"Cart66 1.5.1.14 - admin.php cart66-products Page Product Manipulation CSRF","url":"http://packetstormsecurity.com/files/123587/","osvdb":"98352","cve":"2013-5977","secunia":"55265","exploitdb":"28959","created_at":"2014-08-01T10:51:36.991Z","updated_at":"2014-08-01T10:51:36.991Z","fixed_in":"1.5.1.15"},{"id":93473,"title":"Cart66 - admin.php cart66-products Page Multiple Field Stored XSS","url":"http://packetstormsecurity.com/files/123587/","osvdb":"98353","cve":"2013-5978","exploitdb":"28959","created_at":"2014-08-01T10:51:37.055Z","updated_at":"2014-08-01T10:51:37.055Z","fixed_in":"1.5.1.15"}]}},{"category-wise-search":{"vulnerabilities":[{"id":93474,"title":"Wise Search Widget 1.1 - s Parameter Reflected XSS","osvdb":"97989","created_at":"2014-08-01T10:51:37.119Z","updated_at":"2014-08-01T10:51:37.119Z"}]}},{"catholic-liturgical-calendar":{"vulnerabilities":[{"id":93475,"title":"Catholic Liturgical Calendar Widget 0.0.1 - Title Field Stored XSS","osvdb":"98026","created_at":"2014-08-01T10:51:37.175Z","updated_at":"2014-08-01T10:51:37.175Z","fixed_in":"0.0.2"}]}},{"zenphoto":{"vulnerabilities":[{"id":93476,"title":"Zenphoto 1.4.5.2 - wordpress_import.php wp_prefix Function SQL Injection","url":"http://packetstormsecurity.com/files/123501/,http://www.securityfocus.com/bid/62815,http://seclists.org/bugtraq/2013/Oct/20","osvdb":"98091","created_at":"2014-08-01T10:51:37.254Z","updated_at":"2014-08-01T10:51:37.254Z","fixed_in":"1.4.5.4"}]}},{"bp-group-documents":{"vulnerabilities":[{"id":93477,"title":"Group Documents 1.2.1 - Document Upload Multiple Field Stored XSS","url":"http://seclists.org/fulldisclosure/2014/Feb/170","osvdb":"103475","created_at":"2014-08-01T10:51:37.372Z","updated_at":"2014-08-01T10:51:37.372Z","fixed_in":"1.2.2"},{"id":93478,"title":"Group Documents 1.2.1 - bp-group-documents-settings.php file Parameter Remote Path Traversal File Location Manipulation","url":"http://seclists.org/fulldisclosure/2014/Feb/170","osvdb":"103476","created_at":"2014-08-01T10:51:37.454Z","updated_at":"2014-08-01T10:51:37.454Z","fixed_in":"1.2.2"},{"id":93479,"title":"Group Documents 1.2.1 - Document Property Manipulation CSRF","url":"http://seclists.org/fulldisclosure/2014/Feb/170","osvdb":"103477","created_at":"2014-08-01T10:51:37.525Z","updated_at":"2014-08-01T10:51:37.525Z","fixed_in":"1.2.2"},{"id":93480,"title":"Group Documents 1.2 - File Uploading Multiple Parameter Stored XSS","url":"http://www.securityfocus.com/bid/62886","osvdb":"98246","secunia":"55130","created_at":"2014-08-01T10:51:37.591Z","updated_at":"2014-08-01T10:51:37.591Z","fixed_in":"1.2.2"}]}},{"ab-categories-search-widget":{"vulnerabilities":[{"id":93481,"title":"AB Categories Search Widget 0.1 - s Parameter Reflected XSS","osvdb":"97987","created_at":"2014-08-01T10:51:37.662Z","updated_at":"2014-08-01T10:51:37.662Z"}]}},{"sl-user-create":{"vulnerabilities":[{"id":93482,"title":"SL User Create 0.2.4 - LSL script Secret String Weakness Information Disclosure","url":"http://www.securityfocus.com/bid/63009","osvdb":"98456","secunia":"55262","created_at":"2014-08-01T10:51:37.724Z","updated_at":"2014-08-01T10:51:37.724Z","fixed_in":"0.2.5"}]}},{"player":{"vulnerabilities":[{"id":93483,"title":"Spider Video Player 2.1 - settings.php theme Parameter SQL Injection","url":"http://packetstormsecurity.com/files/121250/,http://www.securityfocus.com/bid/59021,http://xforce.iss.net/xforce/xfdb/83374","osvdb":"92264","cve":"2013-3532","created_at":"2014-08-01T10:51:37.797Z","updated_at":"2014-08-01T10:51:37.797Z"},{"id":93484,"title":"Spider Video Player 2.1 - settings.php s_v_player_id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124353/","osvdb":"100848","created_at":"2014-08-01T10:51:37.861Z","updated_at":"2014-08-01T10:51:37.861Z"}]}},{"finalist":{"vulnerabilities":[{"id":93485,"title":"Finalist - vote.php id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123597/","osvdb":"98665","created_at":"2014-08-01T10:51:37.917Z","updated_at":"2014-08-01T10:51:37.917Z"},{"id":93486,"title":"Finalist - vote.php id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/120951/","osvdb":"98665","created_at":"2014-08-01T10:51:37.968Z","updated_at":"2014-08-01T10:51:37.968Z"}]}},{"dexs-pm-system":{"vulnerabilities":[{"id":93487,"title":"Dexs PM System 1.0.1 - Private Message subject Parameter Stored XSS","url":"http://packetstormsecurity.com/files/123634/,http://www.securityfocus.com/bid/63021","osvdb":"98668","secunia":"55296","exploitdb":"28970","created_at":"2014-08-01T10:51:38.024Z","updated_at":"2014-08-01T10:51:38.024Z"}]}},{"video-metabox":{"vulnerabilities":[{"id":93488,"title":"Video Metabox 1.1 - Persistent XSS Vulnerability Disclosure","url":"http://www.securityfocus.com/bid/63172,http://securityundefined.com/wordpress-video-metabox-plugin-persistent-xss-vulnerability-disclosure/","osvdb":"98641","secunia":"55257","created_at":"2014-08-01T10:51:38.082Z","updated_at":"2014-08-01T10:51:38.082Z","fixed_in":"1.1.1"}]}},{"wp-realty":{"vulnerabilities":[{"id":93489,"title":"WP Realty - MySQL Time Based Injection","url":"http://packetstormsecurity.com/files/123655/,http://www.securityfocus.com/bid/63217","osvdb":"98748","exploitdb":"29021","created_at":"2014-08-01T10:51:38.149Z","updated_at":"2014-08-01T10:51:38.149Z"},{"id":93490,"title":"WP Realty - index_ext.php listing_id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124418/","osvdb":"101583","created_at":"2014-08-01T10:51:38.203Z","updated_at":"2014-08-01T10:51:38.203Z"}]}},{"feed":{"vulnerabilities":[{"id":93491,"title":"Feed - news_dt.php nid Parameter SQL Injection","url":"http://packetstormsecurity.com/files/122260/","osvdb":"94804","created_at":"2014-08-01T10:51:38.261Z","updated_at":"2014-08-01T10:51:38.261Z"}]}},{"social-sharing-toolkit":{"vulnerabilities":[{"id":93492,"title":"Social Sharing Toolkit 2.1.1 - Setting Manipulation CSRF","url":"http://www.securityfocus.com/bid/63198","osvdb":"98717","cve":"2013-2701","secunia":"52951","created_at":"2014-08-01T10:51:38.326Z","updated_at":"2014-08-01T10:51:38.326Z"},{"id":93493,"title":"Social Sharing Toolkit 2.1.1 - Unspecified XSS","osvdb":"98931","cve":"2013-6280","created_at":"2014-08-01T10:51:38.382Z","updated_at":"2014-08-01T10:51:38.382Z","fixed_in":"2.1.2"}]}},{"videowall":{"vulnerabilities":[{"id":93494,"title":"Videowall - index.php page_id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123693/,http://seclists.org/bugtraq/2013/Oct/98","osvdb":"98765","created_at":"2014-08-01T10:51:38.455Z","updated_at":"2014-08-01T10:51:38.455Z"}]}},{"really-simple-facebook-twitter-share-buttons":{"vulnerabilities":[{"id":93495,"title":"Really simple Facebook Twitter share buttons 2.10.4 - Settings Page Manipulation CSRF","url":"http://www.securityfocus.com/bid/62268","osvdb":"97190","secunia":"54707","created_at":"2014-08-01T10:51:38.513Z","updated_at":"2014-08-01T10:51:38.513Z","fixed_in":"2.10.5"}]}},{"car-demon":{"vulnerabilities":[{"id":93496,"title":"Car Demon 1.0.1 - /wp-admin/edit.php Multiple Parameter XSS","osvdb":"90365","secunia":"51088","created_at":"2014-08-01T10:51:38.586Z","updated_at":"2014-08-01T10:51:38.586Z"},{"id":93497,"title":"Car Demon 1.0.1 - /wp-admin/post.php Multiple Parameter XSS","osvdb":"90366","secunia":"51088","created_at":"2014-08-01T10:51:38.646Z","updated_at":"2014-08-01T10:51:38.646Z"}]}},{"blue-wrench-videos-widget":{"vulnerabilities":[{"id":93498,"title":"Blue Wrench Video Widget 1.0.2 - admin.php bw-videos Page Multiple Action CSRF","url":"http://securityundefined.com/wordpress-plugin-blue-wrench-video-widget-csrf-persistent-xss-0day-disclosure/","osvdb":"98922","cve":"2013-6797","secunia":"55456","created_at":"2014-08-01T10:51:38.704Z","updated_at":"2014-08-01T10:51:38.704Z"},{"id":93499,"title":"Blue-Wrench-Video-Widget 1.0.2 - admin.php bw-videos Page Multiple Parameter Stored XSS","url":"http://securityundefined.com/wordpress-plugin-blue-wrench-video-widget-csrf-persistent-xss-0day-disclosure/","osvdb":"98923","cve":"2013-6797","secunia":"55456","created_at":"2014-08-01T10:51:38.759Z","updated_at":"2014-08-01T10:51:38.759Z"}]}},{"wp-mailup":{"vulnerabilities":[{"id":93500,"title":"MailUp 1.3.2 - ajax.functions.php Ajax Function Call Handling XSS Weakness","osvdb":"91274","cve":"2013-0731,2013-2640","secunia":"51917","created_at":"2014-08-01T10:51:38.815Z","updated_at":"2014-08-01T10:51:38.815Z","fixed_in":"1.3.3"}]}},{"wp-online-store":{"vulnerabilities":[{"id":93501,"title":"WP Online Store 1.3.1 - index.php slug Parameter Traversal Local File Inclusion","osvdb":"90243","secunia":"50836","created_at":"2014-08-01T10:51:38.889Z","updated_at":"2014-08-01T10:51:38.889Z","fixed_in":"1.3.2"},{"id":93502,"title":"WP Online Store 1.3.1 - index.php Multiple Parameter Traversal Arbitrary File Access","osvdb":"90244","secunia":"50836","created_at":"2014-08-01T10:51:38.953Z","updated_at":"2014-08-01T10:51:38.953Z","fixed_in":"1.3.2"}]}},{"payment-gateways-caller-for-wp-e-commerce":{"vulnerabilities":[{"id":93503,"title":"Payment Gateways Caller for WP e-Commerce 0.1.0 - load_merchant Parameter Traversal Local file Inclusion","url":"http://packetstormsecurity.com/files/123744/","osvdb":"98916","created_at":"2014-08-01T10:51:39.016Z","updated_at":"2014-08-01T10:51:39.016Z","fixed_in":"0.1.1"}]}},{"easy-photo-album":{"vulnerabilities":[{"id":93504,"title":"Easy Photo Album 1.1.5 - Album Information Disclosure","osvdb":"98802","created_at":"2014-08-01T10:51:39.080Z","updated_at":"2014-08-01T10:51:39.080Z","fixed_in":"1.1.6"}]}},{"hungred-post-thumbnail":{"vulnerabilities":[{"id":93505,"title":"Hungred Post Thumbnail - hpt_file_upload.php File Upload PHP Code Execution","url":"http://packetstormsecurity.com/files/113402/,http://www.securityfocus.com/bid/53898","osvdb":"82830","created_at":"2014-08-01T10:51:39.143Z","updated_at":"2014-08-01T10:51:39.143Z"}]}},{"dhtmlxspreadsheet":{"vulnerabilities":[{"id":93506,"title":"Spreadsheet - /dhtmlxspreadsheet/codebase/spreadsheet.php page Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123699/,http://www.securityfocus.com/bid/63256","osvdb":"98831","cve":"2013-6281","secunia":"55396","created_at":"2014-08-01T10:51:39.197Z","updated_at":"2014-08-01T10:51:39.197Z"}]}},{"tweet-blender":{"vulnerabilities":[{"id":93507,"title":"Tweet Blender 4.0.1 - Unspecified XSS","url":"http://packetstormsecurity.com/files/124047/","osvdb":"98978","cve":"2013-6342","secunia":"55780","created_at":"2014-08-01T10:51:39.253Z","updated_at":"2014-08-01T10:51:39.253Z","fixed_in":"4.0.2"}]}},{"sb-uploader":{"vulnerabilities":[{"id":93508,"title":"WordPress SB Uploader 3.9 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.com/files/119159/","created_at":"2014-08-01T10:51:39.330Z","updated_at":"2014-08-01T10:51:39.330Z"}]}},{"connections":{"vulnerabilities":[{"id":93509,"title":"Connections Business Directory 0.7.9.3 - includes/template/class.template-parts.php Pagination URL Handling XSS","osvdb":"106558","created_at":"2014-08-01T10:51:39.383Z","updated_at":"2014-08-01T10:51:39.383Z","fixed_in":"0.7.9.4"},{"id":93510,"title":"Connections \u003c= 0.7.1.5 - Unspecified Security Vulnerability","url":"http://www.securityfocus.com/bid/51204","cve":"2011-5254","created_at":"2014-08-01T10:51:39.443Z","updated_at":"2014-08-01T10:51:39.443Z","fixed_in":"0.7.1.5"}]}},{"gallery-bank":{"vulnerabilities":[{"id":93511,"title":"Gallery Bank 2.0.19 - edit-album.php album_id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/123924/,http://www.securityfocus.com/bid/63382","osvdb":"99045","secunia":"55443","created_at":"2014-08-01T10:51:39.505Z","updated_at":"2014-08-01T10:51:39.505Z","fixed_in":"2.0.20"},{"id":93512,"title":"Gallery Bank 2.0.19 - Multiple Unspecified Issues","url":"http://www.securityfocus.com/bid/63382","osvdb":"99046","secunia":"55443","created_at":"2014-08-01T10:51:39.566Z","updated_at":"2014-08-01T10:51:39.566Z","fixed_in":"2.0.20"},{"id":93513,"title":"Gallery Bank 2.0.19 - album-gallery-bank-class.php recordsArray Parameter Reflected XSS","url":"http://www.securityfocus.com/bid/63385,http://seclists.org/fulldisclosure/2013/Nov/38","osvdb":"99345","secunia":"55443","created_at":"2014-08-01T10:51:39.630Z","updated_at":"2014-08-01T10:51:39.630Z","fixed_in":"2.0.20"}]}},{"rockhoist-ratings":{"vulnerabilities":[{"id":93514,"title":"Rockhoist Ratings 1.2.2 - wp-admin/admin-ajax.php postID Parameter SQL Injection","url":"http://www.securityfocus.com/bid/63441","osvdb":"99195","secunia":"55445","created_at":"2014-08-01T10:51:39.695Z","updated_at":"2014-08-01T10:51:39.695Z"}]}},{"wordpress-checkout":{"vulnerabilities":[{"id":93515,"title":"Checkout Plugin - File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/123866/","osvdb":"99225","created_at":"2014-08-01T10:51:39.747Z","updated_at":"2014-08-01T10:51:39.747Z"}]}},{"mobilechief-mobile-site-creator":{"vulnerabilities":[{"id":93516,"title":"MobileChief - jQuery Validation Cross-Site Scripting Vulnerability","url":"http://packetstormsecurity.com/files/123809/","secunia":"55501","created_at":"2014-08-01T10:51:39.798Z","updated_at":"2014-08-01T10:51:39.798Z"}]}},{"timeline":{"vulnerabilities":[{"id":93517,"title":"Facebook Survey Pro - timeline/index.php id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/118238/,http://www.securityfocus.com/bid/56595,http://xforce.iss.net/xforce/xfdb/80141","secunia":"87817","exploitdb":"22853","created_at":"2014-08-01T10:51:39.853Z","updated_at":"2014-08-01T10:51:39.853Z"}]}},{"live-comment-preview":{"vulnerabilities":[{"id":93518,"title":"Live Comment Preview 2.0.2 - Comment Field Preview XSS","osvdb":"92944","created_at":"2014-08-01T10:51:39.904Z","updated_at":"2014-08-01T10:51:39.904Z"}]}},{"polldaddy":{"vulnerabilities":[{"id":93519,"title":"Polldaddy Polls and Rating 2.0.24 - polldaddy-org.php unique_id Ratings Shortcode XSS","url":"http://www.securityfocus.com/bid/68512","osvdb":"108640","cve":"2014-4856","secunia":"59323","created_at":"2014-08-01T10:51:39.955Z","updated_at":"2014-08-01T10:51:39.955Z","fixed_in":"2.0.25"},{"id":93520,"title":"Polldaddy Polls and Rating 2.0.23 - polldaddy-org.php polldaddy-ratings-title-filter Parameter Reflected XSS","url":"http://www.securityfocus.com/bid/68512","osvdb":"108641","created_at":"2014-08-01T10:51:40.022Z","updated_at":"2014-08-01T10:51:40.022Z","fixed_in":"2.0.24"},{"id":93521,"title":"Polldaddy Polls and Ratings 2.0.20 - Cross-Site Request Forgery Vulnerability","url":"http://www.securityfocus.com/bid/63557","osvdb":"99515","secunia":"55464","created_at":"2014-08-01T10:51:40.092Z","updated_at":"2014-08-01T10:51:40.092Z","fixed_in":"2.0.21"}]}},{"jigoshop":{"vulnerabilities":[{"id":93522,"title":"Jigoshop 1.8 - Multiple Script Direct Request Path Disclosure","osvdb":"99485","created_at":"2014-08-01T10:51:40.156Z","updated_at":"2014-08-01T10:51:40.156Z"}]}},{"fcchat":{"vulnerabilities":[{"id":93523,"title":"FCChat 2.2.11-2.2.13 - Upload.php Arbitrary File Upload Vulnerability","url":"http://www.securityfocus.com/bid/53855","created_at":"2014-08-01T10:51:40.213Z","updated_at":"2014-08-01T10:51:40.213Z"}]}},{"another-wordpress-classifieds-plugin":{"vulnerabilities":[{"id":93524,"title":"Another WordPress Classifieds - Unspecified Image Upload Vulnerability","url":"http://www.securityfocus.com/bid/52861","created_at":"2014-08-01T10:51:40.263Z","updated_at":"2014-08-01T10:51:40.263Z"}]}},{"picturesurf-gallery":{"vulnerabilities":[{"id":93525,"title":"Picturesurf Gallery 1.2 - upload.php Arbitrary File Upload Vulnerability","url":"http://www.securityfocus.com/bid/53894","created_at":"2014-08-01T10:51:40.323Z","updated_at":"2014-08-01T10:51:40.323Z"}]}},{"social-slider-2":{"vulnerabilities":[{"id":93526,"title":"Social Slider \u003c= 5.6.5 - social-slider-2/ajax.php rA Parameter SQL Injection","osvdb":"74421","secunia":"45549","exploitdb":"17617","created_at":"2014-08-01T10:51:40.375Z","updated_at":"2014-08-01T10:51:40.375Z","fixed_in":"6.0.0"}]}},{"redirection":{"vulnerabilities":[{"id":93527,"title":"Redirection 2.3.3 - view/admin/item.php URL Handling Reflected XSS","osvdb":"101774","created_at":"2014-08-01T10:51:40.435Z","updated_at":"2014-08-01T10:51:40.435Z","fixed_in":"2.3.4"},{"id":93528,"title":"Redirection - view/admin/log_item.php Non-existent Posts Referer HTTP Header XSS","osvdb":"76092,77447","cve":"2011-4562","secunia":"46310","created_at":"2014-08-01T10:51:40.500Z","updated_at":"2014-08-01T10:51:40.500Z","fixed_in":"2.2.10"},{"id":93529,"title":"Redirection - wp-admin/tools.php id Parameter XSS","osvdb":"74783","secunia":"45782","created_at":"2014-08-01T10:51:40.564Z","updated_at":"2014-08-01T10:51:40.564Z","fixed_in":"2.2.9"}]}},{"eshop":{"vulnerabilities":[{"id":93530,"title":"eShop - wp-admin/admin.php Multiple Parameter XSS","url":"http://seclists.org/bugtraq/2011/Aug/52,http://www.htbridge.ch/advisory/multiple_xss_in_eshop_for_wordpress.html","osvdb":"74464","secunia":"45553","created_at":"2014-08-01T10:51:40.630Z","updated_at":"2014-08-01T10:51:40.630Z","fixed_in":"6.2.9"}]}},{"all-in-one-adsense-and-ypn":{"vulnerabilities":[{"id":93531,"title":"All in One Adsense YPN 2.0.1 - all-in-one-adsense-and-ypn.php Unspecified XSS","osvdb":"74900","secunia":"45579","created_at":"2014-08-01T10:51:40.692Z","updated_at":"2014-08-01T10:51:40.692Z"},{"id":93532,"title":"All in One Adsense YPN 2.0.1 - all-in-one-adsense-and-ypn.php Direct Request AdSense Account Manipulation","osvdb":"74899","secunia":"45579","created_at":"2014-08-01T10:51:40.749Z","updated_at":"2014-08-01T10:51:40.749Z"}]}},{"SearchNSave":{"vulnerabilities":[{"id":93533,"title":"Search N Save - SearchNSave/error_log Direct Request Path Disclosure","osvdb":"95196","secunia":"54078","created_at":"2014-08-01T10:51:40.802Z","updated_at":"2014-08-01T10:51:40.802Z"}]}},{"taggator":{"vulnerabilities":[{"id":93534,"title":"TagGator - 'tagid' Parameter SQL Injection Vulnerability","url":"http://www.securityfocus.com/bid/52908","created_at":"2014-08-01T10:51:40.856Z","updated_at":"2014-08-01T10:51:40.856Z"}]}},{"uploadify-integration":{"vulnerabilities":[{"id":93535,"title":"Uploadify Integration 0.9.6 - Multiple Cross Site Scripting Vulnerabilities","url":"http://www.securityfocus.com/bid/52944","osvdb":"81093,81094,81095","created_at":"2014-08-01T10:51:40.906Z","updated_at":"2014-08-01T10:51:40.906Z"}]}},{"wpsc-mijnpress":{"vulnerabilities":[{"id":93536,"title":"WPsc MijnPress - 'rwflush' Parameter Cross Site Scripting Vulnerability","url":"http://www.securityfocus.com/bid/53302","created_at":"2014-08-01T10:51:40.959Z","updated_at":"2014-08-01T10:51:40.959Z"}]}},{"leaflet-maps-marker":{"vulnerabilities":[{"id":93537,"title":"Leaflet Maps Marker 3.5.2 - Two SQL Injection Vulnerabilities","secunia":"53855","created_at":"2014-08-01T10:51:41.009Z","updated_at":"2014-08-01T10:51:41.009Z","fixed_in":"3.5.3"}]}},{"google-xml-sitemaps-generator":{"vulnerabilities":[{"id":93538,"title":"XML Sitemap Generator 3.2.8 - XML File Overwrite Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/119357/","osvdb":"89411","created_at":"2014-08-01T10:51:41.072Z","updated_at":"2014-08-01T10:51:41.072Z"}]}},{"spam-free-wordpress":{"vulnerabilities":[{"id":93539,"title":"Spam Free Plugin 1.9.2 - Multiple Script Direct Request Path Disclosure","url":"http://xforce.iss.net/xforce/xfdb/81007","osvdb":"88954","created_at":"2014-08-01T10:51:41.125Z","updated_at":"2014-08-01T10:51:41.125Z"},{"id":93540,"title":"Spam Free Plugin 1.9.2 - IP Blocklist Restriction Bypass","url":"http://xforce.iss.net/xforce/xfdb/81006,http://packetstormsecurity.com/files/119274/","osvdb":"88955","created_at":"2014-08-01T10:51:41.177Z","updated_at":"2014-08-01T10:51:41.177Z"}]}},{"editorial-calendar":{"vulnerabilities":[{"id":93541,"title":"Editorial Calendar 2.6 - Post Title XSS","osvdb":"90226","created_at":"2014-08-01T10:51:41.241Z","updated_at":"2014-08-01T10:51:41.241Z","fixed_in":"2.7"},{"id":93542,"title":"Editorial Calendar 2.6 - Permission Verification Arbitrary Calendar Post Deletion","osvdb":"90227","secunia":"52218","created_at":"2014-08-01T10:51:41.323Z","updated_at":"2014-08-01T10:51:41.323Z","fixed_in":"2.7"},{"id":93543,"title":"Editorial Calendar 2.6 - Post Query Multiple Filter SQL Injection","osvdb":"90228","created_at":"2014-08-01T10:51:41.391Z","updated_at":"2014-08-01T10:51:41.391Z"}]}},{"shareyourcart":{"vulnerabilities":[{"id":93544,"title":"ShareYourCart 1.6.1 - SDK Multiple Unspecified Path Disclosure","osvdb":"81618","cve":"2012-4332","secunia":"48960","created_at":"2014-08-01T10:51:41.447Z","updated_at":"2014-08-01T10:51:41.447Z","fixed_in":"1.7.1"}]}},{"alo-easymail":{"vulnerabilities":[{"id":93545,"title":"ALO EasyMail Newsletter 2.4.7 - Multiple Unspecified XSS","osvdb":"82324","secunia":"49320","created_at":"2014-08-01T10:51:41.513Z","updated_at":"2014-08-01T10:51:41.513Z","fixed_in":"2.4.8"}]}},{"contact-form-7":{"vulnerabilities":[{"id":93546,"title":"Contact Form 7 \u003c= 3.7.1 - Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/66381/","cve":"2014-2265","created_at":"2014-08-01T10:51:41.582Z","updated_at":"2014-08-01T10:51:41.582Z","fixed_in":"3.7.2"},{"id":93547,"title":"Contact Form 7 \u0026 Old WP Versions - Crafted File Extension Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/125018/,http://seclists.org/fulldisclosure/2014/Feb/0","osvdb":"102776","created_at":"2014-08-01T10:51:41.656Z","updated_at":"2014-08-01T10:51:41.656Z"},{"id":93548,"title":"Contact Form 7 \u003c= 3.5.2 - Arbitrary File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/124154/","osvdb":"100189","created_at":"2014-08-01T10:51:41.712Z","updated_at":"2014-08-01T10:51:41.712Z","fixed_in":"3.5.3"}]}},{"store-locator":{"vulnerabilities":[{"id":93549,"title":"Store Locator \u003c= 2.6.1 - Cross-Site Request Forgery Vulnerability","osvdb":"100485","secunia":"55276","created_at":"2014-08-01T10:51:41.777Z","updated_at":"2014-08-01T10:51:41.777Z","fixed_in":"2.12"}]}},{"optinfirex":{"vulnerabilities":[{"id":93550,"title":"Optinfirex - lp/index.php id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124188/","osvdb":"100435","created_at":"2014-08-01T10:51:41.840Z","updated_at":"2014-08-01T10:51:41.840Z"}]}},{"amerisale-re":{"vulnerabilities":[{"id":93551,"title":"Amerisale-Re - Remote Shell Upload","url":"http://packetstormsecurity.com/files/124992/","created_at":"2014-08-01T10:51:41.892Z","updated_at":"2014-08-01T10:51:41.892Z"},{"id":93552,"title":"Amerisale-Re - netriesdetail/upload.php edit Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124187/,http://xforce.iss.net/xforce/xfdb/89263","osvdb":"100434","created_at":"2014-08-01T10:51:41.943Z","updated_at":"2014-08-01T10:51:41.943Z"}]}},{"js-multihotel":{"vulnerabilities":[{"id":93553,"title":"JS MultiHotel 2.2.1 - includes/show_image.php file Parameter Remote File Inclusion DoS","url":"http://packetstormsecurity.com/files/125959/,http://seclists.org/fulldisclosure/2014/Mar/428","osvdb":"105185","created_at":"2014-08-01T10:51:41.994Z","updated_at":"2014-08-01T10:51:41.994Z"},{"id":93554,"title":"JS MultiHotel 2.2.1 - includes/delete_img.php path Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/125959/,http://seclists.org/fulldisclosure/2014/Mar/428,http://www.securityfocus.com/bid/66529","osvdb":"105186","created_at":"2014-08-01T10:51:42.049Z","updated_at":"2014-08-01T10:51:42.049Z"},{"id":93555,"title":"JS MultiHotel 2.2.1 - Multiple Script Direct Request Path Disclosure","url":"http://packetstormsecurity.com/files/125959/,http://seclists.org/fulldisclosure/2014/Mar/428","osvdb":"105187","created_at":"2014-08-01T10:51:42.103Z","updated_at":"2014-08-01T10:51:42.103Z"},{"id":93556,"title":"JS MultiHotel 2.2.1 - includes/timthumb.php src Parameter Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2014/Mar/413,http://www.securityfocus.com/bid/66529","osvdb":"105119","created_at":"2014-08-01T10:51:42.153Z","updated_at":"2014-08-01T10:51:42.153Z"},{"id":93557,"title":"JS MultiHotel 2.2.1 - refreshDate.php roomid Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124239/,http://www.securityfocus.com/bid/64045","osvdb":"100575","secunia":"55919","created_at":"2014-08-01T10:51:42.205Z","updated_at":"2014-08-01T10:51:42.205Z"}]}},{"dzs-videogallery":{"vulnerabilities":[{"id":93558,"title":"DZS Video Gallery - ajax.php source Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/125179/","osvdb":"103283","secunia":"56904","created_at":"2014-08-01T10:51:42.256Z","updated_at":"2014-08-01T10:51:42.256Z"},{"id":93559,"title":"DZS Video Gallery - upload.php File Upload Remote Code Execution","osvdb":"100620","exploitdb":"29834","created_at":"2014-08-01T10:51:42.322Z","updated_at":"2014-08-01T10:51:42.322Z"},{"id":93560,"title":"DZS Video Gallery 3.1.3 - Remote File Disclosure","url":"http://packetstormsecurity.com/files/124317/","osvdb":"100750","created_at":"2014-08-01T10:51:42.380Z","updated_at":"2014-08-01T10:51:42.380Z"},{"id":93561,"title":"DZS Video Gallery - preview_allchars.swf logoLink Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/126846/,http://www.securityfocus.com/bid/67698,http://seclists.org/fulldisclosure/2014/May/157","osvdb":"107521","cve":"2014-3923","created_at":"2014-08-01T10:51:42.431Z","updated_at":"2014-08-01T10:51:42.431Z"},{"id":93562,"title":"DZS Video Gallery - deploy/preview_skin_overlay.swf logoLink Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/126846/,http://www.securityfocus.com/bid/67698,http://seclists.org/fulldisclosure/2014/May/157","osvdb":"107522","cve":"2014-3923","created_at":"2014-08-01T10:51:42.483Z","updated_at":"2014-08-01T10:51:42.483Z"},{"id":93563,"title":"DZS Video Gallery - deploy/preview.swf logoLink Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/126846/,http://www.securityfocus.com/bid/67698,http://seclists.org/fulldisclosure/2014/May/157","osvdb":"107523","cve":"2014-3923","created_at":"2014-08-01T10:51:42.539Z","updated_at":"2014-08-01T10:51:42.539Z"},{"id":93564,"title":"DZS Video Gallery - preview_skin_rouge.swf logoLink Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/126846/,http://www.securityfocus.com/bid/67698,http://seclists.org/fulldisclosure/2014/May/157","osvdb":"107524","cve":"2014-3923","created_at":"2014-08-01T10:51:42.600Z","updated_at":"2014-08-01T10:51:42.600Z"}]}},{"askapache-firefox-adsense":{"vulnerabilities":[{"id":93565,"title":"AskApache Firefox Adsense 3.0 - Unspecified CSRF","url":"https://www.htbridge.com/advisory/HTB23188","osvdb":"100662","cve":"2013-6992","created_at":"2014-08-01T10:51:42.680Z","updated_at":"2014-08-01T10:51:42.680Z"}]}},{"ad-minister":{"vulnerabilities":[{"id":93566,"title":"Ad-minister 0.6 - Unspecified XSS","url":"http://packetstormsecurity.com/files/124604/,https://www.htbridge.com/advisory/HTB23187","osvdb":"100663","cve":"2013-6993","created_at":"2014-08-01T10:51:42.750Z","updated_at":"2014-08-01T10:51:42.750Z"}]}},{"tdo-mini-forms":{"vulnerabilities":[{"id":93567,"title":"TDO Mini Forms 0.13.9 - tdomf-upload-inline.php File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/124352/","osvdb":"100847","created_at":"2014-08-01T10:51:42.809Z","updated_at":"2014-08-01T10:51:42.809Z"}]}},{"huskerportfolio":{"vulnerabilities":[{"id":93568,"title":"HuskerPortfolio 0.3 - huskerPortfolio.php File Upload CSRF","url":"http://packetstormsecurity.com/files/124359/","osvdb":"100845","created_at":"2014-08-01T10:51:42.867Z","updated_at":"2014-08-01T10:51:42.867Z"}]}},{"formcraft":{"vulnerabilities":[{"id":93569,"title":"FormCraft - form.php id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/124343/","osvdb":"100877","secunia":"56044","created_at":"2014-08-01T10:51:42.924Z","updated_at":"2014-08-01T10:51:42.924Z"}]}},{"zarzadzanie_kontem":{"vulnerabilities":[{"id":93570,"title":"Zarzadzanie Kontem - ajaxfilemanager.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/118322/","osvdb":"87834","created_at":"2014-08-01T10:51:42.985Z","updated_at":"2014-08-01T10:51:42.985Z"}]}},{"ads-box":{"vulnerabilities":[{"id":93571,"title":"Ads Box - iframe_ampl.php count Parameter SQL Injection","url":"http://packetstormsecurity.com/files/118342/,http://www.securityfocus.com/bid/56681,http://xforce.iss.net/xforce/xfdb/80256","osvdb":"88257","created_at":"2014-08-01T10:51:43.040Z","updated_at":"2014-08-01T10:51:43.040Z"}]}},{"broken-link-checker":{"vulnerabilities":[{"id":93572,"title":"Broken Link Checker 1.9.1 - Bulk Action Form URL Handling XSS","osvdb":"101059","secunia":"56053","created_at":"2014-08-01T10:51:43.096Z","updated_at":"2014-08-01T10:51:43.096Z","fixed_in":"1.9.2"},{"id":93573,"title":"Broken Link Checker 1.9.1 - Sort Direction Query Argument Handling XSS","osvdb":"101066","secunia":"56053","created_at":"2014-08-01T10:51:43.166Z","updated_at":"2014-08-01T10:51:43.166Z","fixed_in":"1.9.2"}]}},{"easy-career-openings":{"vulnerabilities":[{"id":93574,"title":"Easy Career Openings - jobid Parameter SQL Injection","url":"http://packetstormsecurity.com/files/124309/","osvdb":"100677","created_at":"2014-08-01T10:51:43.232Z","updated_at":"2014-08-01T10:51:43.232Z"}]}},{"q-and-a":{"vulnerabilities":[{"id":93575,"title":"Q and A 1.0.6.2 - Multiple Scripts Direct Request Path Disclosure","osvdb":"100793","created_at":"2014-08-01T10:51:43.302Z","updated_at":"2014-08-01T10:51:43.302Z"}]}},{"ml-slider":{"vulnerabilities":[{"id":93576,"title":"Meta Slider 2.5 - metaslider.php id Parameter XSS","url":"http://packetstormsecurity.com/files/127288/,http://www.securityfocus.com/bid/68283","osvdb":"108611","cve":"2014-4846","created_at":"2014-08-01T10:51:43.377Z","updated_at":"2014-08-01T10:51:43.377Z"},{"id":93577,"title":"Meta Slider 2.1.6 - Multiple Script Direct Request Path Disclosure","osvdb":"100794","created_at":"2014-08-01T10:51:43.438Z","updated_at":"2014-08-01T10:51:43.438Z"}]}},{"custom-tables":{"vulnerabilities":[{"id":93578,"title":"Custom Tables 3.4.4 - iframe.php key Parameter XSS","osvdb":"83646","secunia":"49823","created_at":"2014-08-01T10:51:43.493Z","updated_at":"2014-08-01T10:51:43.493Z"}]}},{"wp-socializer":{"vulnerabilities":[{"id":93579,"title":"WP Socializer 2.4.2 - admin/wpsr-services-selector.php val Parameter XSS","osvdb":"83645","secunia":"49824","created_at":"2014-08-01T10:51:43.547Z","updated_at":"2014-08-01T10:51:43.547Z"}]}},{"church-admin":{"vulnerabilities":[{"id":93580,"title":"church_admin 0.33.4.5 - includes/validate.php id Parameter XSS","osvdb":"83644","secunia":"49827","created_at":"2014-08-01T10:51:43.606Z","updated_at":"2014-08-01T10:51:43.606Z"}]}},{"phpfreechat":{"vulnerabilities":[{"id":93581,"title":"PHPFreeChat 0.2.8 - lib/csstidy-1.2/css_optimiser.php url Parameter XSS","osvdb":"83642","secunia":"49826","created_at":"2014-08-01T10:51:43.683Z","updated_at":"2014-08-01T10:51:43.683Z"}]}},{"simple-embed-code":{"vulnerabilities":[{"id":93582,"title":"Artiss Code Embed 2.0.1 - wp-admin/admin.php suffix Parameter XSS","osvdb":"83686","secunia":"49848","created_at":"2014-08-01T10:51:43.746Z","updated_at":"2014-08-01T10:51:43.746Z","fixed_in":"2.0.2"}]}},{"dewplayer-flash-mp3-player":{"vulnerabilities":[{"id":93583,"title":"Dewplayer - dewplayer-vinyl.swf xml Parameter XML File Handling XSS","url":"http://packetstormsecurity.com/files/124582/,http://www.securityfocus.com/bid/64506,http://seclists.org/fulldisclosure/2013/Dec/192","osvdb":"101353","created_at":"2014-08-01T10:51:43.815Z","updated_at":"2014-08-01T10:51:43.815Z"},{"id":93584,"title":"Dewplayer - dewplayer-vinyl-en.swf xml Parameter XML File Handling XSS","url":"http://packetstormsecurity.com/files/124582/,http://www.securityfocus.com/bid/64506,http://seclists.org/fulldisclosure/2013/Dec/192","osvdb":"101352","created_at":"2014-08-01T10:51:43.868Z","updated_at":"2014-08-01T10:51:43.868Z"},{"id":93585,"title":"Dewplayer \u003c= 1.2 - dewplayer.php Direct Request Path Disclosure Weakness","url":"http://seclists.org/fulldisclosure/2013/Dec/209","osvdb":"101440","created_at":"2014-08-01T10:51:43.923Z","updated_at":"2014-08-01T10:51:43.923Z"}]}},{"advanced-dewplayer":{"vulnerabilities":[{"id":93586,"title":"Advanced Dewplayer - dewplayer-vinyl.swf xml Parameter XML File Handling XSS","url":"http://packetstormsecurity.com/files/124582/,http://www.securityfocus.com/bid/64506,http://seclists.org/fulldisclosure/2013/Dec/192","osvdb":"101353","created_at":"2014-08-01T10:51:43.983Z","updated_at":"2014-08-01T10:51:43.983Z"},{"id":93584,"title":"Dewplayer - dewplayer-vinyl-en.swf xml Parameter XML File Handling XSS","url":"http://packetstormsecurity.com/files/124582/,http://www.securityfocus.com/bid/64506,http://seclists.org/fulldisclosure/2013/Dec/192","osvdb":"101352","created_at":"2014-08-01T10:51:43.868Z","updated_at":"2014-08-01T10:51:43.868Z"},{"id":93587,"title":"Advanced Dewplayer \u003c= 1.2 - dewplayer.php Direct Request Path Disclosure Weakness","url":"http://seclists.org/fulldisclosure/2013/Dec/209","osvdb":"101440","created_at":"2014-08-01T10:51:44.112Z","updated_at":"2014-08-01T10:51:44.112Z"},{"id":93588,"title":"Advanced Dewplayer \u003c= 1.2 - download-file.php dew_file Parameter Traversal Arbitrary File Access","url":"http://seclists.org/oss-sec/2013/q4/566","osvdb":"101513","secunia":"55941","created_at":"2014-08-01T10:51:44.170Z","updated_at":"2014-08-01T10:51:44.170Z"}]}},{"sem-wysiwyg":{"vulnerabilities":[{"id":93589,"title":"SEM WYSIWYG - Arbitrary File Upload","url":"http://packetstormsecurity.com/files/115789/","created_at":"2014-08-01T10:51:44.231Z","updated_at":"2014-08-01T10:51:44.231Z"}]}},{"recommend-a-friend":{"vulnerabilities":[{"id":93590,"title":"Recommend a friend 2.0.2 - inc/raf_form.php current_url Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124587/","osvdb":"101487","cve":"2013-7276","secunia":"56209","created_at":"2014-08-01T10:51:44.293Z","updated_at":"2014-08-01T10:51:44.293Z"}]}},{"securimage-wp":{"vulnerabilities":[{"id":93591,"title":"Securimage-WP 3.2.4 - siwp_test.php URI XSS","url":"http://packetstormsecurity.com/files/121588/,http://xforce.iss.net/xforce/xfdb/84186","osvdb":"93259","secunia":"53376","created_at":"2014-08-01T10:51:44.359Z","updated_at":"2014-08-01T10:51:44.359Z"}]}},{"amazon-affiliate-link-localizer":{"vulnerabilities":[{"id":93592,"title":"Amazon Affiliate Link Localizer 1.8.2 - amazon_affiliate_link_localizer.php amzn_com Parameter XSS","url":"http://www.dfcode.org/code.php?id=27","osvdb":"100783","created_at":"2014-08-01T10:51:44.417Z","updated_at":"2014-08-01T10:51:44.417Z"}]}},{"maxbuttons":{"vulnerabilities":[{"id":93593,"title":"MaxButtons 1.19.0 - includes/maxbuttons-button-css.php Authentication Bypass","osvdb":"101773","secunia":"56272","created_at":"2014-08-01T10:51:44.471Z","updated_at":"2014-08-01T10:51:44.471Z","fixed_in":"1.20.0"}]}},{"aprils-super-functions-pack":{"vulnerabilities":[{"id":93594,"title":"April's Super Functions Pack 1.4.7 - readme.php page Parameter Reflected XSS","osvdb":"101807","secunia":"55576","created_at":"2014-08-01T10:51:44.534Z","updated_at":"2014-08-01T10:51:44.534Z","fixed_in":"1.4.8"}]}},{"wordpress-connect":{"vulnerabilities":[{"id":93595,"title":"WordPress Connect 2.0.3 - Editor Pages Unspecified XSS","osvdb":"101716","secunia":"56238","created_at":"2014-08-01T10:51:44.603Z","updated_at":"2014-08-01T10:51:44.603Z"}]}},{"page-layout-builder":{"vulnerabilities":[{"id":93596,"title":"Page Layout Builder 1.3.4 - includes/layout-settings.php layout_settings_id Parameter Reflected XSS","osvdb":"101723","secunia":"56214","created_at":"2014-08-01T10:51:44.681Z","updated_at":"2014-08-01T10:51:44.681Z","fixed_in":"1.3.6"},{"id":93597,"title":"Page Layout Builder 1.3.4 - Unspecified Issue","osvdb":"101724","secunia":"56214","created_at":"2014-08-01T10:51:44.760Z","updated_at":"2014-08-01T10:51:44.760Z","fixed_in":"1.3.6"}]}},{"foliopress-wysiwyg":{"vulnerabilities":[{"id":93598,"title":"Foliopress WYSIWYG - Unspecified XSS","osvdb":"101726","secunia":"56261","created_at":"2014-08-01T10:51:44.860Z","updated_at":"2014-08-01T10:51:44.860Z","fixed_in":"2.6.8.5"}]}},{"intouch":{"vulnerabilities":[{"id":93599,"title":"intouch 2.0 - intouch.js.php intouch_failure Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124687/,http://www.securityfocus.com/bid/64680","osvdb":"101822","created_at":"2014-08-01T10:51:44.994Z","updated_at":"2014-08-01T10:51:44.994Z"}]}},{"nmedia-mailchimp-widget":{"vulnerabilities":[{"id":93600,"title":"Nmedia MailChimp 3.1 - api_mailchimp/postToMailChimp.php abs_path Parameter XSS","osvdb":"83083","secunia":"49538","created_at":"2014-08-01T10:51:45.109Z","updated_at":"2014-08-01T10:51:45.109Z","fixed_in":"3.2"}]}},{"ns-utilities":{"vulnerabilities":[{"id":93601,"title":"NS Utilities 1.0 - Unspecified Remote Issue","osvdb":"82944","secunia":"49476","created_at":"2014-08-01T10:51:45.176Z","updated_at":"2014-08-01T10:51:45.176Z","fixed_in":"1.1"}]}},{"spiffy":{"vulnerabilities":[{"id":93602,"title":"Spiffy XSPF Player 0.1 - playlist.php playlist_id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/121204/,http://www.securityfocus.com/bid/58976,http://xforce.iss.net/xforce/xfdb/83345","osvdb":"92258","cve":"2013-3530","created_at":"2014-08-01T10:51:45.243Z","updated_at":"2014-08-01T10:51:45.243Z"}]}},{"easy-media-gallery":{"vulnerabilities":[{"id":93603,"title":"Easy Media Gallery 1.2.29 - wp-admin/edit.php Multiple Parameter Stored XSS","url":"http://packetstormsecurity.com/files/125396/,http://www.securityfocus.com/bid/65804","osvdb":"103779","created_at":"2014-08-01T10:51:45.310Z","updated_at":"2014-08-01T10:51:45.310Z"},{"id":93604,"title":"Easy Media Gallery 1.2.25 - includes/emg-settings.php spg_add_admin Function Admin User Creation CSRF","url":"http://incolumitas.com/2013/12/17/exploiting-wordpress-plugins-using-insecure-admin-forms-no-3-example-exploit-included/","osvdb":"101941","secunia":"56408","created_at":"2014-08-01T10:51:45.370Z","updated_at":"2014-08-01T10:51:45.370Z","fixed_in":"1.2.27"}]}},{"wp-members":{"vulnerabilities":[{"id":93605,"title":"WP-Members 2.8.9 - profile.php Multiple Parameter Stored XSS","url":"http://packetstormsecurity.com/files/124720/,http://www.securityfocus.com/bid/64713","osvdb":"101946","secunia":"56271","created_at":"2014-08-01T10:51:45.438Z","updated_at":"2014-08-01T10:51:45.438Z","fixed_in":"2.8.10"},{"id":93606,"title":"WP-Members 2.8.9 - wp-login.php register Action Multiple Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124720/,http://www.securityfocus.com/bid/64713","osvdb":"101947","secunia":"56271","created_at":"2014-08-01T10:51:45.504Z","updated_at":"2014-08-01T10:51:45.504Z","fixed_in":"2.8.10"}]}},{"wpmbytplayer":{"vulnerabilities":[{"id":93607,"title":"mb.YTPlayer for background videos 1.7.2 - TinyMCE Popup Unspecified Issue","osvdb":"101718","secunia":"56270","created_at":"2014-08-01T10:51:45.567Z","updated_at":"2014-08-01T10:51:45.567Z","fixed_in":"1.7.3"}]}},{"keyring":{"vulnerabilities":[{"id":93608,"title":"Keyring 1.5 - OAuth Example Page XSS","secunia":"56367","created_at":"2014-08-01T10:51:45.640Z","updated_at":"2014-08-01T10:51:45.640Z"}]}},{"avchat-3":{"vulnerabilities":[{"id":93609,"title":"AVChat Video Chat 1.4.1 - index_popup.php Multiple Parameters Reflected XSS","osvdb":"102206","secunia":"56447","created_at":"2014-08-01T10:51:45.722Z","updated_at":"2014-08-01T10:51:45.722Z","fixed_in":"1.4.2"}]}},{"groupdocs-comparison":{"vulnerabilities":[{"id":93610,"title":"GroupDocs Comparison 1.0.2 - grpdocscomparison.php Multiple Parameter XSS","osvdb":"102297","created_at":"2014-08-01T10:51:45.789Z","updated_at":"2014-08-01T10:51:45.789Z","fixed_in":"1.0.3"}]}},{"groupdocs-signature":{"vulnerabilities":[{"id":93611,"title":"GroupDocs Signature 1.2.0 - grpdocs-dialog.php Multiple Parameter XSS","osvdb":"102298","created_at":"2014-08-01T10:51:45.858Z","updated_at":"2014-08-01T10:51:45.858Z","fixed_in":"1.2.1"},{"id":93612,"title":"GroupDocs Signature 1.2.0 - options.php Multiple Parameter XSS","osvdb":"102299","created_at":"2014-08-01T10:51:45.927Z","updated_at":"2014-08-01T10:51:45.927Z","fixed_in":"1.2.1"}]}},{"groupdocs-viewer":{"vulnerabilities":[{"id":93613,"title":"GroupDocs Viewer 1.4.1 - options.php Multiple Parameter XSS","osvdb":"102299","created_at":"2014-08-01T10:51:45.993Z","updated_at":"2014-08-01T10:51:45.993Z","fixed_in":"1.4.2"},{"id":93614,"title":"GroupDocs Viewer 1.4.1 - grpdocs-dialog.php Multiple Parameter XSS","osvdb":"102300","created_at":"2014-08-01T10:51:46.063Z","updated_at":"2014-08-01T10:51:46.063Z","fixed_in":"1.4.2"}]}},{"groupdocs-documents-annotation":{"vulnerabilities":[{"id":93615,"title":"GroupDocs Document Annotation 1.3.8 - options.php Multiple Parameter XSS","osvdb":"102299","created_at":"2014-08-01T10:51:46.133Z","updated_at":"2014-08-01T10:51:46.133Z","fixed_in":"1.3.9"},{"id":93616,"title":"GroupDocs Document Annotation 1.3.8 - grpdocs-dialog.php Multiple Parameter XSS","osvdb":"102301","created_at":"2014-08-01T10:51:46.203Z","updated_at":"2014-08-01T10:51:46.203Z","fixed_in":"1.3.9"}]}},{"athlon-manage-calameo-publications":{"vulnerabilities":[{"id":93617,"title":"Manage Calameo Publications 1.1.0 - thickbox_content.php attachment_id Parameter Reflected XSS","osvdb":"102433","secunia":"56428","created_at":"2014-08-01T10:51:46.269Z","updated_at":"2014-08-01T10:51:46.269Z","fixed_in":"1.1.1"}]}},{"ss-downloads":{"vulnerabilities":[{"id":93618,"title":"SS Downloads  1.4.4.1 - services/getfile.php file Parameter XSS","osvdb":"102501","created_at":"2014-08-01T10:51:46.352Z","updated_at":"2014-08-01T10:51:46.352Z","fixed_in":"1.5"},{"id":93619,"title":"SS Downloads  1.4.4.1 - ss-downloads.php Multiple Variables XSS","osvdb":"102502","created_at":"2014-08-01T10:51:46.420Z","updated_at":"2014-08-01T10:51:46.420Z","fixed_in":"1.5"},{"id":93620,"title":"SS Downloads  1.4.4.1 - templates/download.php Multiple Parameters Reflected XSS","osvdb":"102503","secunia":"56428","created_at":"2014-08-01T10:51:46.492Z","updated_at":"2014-08-01T10:51:46.492Z","fixed_in":"1.5"},{"id":93621,"title":"SS Downloads  1.4.4.1 - templates/register.php Multiple Parameter Reflected XSS","osvdb":"102504","secunia":"56428","created_at":"2014-08-01T10:51:46.560Z","updated_at":"2014-08-01T10:51:46.560Z","fixed_in":"1.5"},{"id":93622,"title":"SS Downloads  1.4.4.1 - templates/emailsent.php Multiple Parameter Reflected XSS","osvdb":"102537","secunia":"56532","created_at":"2014-08-01T10:51:46.626Z","updated_at":"2014-08-01T10:51:46.626Z","fixed_in":"1.5"},{"id":93623,"title":"SS Downloads  1.4.4.1 - templates/emailform.php Multiple Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124958/","osvdb":"102538","secunia":"56532","created_at":"2014-08-01T10:51:46.691Z","updated_at":"2014-08-01T10:51:46.691Z","fixed_in":"1.5"},{"id":93624,"title":"SS Downloads  1.4.4.1 - templates/emailandnameform.php Multiple Parameter Reflected XSS","osvdb":"102539","secunia":"56532","created_at":"2014-08-01T10:51:46.757Z","updated_at":"2014-08-01T10:51:46.757Z","fixed_in":"1.5"}]}},{"global-flash-galleries":{"vulnerabilities":[{"id":93625,"title":"Global Flash Galleries - popup.php id Parameter SQL Injection","osvdb":"104907","created_at":"2014-08-01T10:51:46.821Z","updated_at":"2014-08-01T10:51:46.821Z"},{"id":93626,"title":"Global Flash Galleries - swfupload.php Unauthenticated Image Upload Weakness","url":"http://packetstormsecurity.com/files/124850/,http://www.securityfocus.com/bid/65060","osvdb":"102423","created_at":"2014-08-01T10:51:46.876Z","updated_at":"2014-08-01T10:51:46.876Z"}]}},{"social-connect":{"vulnerabilities":[{"id":93627,"title":"Social Connect 0.10.1 - diagnostics/test.php testing Parameter Reflected XSS","osvdb":"102411","secunia":"56587","created_at":"2014-08-01T10:51:46.938Z","updated_at":"2014-08-01T10:51:46.938Z","fixed_in":"0.10.2"}]}},{"let-them-unsubscribe":{"vulnerabilities":[{"id":93628,"title":"Let Them Unsubscribe 1.0 - let-them-unsubscribe.php Multiple Unspecified Issues","osvdb":"102500","secunia":"56659","created_at":"2014-08-01T10:51:47.008Z","updated_at":"2014-08-01T10:51:47.008Z","fixed_in":"1.1"}]}},{"seo-image":{"vulnerabilities":[{"id":93629,"title":"SEO Friendly Images 2.7.4 - seo-friendly-images.php Add Page CSRF","osvdb":"101789","created_at":"2014-08-01T10:51:47.075Z","updated_at":"2014-08-01T10:51:47.075Z","fixed_in":"2.7.5"},{"id":93630,"title":"SEO Friendly Images 2.7.4 - seo-friendly-images.php Multiple Parameters XSS","osvdb":"101790","created_at":"2014-08-01T10:51:47.143Z","updated_at":"2014-08-01T10:51:47.143Z","fixed_in":"2.7.5"}]}},{"wordpress-social-ring":{"vulnerabilities":[{"id":93631,"title":"Social Ring 1.0 - share.php url Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124851/","osvdb":"102424","created_at":"2014-08-01T10:51:47.208Z","updated_at":"2014-08-01T10:51:47.208Z","fixed_in":"1.1.9"}]}},{"flagallery-skins":{"vulnerabilities":[{"id":93632,"title":"GRAND FlAGallery Skins - compact_music_player/gallery.php playlist Parameter SQL Injection","url":"http://packetstormsecurity.com/files/121699/","osvdb":"93581","created_at":"2014-08-01T10:51:47.274Z","updated_at":"2014-08-01T10:51:47.274Z"}]}},{"contus-video-gallery":{"vulnerabilities":[{"id":93633,"title":"Contus Video Gallery - index.php playid Parameter SQL Injection","url":"http://www.securityfocus.com/bid/59845,http://xforce.iss.net/xforce/xfdb/84239","osvdb":"93369","cve":"2013-3478","secunia":"51344","created_at":"2014-08-01T10:51:47.371Z","updated_at":"2014-08-01T10:51:47.371Z"}]}},{"webengage":{"vulnerabilities":[{"id":93634,"title":"WebEngage 2.0.0 - callback.php Multiple Parameter Reflected XSS","osvdb":"102560","secunia":"56700","created_at":"2014-08-01T10:51:47.433Z","updated_at":"2014-08-01T10:51:47.433Z","fixed_in":"2.0.1"},{"id":93635,"title":"WebEngage 2.0.0 - renderer.php Multiple Parameter Reflected XSS","osvdb":"102561","secunia":"56700","created_at":"2014-08-01T10:51:47.495Z","updated_at":"2014-08-01T10:51:47.495Z","fixed_in":"2.0.1"},{"id":93636,"title":"WebEngage 2.0.0 - resize.php height Parameter XSS","osvdb":"102562","secunia":"56700","created_at":"2014-08-01T10:51:47.558Z","updated_at":"2014-08-01T10:51:47.558Z","fixed_in":"2.0.1"}]}},{"fetch-tweets":{"vulnerabilities":[{"id":93637,"title":"Fetch Tweets 1.3.3.6 - class/FetchTweets_Event_.php Missing Permission Check Unspecified Issue","osvdb":"102578","created_at":"2014-08-01T10:51:47.624Z","updated_at":"2014-08-01T10:51:47.624Z"}]}},{"seolinkrotator":{"vulnerabilities":[{"id":93638,"title":"Seo Link Rotator - pusher.php title Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124959/","osvdb":"102594","secunia":"56710","created_at":"2014-08-01T10:51:47.680Z","updated_at":"2014-08-01T10:51:47.680Z"}]}},{"nokia-mapsplaces":{"vulnerabilities":[{"id":93639,"title":"Nokia Maps and Places 1.6.6 - place.html href Parameter Reflected XSS","osvdb":"102669","cve":"2014-1750","secunia":"56604","created_at":"2014-08-01T10:51:47.738Z","updated_at":"2014-08-01T10:51:47.738Z","fixed_in":"1.6.7"}]}},{"webinar_plugin":{"vulnerabilities":[{"id":93640,"title":"Easy Webinar - get_widget.php wid Parameter SQL Injection","osvdb":"86754","exploitdb":"22300","created_at":"2014-08-01T10:51:47.811Z","updated_at":"2014-08-01T10:51:47.811Z","fixed_in":"1.6.7"}]}},{"wp-social-invitations":{"vulnerabilities":[{"id":93641,"title":"WP Social Invitations \u003c=1.4.4.2 - test.php Multiple Parameter Reflected XSS","osvdb":"102741","secunia":"56711","created_at":"2014-08-01T10:51:47.882Z","updated_at":"2014-08-01T10:51:47.882Z","fixed_in":"1.4.4.3"}]}},{"infusionsoft":{"vulnerabilities":[{"id":93642,"title":"Infusionsoft Gravity Forms Add-on 1.5.6 - Unspecified XSS","osvdb":"102742","created_at":"2014-08-01T10:51:47.949Z","updated_at":"2014-08-01T10:51:47.949Z","fixed_in":"1.5.7"}]}},{"comment-control":{"vulnerabilities":[{"id":93643,"title":"Comment Control 0.3.0 - comment-control.php type Parameter SQL Injection","osvdb":"102581","created_at":"2014-08-01T10:51:48.015Z","updated_at":"2014-08-01T10:51:48.015Z","fixed_in":"0.3.1"}]}},{"wptouch":{"vulnerabilities":[{"id":93644,"title":"WPtouch 3.x - Insecure Nonce Generation","url":"http://blog.sucuri.net/2014/07/disclosure-insecure-nonce-generation-in-wptouch.html","created_at":"2014-08-01T10:51:48.081Z","updated_at":"2014-08-01T10:51:48.081Z","metasploit":"exploit/unix/webapp/wp_wptouch_file_upload","fixed_in":"3.4.3"},{"id":93645,"title":"WPtouch 1.9.27 - 'wptouch_redirect' Parameter URI Redirection Vulnerability","url":"http://www.securityfocus.com/bid/48348","created_at":"2014-08-01T10:51:48.146Z","updated_at":"2014-08-01T10:51:48.146Z","fixed_in":"1.9.30"},{"id":93646,"title":"WPtouch 1.9.19.4 - wp-content/plugins/wptouch/include/adsense-new.php wptouch_settings Parameter XSS","url":"http://www.securityfocus.com/bid/45139","osvdb":"69538","cve":"2010-4779","secunia":"42438","created_at":"2014-08-01T10:51:48.214Z","updated_at":"2014-08-01T10:51:48.214Z","fixed_in":"1.9.20"},{"id":93647,"title":"WPtouch 1.9.8 - ajax/file_upload.php Crafted Content-Type File Upload Remote Code Execution","osvdb":"102582","created_at":"2014-08-01T10:51:48.289Z","updated_at":"2014-08-01T10:51:48.289Z","fixed_in":"1.9.8.1"},{"id":93648,"title":"WPtouch 1.9.8 - include/submit.php Multiple Parameter SQL Injection","osvdb":"102583","created_at":"2014-08-01T10:51:48.368Z","updated_at":"2014-08-01T10:51:48.368Z","fixed_in":"1.9.8.1"}]}},{"better-search":{"vulnerabilities":[{"id":93649,"title":"Better Search 1.2.1 - admin.inc.php Setting Manipulation CSRF","osvdb":"102584","created_at":"2014-08-01T10:51:48.440Z","updated_at":"2014-08-01T10:51:48.440Z","fixed_in":"1.3"}]}},{"very-simple-contact-form":{"vulnerabilities":[{"id":93650,"title":"Very Simple Contact Form 1.1 - Unspecified Issue","osvdb":"102798","created_at":"2014-08-01T10:51:48.508Z","updated_at":"2014-08-01T10:51:48.508Z","fixed_in":"1.2"}]}},{"stop-user-enumeration":{"vulnerabilities":[{"id":93651,"title":"Stop User Enumeration 1.2.4 - POST Request Protection Bypass","url":"http://packetstormsecurity.com/files/125035/,http://seclists.org/fulldisclosure/2014/Feb/3","osvdb":"102799","secunia":"56643","created_at":"2014-08-01T10:51:48.570Z","updated_at":"2014-08-01T10:51:48.570Z"}]}},{"delightful-downloads":{"vulnerabilities":[{"id":93652,"title":"Delightful Downloads 1.3.1.1 - meta-boxes.php dedo_meta_boxes_save Function Multiple Action Authorization Bypass","osvdb":"102932","created_at":"2014-08-01T10:51:48.622Z","updated_at":"2014-08-01T10:51:48.622Z","fixed_in":"1.3.2"},{"id":93653,"title":"Delightful Downloads 1.3.1.1 - includes/functions.php User-Agent HTTP Header Stored XSS","osvdb":"102928","created_at":"2014-08-01T10:51:48.688Z","updated_at":"2014-08-01T10:51:48.688Z","fixed_in":"1.3.2"}]}},{"mobiloud-mobile-app-plugin":{"vulnerabilities":[{"id":93654,"title":"Mobiloud 1.9.0 - comments/disqus_count.php shortname Parameter Reflected XSS","osvdb":"102898","created_at":"2014-08-01T10:51:48.750Z","updated_at":"2014-08-01T10:51:48.750Z","fixed_in":"1.9.1"},{"id":93655,"title":"Mobiloud 1.9.0 - comments/disqus.php shortname Parameter Reflected XSS","osvdb":"102899","created_at":"2014-08-01T10:51:48.812Z","updated_at":"2014-08-01T10:51:48.812Z","fixed_in":"1.9.1"}]}},{"all_in_one_carousel":{"vulnerabilities":[{"id":93656,"title":"all_in_one_carousel 1.2.20 - /tpl/add_carousel.php id Parameter Reflected XSS","url":"http://seclists.org/bugtraq/2014/Feb/38","osvdb":"103351","secunia":"56962","created_at":"2014-08-01T10:51:48.876Z","updated_at":"2014-08-01T10:51:48.876Z"}]}},{"frontend-uploader":{"vulnerabilities":[{"id":93657,"title":"Frontend Uploader - Unspecified File Upload Remote Code Execution","osvdb":"103454","exploitdb":"31570","created_at":"2014-08-01T10:51:48.934Z","updated_at":"2014-08-01T10:51:48.934Z"}]}},{"wp-security-scan":{"vulnerabilities":[{"id":93658,"title":"Acunetix WP Security 4.0.3 - /wp-admin/admin.php wps-database Page Backup Generation CSRF Weakness","url":"http://packetstormsecurity.com/files/125218/","osvdb":"103467","created_at":"2014-08-01T10:51:48.998Z","updated_at":"2014-08-01T10:51:48.998Z"}]}},{"aryo-activity-log":{"vulnerabilities":[{"id":93659,"title":"Aryo Activity Log - Full Path Disclosure","url":"https://github.com/KingYes/wordpress-aryo-activity-log/pull/27","created_at":"2014-08-01T10:51:49.058Z","updated_at":"2014-08-01T10:51:49.058Z","fixed_in":"2.0.4"}]}},{"wp-jquery-spam":{"vulnerabilities":[{"id":93660,"title":"WP jQuery Spam 1.1 - dynamic.php id Parameter Reflected XSS","osvdb":"103579","created_at":"2014-08-01T10:51:49.131Z","updated_at":"2014-08-01T10:51:49.131Z","fixed_in":"1.2"}]}},{"media-file-renamer":{"vulnerabilities":[{"id":93661,"title":"Media File Renamer v1.7.0 - Persistent XSS","url":"http://packetstormsecurity.com/files/125378/,http://www.vapid.dhs.org/advisories/wordpress/plugins/MediaFileRenamer-1.7.0/","cve":"2014-2040","created_at":"2014-08-01T10:51:49.206Z","updated_at":"2014-08-01T10:51:49.206Z"}]}},{"flash-player-widget":{"vulnerabilities":[{"id":93662,"title":"Flash Player Widget - dewplayer.swf Content Spoofing","url":"http://www.openwall.com/lists/oss-security/2013/12/30/5","created_at":"2014-08-01T10:51:49.271Z","updated_at":"2014-08-01T10:51:49.271Z"}]}},{"alpine-photo-tile-for-instagram":{"vulnerabilities":[{"id":93663,"title":"Alpine PhotoTile For Instagram 1.2.6.5 - wp-admin/options-general.php general_lightbox_params Parameter XSS Weakness","url":"http://packetstormsecurity.com/files/125418/","osvdb":"103822","secunia":"57198","created_at":"2014-08-01T10:51:49.348Z","updated_at":"2014-08-01T10:51:49.348Z"}]}},{"widget-control-powered-by-everyblock":{"vulnerabilities":[{"id":93664,"title":"Widget Control Powered By Everyblock 1.0.1 - wp-admin/admin.php idDropdown Parameter XSS Weakness","url":"http://packetstormsecurity.com/files/125421/","osvdb":"103831","secunia":"57203","created_at":"2014-08-01T10:51:49.404Z","updated_at":"2014-08-01T10:51:49.404Z"}]}},{"search-everything":{"vulnerabilities":[{"id":93665,"title":"Search Everything 8.1.0 - options.php Unspecified CSRF","osvdb":"106733","created_at":"2014-08-01T10:51:49.466Z","updated_at":"2014-08-01T10:51:49.466Z","fixed_in":"8.1.1"},{"id":93666,"title":"Search Everything 7.0.4 - Unspecified Issue","osvdb":"104058","created_at":"2014-08-01T10:51:49.539Z","updated_at":"2014-08-01T10:51:49.539Z","fixed_in":"8.0"},{"id":93667,"title":"Search Everything 7.0.2 - search-everything.php s Parameter SQL Injection","url":"http://www.securityfocus.com/bid/65765","osvdb":"103718","cve":"2014-2316","secunia":"56802","created_at":"2014-08-01T10:51:49.618Z","updated_at":"2014-08-01T10:51:49.618Z","fixed_in":"7.0.3"}]}},{"zedity":{"vulnerabilities":[{"id":93668,"title":"Zedity 2.5 - wp-admin/admin-ajax.php zedity_ajax Action zaction Parameter XSS","url":"http://www.securityfocus.com/bid/65799","osvdb":"103789","secunia":"57026","created_at":"2014-08-01T10:51:49.701Z","updated_at":"2014-08-01T10:51:49.701Z"},{"id":93669,"title":"Zedity 2.4 - Cross Site Scripting","url":"http://packetstormsecurity.com/files/125402/","created_at":"2014-08-01T10:51:49.763Z","updated_at":"2014-08-01T10:51:49.763Z"}]}},{"wp-post-to-pdf":{"vulnerabilities":[{"id":93670,"title":"WP Post to PDF 2.3.1 - wp-admin/options.php wpptopdf headerFontSize Parameter XSS","url":"http://packetstormsecurity.com/files/125432/","osvdb":"103872","created_at":"2014-08-01T10:51:49.816Z","updated_at":"2014-08-01T10:51:49.816Z"}]}},{"bsk-pdf-manager":{"vulnerabilities":[{"id":93671,"title":"BSK PDF Manager 1.3.2 - wp-admin/admin.php Multiple Parameter SQL Injection","url":"http://packetstormsecurity.com/files/127407/,http://www.securityfocus.com/bid/68488","osvdb":"108913","cve":"2014-4944","created_at":"2014-08-01T10:51:49.873Z","updated_at":"2014-08-01T10:51:49.873Z"},{"id":93672,"title":"BSK PDF Manager 1.3 - wp-admin/admin.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/125422/","osvdb":"103873","created_at":"2014-08-01T10:51:49.927Z","updated_at":"2014-08-01T10:51:49.927Z"}]}},{"mp3-jplayer":{"vulnerabilities":[{"id":93673,"title":"MP3-jPlayer 1.8.7 - wp-admin/options-general.php Multiple Parameter XSS","url":"http://packetstormsecurity.com/files/125417/","osvdb":"103875","created_at":"2014-08-01T10:51:49.993Z","updated_at":"2014-08-01T10:51:49.993Z"},{"id":93674,"title":"MP3-jPlayer 1.8.3 - jPlayer.swf XSS","osvdb":"92254","created_at":"2014-08-01T10:51:50.061Z","updated_at":"2014-08-01T10:51:50.061Z","fixed_in":"1.8.4"}]}},{"google-analytics-mu":{"vulnerabilities":[{"id":93675,"title":"Google Analytics MU 2.3 - google-analytics-mu-network.php Analytics Code Manipulation CSRF","url":"http://packetstormsecurity.com/files/125514/,http://seclists.org/fulldisclosure/2014/Mar/20,http://www.securityfocus.com/bid/65926","osvdb":"103937","secunia":"56157","created_at":"2014-08-01T10:51:50.124Z","updated_at":"2014-08-01T10:51:50.124Z","fixed_in":"2.4"}]}},{"repagent":{"vulnerabilities":[{"id":93676,"title":"Repagent - dewplayer-vinyl.swf xml Parameter XML File Handling XSS","url":"http://packetstormsecurity.com/files/124582/,http://www.securityfocus.com/bid/64506,http://seclists.org/fulldisclosure/2013/Dec/192","osvdb":"101353","created_at":"2014-08-01T10:51:50.191Z","updated_at":"2014-08-01T10:51:50.191Z"},{"id":93677,"title":"Repagent - dewplayer-vinyl-en.swf xml Parameter XML File Handling XSS","url":"http://packetstormsecurity.com/files/124582/,http://www.securityfocus.com/bid/64506,http://seclists.org/fulldisclosure/2013/Dec/192","osvdb":"101352","created_at":"2014-08-01T10:51:50.246Z","updated_at":"2014-08-01T10:51:50.246Z"}]}},{"LayerSlider":{"vulnerabilities":[{"id":93678,"title":"LayerSlider 4.6.1 - wp-admin/admin.php Style Editing CSRF","url":"http://packetstormsecurity.com/files/125637/","osvdb":"104393","secunia":"57930","created_at":"2014-08-01T10:51:50.316Z","updated_at":"2014-08-01T10:51:50.316Z"},{"id":93679,"title":"LayerSlider 4.6.1 - LayerSlider/editor.php skin Parameter Remote Path Traversal File Access","url":"http://packetstormsecurity.com/files/125637/","osvdb":"104394","secunia":"57309","created_at":"2014-08-01T10:51:50.385Z","updated_at":"2014-08-01T10:51:50.385Z"}]}},{"xcloner-backup-and-restore":{"vulnerabilities":[{"id":93680,"title":"XCloner 3.1.0 - Multiple Actions CSRF","url":"http://packetstormsecurity.com/files/125991/,https://www.htbridge.com/advisory/HTB23206,https://www.htbridge.com/advisory/HTB23207","osvdb":"104402","cve":"2014-2340,2014-2579","secunia":"57362","exploitdb":"32701","created_at":"2014-08-01T10:51:50.452Z","updated_at":"2014-08-01T10:51:50.452Z","fixed_in":"3.1.1"}]}},{"guiform":{"vulnerabilities":[{"id":93681,"title":"GuiForm 1.4.10 - class/class-ajax.php Entry Saving CSRF","osvdb":"104399","created_at":"2014-08-01T10:51:50.526Z","updated_at":"2014-08-01T10:51:50.526Z","fixed_in":"1.5.0"}]}},{"clickdesk-live-support-chat-plugin":{"vulnerabilities":[{"id":93682,"title":"ClickDesk - Live Chat Widget Multiple Field XSS","url":"http://packetstormsecurity.com/files/125528/,http://www.securityfocus.com/bid/65971","osvdb":"104037","created_at":"2014-08-01T10:51:50.593Z","updated_at":"2014-08-01T10:51:50.593Z"}]}},{"duplicate-post":{"vulnerabilities":[{"id":93683,"title":"Duplicate Post 2.5 - duplicate-post-admin.php User Login Cookie Value SQL Injection","osvdb":"104669","created_at":"2014-08-01T10:51:50.648Z","updated_at":"2014-08-01T10:51:50.648Z","fixed_in":"2.6"},{"id":93684,"title":"Duplicate Post 2.5 - options-general.php post Parameter Reflected XSS","osvdb":"104670","created_at":"2014-08-01T10:51:50.709Z","updated_at":"2014-08-01T10:51:50.709Z","fixed_in":"2.6"}]}},{"mtouch-quiz":{"vulnerabilities":[{"id":93685,"title":"mTouch Quiz 3.0.6 - question.php quiz Parameter Reflected XSS","url":"http://www.securityfocus.com/bid/66306","osvdb":"104667","created_at":"2014-08-01T10:51:50.774Z","updated_at":"2014-08-01T10:51:50.774Z","fixed_in":"3.0.7"},{"id":93686,"title":"mTouch Quiz 3.0.6 - question.php quiz Parameter SQL Injection","url":"http://www.securityfocus.com/bid/66306","osvdb":"104668","created_at":"2014-08-01T10:51:50.847Z","updated_at":"2014-08-01T10:51:50.847Z","fixed_in":"3.0.7"}]}},{"simple-retail-menus":{"vulnerabilities":[{"id":93687,"title":"Simple Retail Menus 4.0.1 - includes/actions.php targetmenu Parameter SQL Injection","osvdb":"104680","created_at":"2014-08-01T10:51:50.915Z","updated_at":"2014-08-01T10:51:50.915Z","fixed_in":"4.1"},{"id":93688,"title":"Simple Retail Menus 4.0.1 - includes/mode-edit.php targetmenu Parameter SQL Injection","osvdb":"104682","created_at":"2014-08-01T10:51:50.986Z","updated_at":"2014-08-01T10:51:50.986Z","fixed_in":"4.1"}]}},{"user-domain-whitelist":{"vulnerabilities":[{"id":93689,"title":"User Domain Whitelist 1.4 - user-domain-whitelist.php domain_whitelist Parameter Stored XSS","osvdb":"104681","secunia":"57490","created_at":"2014-08-01T10:51:51.050Z","updated_at":"2014-08-01T10:51:51.050Z"},{"id":93690,"title":"User Domain Whitelist 1.4 -  user-domain-whitelist.php Domain Whitelisting Manipulation CSRF","osvdb":"104683","secunia":"57490","created_at":"2014-08-01T10:51:51.109Z","updated_at":"2014-08-01T10:51:51.109Z","fixed_in":"1.5"}]}},{"subscribe-to-comments-reloaded":{"vulnerabilities":[{"id":93691,"title":"Subscribe To Comments Reloaded 140204 - options/index.php manager_page Parameter Stored XSS Weakness","url":"http://www.securityfocus.com/bid/66288","osvdb":"104698","secunia":"57015","created_at":"2014-08-01T10:51:51.179Z","updated_at":"2014-08-01T10:51:51.179Z","fixed_in":"140219"},{"id":93692,"title":"Subscribe To Comments Reloaded 140204 - options/index.php Admin Settings Manipulation CSRF","url":"http://www.securityfocus.com/bid/66288","osvdb":"104699","secunia":"57015","created_at":"2014-08-01T10:51:51.244Z","updated_at":"2014-08-01T10:51:51.244Z","fixed_in":"140219"}]}},{"analytics360":{"vulnerabilities":[{"id":93693,"title":"Analytics360 1.2.1 - analytics360.php Multiple Action CSRF","osvdb":"104743","created_at":"2014-08-01T10:51:51.324Z","updated_at":"2014-08-01T10:51:51.324Z","fixed_in":"1.2.2"},{"id":93694,"title":"Analytics360 1.2 - analytics360.php a360_error Parameter Reflected XSS","osvdb":"104744","created_at":"2014-08-01T10:51:51.391Z","updated_at":"2014-08-01T10:51:51.391Z","fixed_in":"1.2.1"}]}},{"the-events-calendar":{"vulnerabilities":[{"id":93695,"title":"The Events Calendar 3.0 - lib/template-classes/month.php tribe-bar-search Parameter Reflected XSS","osvdb":"104785","created_at":"2014-08-01T10:51:51.456Z","updated_at":"2014-08-01T10:51:51.456Z","fixed_in":"3.0.1"}]}},{"form-maker":{"vulnerabilities":[{"id":93696,"title":"Form Maker 1.6.4 - front_end_form_maker.php Unspecified XSS","osvdb":"104870","created_at":"2014-08-01T10:51:51.522Z","updated_at":"2014-08-01T10:51:51.522Z","fixed_in":"1.6.6"}]}},{"1-jquery-photo-gallery-slideshow-flash":{"vulnerabilities":[{"id":93697,"title":"ZooEffect 1.08 - wp-1pluginjquery.php HTTP Referer Header Reflected XSS","osvdb":"104876","created_at":"2014-08-01T10:51:51.597Z","updated_at":"2014-08-01T10:51:51.597Z","fixed_in":"1.09"}]}},{"google-analytics-dashboard":{"vulnerabilities":[{"id":93698,"title":"Google Analytics Dashboard 2.0.4 - gad-admin-pages-posts.php pid Parameter SQL Injection","osvdb":"104877","created_at":"2014-08-01T10:51:51.672Z","updated_at":"2014-08-01T10:51:51.672Z","fixed_in":"2.0.5"}]}},{"blogvault-real-time-backup":{"vulnerabilities":[{"id":93699,"title":"blogVault 1.08 - Missing Account Empty Secret Key Generation","osvdb":"107570","created_at":"2014-08-01T10:51:51.739Z","updated_at":"2014-08-01T10:51:51.739Z","fixed_in":"1.09"},{"id":93700,"title":"blogVault 1.05 - admin.php blogVault Key Setting CSRF","osvdb":"104906","created_at":"2014-08-01T10:51:51.804Z","updated_at":"2014-08-01T10:51:51.804Z","fixed_in":"1.06"}]}},{"captcha":{"vulnerabilities":[{"id":93701,"title":"Captcha 2.12-3.8.1 - captcha bypass","url":"http://www.antoine-cervoise.fr/2014/03/27/contournement-du-plugin-captcha-pour-wordpress-v-3-8-1-et-anterieures/,https://github.com/cervoise/pentest-scripts/blob/master/web/cms/captcha-bypass/wordpress-plugins/captcha/bypass-3.8.1-and-previous.php","created_at":"2014-08-01T10:51:51.869Z","updated_at":"2014-08-01T10:51:51.869Z","fixed_in":"3.8.2"}]}},{"wp-html-sitemap":{"vulnerabilities":[{"id":93702,"title":"WP HTML Sitemap 1.2 - wp-html-sitemap.html Sitemap Deletion CSRF","url":"http://packetstormsecurity.com/files/125933/,http://seclists.org/fulldisclosure/2014/Mar/400,https://security.dxw.com/advisories/csrf-vulnerability-in-wp-html-sitemap-1-2/","osvdb":"105084","created_at":"2014-08-01T10:51:51.936Z","updated_at":"2014-08-01T10:51:51.936Z"}]}},{"groups":{"vulnerabilities":[{"id":93703,"title":"Groups 1.4.5 - Negated Role Capability Handling Elevated Privilege Issue","osvdb":"104940","created_at":"2014-08-01T10:51:51.991Z","updated_at":"2014-08-01T10:51:51.991Z","fixed_in":"1.4.6"}]}},{"html5-jquery-audio-player":{"vulnerabilities":[{"id":93704,"title":"HTML5 jQuery Audio Player 2.3 - playlist/add_playlist.php Multiple Parameter Stored XSS Weakness","osvdb":"104951","created_at":"2014-08-01T10:51:52.057Z","updated_at":"2014-08-01T10:51:52.057Z","fixed_in":"2.4"},{"id":93705,"title":"HTML5 jQuery Audio Player 2.3 - playlist/add_playlist.php id Parameter SQL Injection","osvdb":"104952","created_at":"2014-08-01T10:51:52.122Z","updated_at":"2014-08-01T10:51:52.122Z","fixed_in":"2.4"}]}},{"shrimptest":{"vulnerabilities":[{"id":93706,"title":"ShrimpTest 1.0b2 - plugins/metric-conversion.php Multiple Unspecified XSS","osvdb":"104956","created_at":"2014-08-01T10:51:52.187Z","updated_at":"2014-08-01T10:51:52.187Z","fixed_in":"1.0b3"},{"id":93707,"title":"ShrimpTest 1.0b2 - plugins/plugin-notification.php Unspecified XSS","osvdb":"104957","created_at":"2014-08-01T10:51:52.256Z","updated_at":"2014-08-01T10:51:52.256Z","fixed_in":"1.0b3"},{"id":93708,"title":"ShrimpTest 1.0b2 - plugins/variant-shortcode.php Unspecified XSS","osvdb":"104958","created_at":"2014-08-01T10:51:52.333Z","updated_at":"2014-08-01T10:51:52.333Z","fixed_in":"1.0b3"},{"id":93709,"title":"ShrimpTest 1.0b2 - admin/experiments.php Multiple Unspecified XSS","osvdb":"104959","created_at":"2014-08-01T10:51:52.398Z","updated_at":"2014-08-01T10:51:52.398Z","fixed_in":"1.0b3"},{"id":93710,"title":"ShrimpTest 1.0b2 - admin/experiment-new.php Multiple Unspecified XSS","osvdb":"104960","created_at":"2014-08-01T10:51:52.461Z","updated_at":"2014-08-01T10:51:52.461Z","fixed_in":"1.0b3"}]}},{"activehelper-livehelp":{"vulnerabilities":[{"id":93711,"title":"ActiveHelper LiveHelp Server 3.2.2 - server/import/status.php Multiple Parameter SQL Injection","osvdb":"104990","created_at":"2014-08-01T10:51:52.523Z","updated_at":"2014-08-01T10:51:52.523Z","fixed_in":"3.4.0"},{"id":93712,"title":"ActiveHelper LiveHelp Server 3.2.2 - server/import/tracker.php Multiple Parameter SQL Injection","osvdb":"104991","created_at":"2014-08-01T10:51:52.587Z","updated_at":"2014-08-01T10:51:52.587Z","fixed_in":"3.4.0"},{"id":93713,"title":"ActiveHelper LiveHelp Server 3.2.2 - server/import/javascript.php Multiple Vector SQL Injection","osvdb":"104992","created_at":"2014-08-01T10:51:52.654Z","updated_at":"2014-08-01T10:51:52.654Z","fixed_in":"3.4.0"},{"id":93714,"title":"ActiveHelper LiveHelp Server 3.2.2 - server/frames.php DEPARTMENT Parameter SQL Injection","osvdb":"104993","created_at":"2014-08-01T10:51:52.716Z","updated_at":"2014-08-01T10:51:52.716Z","fixed_in":"3.4.0"}]}},{"springboard-video-quick-publish":{"vulnerabilities":[{"id":93715,"title":"Springboard Video Quick Publish 0.2.6 - videolist.php paged Parameter Reflected XSS","osvdb":"105992","created_at":"2014-08-01T10:51:52.782Z","updated_at":"2014-08-01T10:51:52.782Z","fixed_in":"0.2.7"},{"id":93716,"title":"Springboard Video Quick Publish 0.2.6 - springboardvideo.php video_id Parameter XSS","osvdb":"105993","created_at":"2014-08-01T10:51:52.846Z","updated_at":"2014-08-01T10:51:52.846Z","fixed_in":"0.2.7"},{"id":93717,"title":"Springboard Video Quick Publish 0.2.6 - sb_search.php paged Parameter Reflected XSS","osvdb":"105994","created_at":"2014-08-01T10:51:52.914Z","updated_at":"2014-08-01T10:51:52.914Z","fixed_in":"0.2.7"},{"id":93718,"title":"Springboard Video Quick Publish 0.2.4 - Unspecified Issue","osvdb":"105007","created_at":"2014-08-01T10:51:52.978Z","updated_at":"2014-08-01T10:51:52.978Z","fixed_in":"0.2.5"}]}},{"ignitiondeck":{"vulnerabilities":[{"id":93719,"title":"IgnitionDeck 1.1 - Purchase Form Unspecified XSS","osvdb":"105008","created_at":"2014-08-01T10:51:53.046Z","updated_at":"2014-08-01T10:51:53.046Z","fixed_in":"1.2"}]}},{"ajax-pagination":{"vulnerabilities":[{"id":93720,"title":"Ajax Pagination 1.1 - wp-admin/admin-ajax.php loop Parameter Local File Inclusion","url":"http://packetstormsecurity.com/files/125929/,http://seclists.org/fulldisclosure/2014/Mar/398","osvdb":"105087","exploitdb":"32622","created_at":"2014-08-01T10:51:53.108Z","updated_at":"2014-08-01T10:51:53.108Z"}]}},{"tt-guest-post-submit":{"vulnerabilities":[{"id":93721,"title":"TT Guest Post Submit 1.0.0 - tt-guest-post-submit-submit.php rootpath Parameter Remote File Inclusion","osvdb":"105120","created_at":"2014-08-01T10:51:53.160Z","updated_at":"2014-08-01T10:51:53.160Z","fixed_in":"1.0.1"}]}},{"salesforce-wordpress-to-lead":{"vulnerabilities":[{"id":93722,"title":"WordPress-to-Lead for Salesforce CRM 1.0.4 - ov_plugin_tools.php textinput Function XSS","osvdb":"105146","created_at":"2014-08-01T10:51:53.222Z","updated_at":"2014-08-01T10:51:53.222Z","fixed_in":"1.0.5"},{"id":93723,"title":"WordPress-to-Lead for Salesforce CRM 1.0.1 - salesforce.php salesforce_form_shortcode Function Error Message Handling XSS","osvdb":"105148","created_at":"2014-08-01T10:51:53.291Z","updated_at":"2014-08-01T10:51:53.291Z","fixed_in":"1.0.2"},{"id":93724,"title":"WordPress-to-Lead for Salesforce CRM 1.0 - salesforce.php Multiple Parameter XSS","osvdb":"105147","created_at":"2014-08-01T10:51:53.361Z","updated_at":"2014-08-01T10:51:53.361Z","fixed_in":"1.0.1"}]}},{"disable-comments":{"vulnerabilities":[{"id":93725,"title":"Disable Comments 1.0.3 - disable_comments_settings.php Comment Status Manipulation CSRF","url":"http://www.securityfocus.com/bid/66564","osvdb":"105245","cve":"2014-2550","secunia":"57613","created_at":"2014-08-01T10:51:53.425Z","updated_at":"2014-08-01T10:51:53.425Z","fixed_in":"1.0.4"}]}},{"wp-business-intelligence-lite":{"vulnerabilities":[{"id":93726,"title":"WP Business intelligence lite \u003c= 1.0.6 - Remote Code Execution Exploit","url":"http://packetstormsecurity.com/files/125927/,http://cxsecurity.com/issue/WLB-2014030243","secunia":"57590","created_at":"2014-08-01T10:51:53.488Z","updated_at":"2014-08-01T10:51:53.488Z","fixed_in":"1.1"}]}},{"barclaycart":{"vulnerabilities":[{"id":93727,"title":"Barclaycart - Shell Upload","url":"http://packetstormsecurity.com/files/125552/","created_at":"2014-08-01T10:51:53.554Z","updated_at":"2014-08-01T10:51:53.554Z"}]}},{"Premium_Gallery_Manager":{"vulnerabilities":[{"id":93728,"title":"Premium Gallery Manager - Shell Upload","url":"http://packetstormsecurity.com/files/125586/","created_at":"2014-08-01T10:51:53.608Z","updated_at":"2014-08-01T10:51:53.608Z"}]}},{"jetpack":{"vulnerabilities":[{"id":93729,"title":"Jetpack \u003c= 2.9.2 - class.jetpack.php XML-RPC Access Control Bypass","url":"http://jetpack.me/2014/04/10/jetpack-security-update/","osvdb":"105714","cve":"2014-0173","secunia":"57729","created_at":"2014-08-01T10:51:53.662Z","updated_at":"2014-08-01T10:51:53.662Z","fixed_in":"2.9.3"}]}},{"lazyest-gallery":{"vulnerabilities":[{"id":93730,"title":"Lazyest Gallery \u003c= 1.1.20 - EXIF Script Insertion Vulnerability","osvdb":"105680","cve":"2014-2333","secunia":"57746","created_at":"2014-08-01T10:51:53.725Z","updated_at":"2014-08-01T10:51:53.725Z","fixed_in":"1.1.21"},{"id":93731,"title":"Lazyest Gallery 1.1.7 - Crafted Folder Name Unspecified Issue","osvdb":"105728","created_at":"2014-08-01T10:51:53.793Z","updated_at":"2014-08-01T10:51:53.793Z","fixed_in":"1.1.8"},{"id":93732,"title":"Lazyest Gallery 0.10.4.3 - Multiple File/Directory Insecure Permissions Local Content Manipulation","osvdb":"105818","created_at":"2014-08-01T10:51:53.855Z","updated_at":"2014-08-01T10:51:53.855Z","fixed_in":"0.10.4.4"},{"id":93733,"title":"Lazyest Gallery 0.4.2 - Multiple Unspecified Issues","osvdb":"107400","created_at":"2014-08-01T10:51:53.921Z","updated_at":"2014-08-01T10:51:53.921Z"}]}},{"post-expirator":{"vulnerabilities":[{"id":93734,"title":"Post Expirator \u003c= 2.1.1 - Cross-Site Request Forgery Vulnerability","secunia":"57503","created_at":"2014-08-01T10:51:53.976Z","updated_at":"2014-08-01T10:51:53.976Z","fixed_in":"2.1.2"}]}},{"quick-pagepost-redirect-plugin":{"vulnerabilities":[{"id":93735,"title":"Quick Page Post Redirect 5.0.4 - redirect-updates.php quickppr_redirects Parameter Stored XSS","url":"http://www.securityfocus.com/bid/66790,https://security.dxw.com/advisories/csrf-and-stored-xss-in-quick-pagepost-redirect-plugin/","osvdb":"105707","cve":"2014-2598","secunia":"57883","exploitdb":"32867","created_at":"2014-08-01T10:51:54.049Z","updated_at":"2014-08-01T10:51:54.049Z","fixed_in":"5.0.5"},{"id":93736,"title":"Quick Page Post Redirect 5.0.4 - redirect-updates.php Multiple Admin Function CSRF","url":"http://www.securityfocus.com/bid/66790,https://security.dxw.com/advisories/csrf-and-stored-xss-in-quick-pagepost-redirect-plugin/","osvdb":"105708","cve":"2014-2598","secunia":"57883","exploitdb":"32867","created_at":"2014-08-01T10:51:54.115Z","updated_at":"2014-08-01T10:51:54.115Z","fixed_in":"5.0.5"}]}},{"twitget":{"vulnerabilities":[{"id":93737,"title":"Twitget 3.3.1 - twitget.php Twitter Setting Manipulation CSRF","url":"https://security.dxw.com/advisories/csrfxss-vulnerability-in-twitget-3-3-1/","osvdb":"105705","cve":"2014-2559","exploitdb":"32868","created_at":"2014-08-01T10:51:54.181Z","updated_at":"2014-08-01T10:51:54.181Z","fixed_in":"3.3.3"},{"id":93738,"title":"Twitget 3.3.1 - twitget.php twitget_consumer_key Parameter Stored XSS","url":"https://security.dxw.com/advisories/csrfxss-vulnerability-in-twitget-3-3-1/","osvdb":"105704","cve":"2014-2559","exploitdb":"32868","created_at":"2014-08-01T10:51:54.249Z","updated_at":"2014-08-01T10:51:54.249Z","fixed_in":"3.3.3"}]}},{"hk-exif-tags":{"vulnerabilities":[{"id":93739,"title":"HK Exif Tags 1.11 - hk_exif_tags.php hk_exif_tags_images_process Function EXIF Tags Handling Stored XSS","osvdb":"105725","secunia":"57753","created_at":"2014-08-01T10:51:54.327Z","updated_at":"2014-08-01T10:51:54.327Z","fixed_in":"1.12"}]}},{"unconfirmed":{"vulnerabilities":[{"id":93740,"title":"Unconfirmed \u003c= 1.2.4 - unconfirmed.php s Parameter Reflected XSS","osvdb":"105722","secunia":"57838","created_at":"2014-08-01T10:51:54.392Z","updated_at":"2014-08-01T10:51:54.392Z","fixed_in":"1.2.5"}]}},{"liveoptim":{"vulnerabilities":[{"id":93741,"title":"LiveOptim 1.4.3 - Configuration Setting Manipulation CSRF","url":"http://www.securityfocus.com/bid/66939","osvdb":"105986","secunia":"57990","created_at":"2014-08-01T10:51:54.460Z","updated_at":"2014-08-01T10:51:54.460Z","fixed_in":"1.4.4"}]}},{"wp-conditional-captcha":{"vulnerabilities":[{"id":93742,"title":"Conditional CAPTCHA 3.6 - wp-conditional-captcha.php Settings Page CSRF","osvdb":"106014","created_at":"2014-08-01T10:51:54.527Z","updated_at":"2014-08-01T10:51:54.527Z","fixed_in":"3.6.1"}]}},{"wp-js-external-link-info":{"vulnerabilities":[{"id":93743,"title":"JS External Link Info 1.21 - redirect.php blog Parameter XSS","url":"http://packetstormsecurity.com/files/126238/,http://www.securityfocus.com/bid/66999","osvdb":"106125","created_at":"2014-08-01T10:51:54.590Z","updated_at":"2014-08-01T10:51:54.590Z"}]}},{"simple-fields":{"vulnerabilities":[{"id":93744,"title":"Simple Fields 1.1.6 - inc-admin-options.php Admin Functions CSRF","osvdb":"106316","created_at":"2014-08-01T10:51:54.644Z","updated_at":"2014-08-01T10:51:54.644Z","fixed_in":"1.2"},{"id":93745,"title":"Simple Fields 0.3.5 - simple_fields.php wp_abspath Parameter Remote File Inclusion","osvdb":"106622","created_at":"2014-08-01T10:51:54.709Z","updated_at":"2014-08-01T10:51:54.709Z","fixed_in":"0.3.6"}]}},{"work-the-flow-file-upload":{"vulnerabilities":[{"id":93746,"title":"Work The Flow File Upload 1.2.1 - wp-admin/admin-ajax.php accept_file_types Parameter Manipulation File Upload Restriction Bypass","url":"http://www.securityfocus.com/bid/67083,http://packetstormsecurity.com/files/126333/","osvdb":"106366","secunia":"58216","created_at":"2014-08-01T10:51:54.773Z","updated_at":"2014-08-01T10:51:54.773Z"}]}},{"file-gallery":{"vulnerabilities":[{"id":93747,"title":"File Gallery 1.7.9 - Settings Page create_function Function Remote Command Execution","url":"http://www.securityfocus.com/bid/67120","osvdb":"106417","cve":"2014-2558","secunia":"58216","created_at":"2014-08-01T10:51:54.826Z","updated_at":"2014-08-01T10:51:54.826Z","fixed_in":"1.7.9.2"}]}},{"nextcellent-gallery-nextgen-legacy":{"vulnerabilities":[{"id":93748,"title":"NextCellent Gallery 1.9.13 - admin/manage-images.php Multiple Field Stored XSS Weakness","url":"http://www.securityfocus.com/bid/67085","osvdb":"106474","created_at":"2014-08-01T10:51:54.890Z","updated_at":"2014-08-01T10:51:54.890Z","fixed_in":"1.9.18"}]}},{"wp-affiliate-platform":{"vulnerabilities":[{"id":93749,"title":"WP Affiliate Manager - login.php msg Parameter XSS","url":"http://packetstormsecurity.com/files/126424/","osvdb":"106533","created_at":"2014-08-01T10:51:54.956Z","updated_at":"2014-08-01T10:51:54.956Z"}]}},{"query-interface":{"vulnerabilities":[{"id":93750,"title":"Query Interface 1.1 - Multiple Unspecified Issues","osvdb":"106642","created_at":"2014-08-01T10:51:55.011Z","updated_at":"2014-08-01T10:51:55.011Z","fixed_in":"1.2"}]}},{"photo-gallery":{"vulnerabilities":[{"id":93751,"title":"Photo-Gallery - UploadHandler.php File Upload CSRF","url":"http://packetstormsecurity.com/files/126521/","osvdb":"106732","created_at":"2014-08-01T10:51:55.075Z","updated_at":"2014-08-01T10:51:55.075Z"}]}},{"infusion4wp":{"vulnerabilities":[{"id":93752,"title":"iMember360is 3.9.001 - XSS / Disclosure / Code Execution","url":"http://1337day.com/exploit/22184","created_at":"2014-08-01T10:51:55.131Z","updated_at":"2014-08-01T10:51:55.131Z","fixed_in":"3.9.002"}]}},{"acumbamail-signup-forms":{"vulnerabilities":[{"id":93753,"title":"Acumbamail 1.0.4  - acumbamail.class.php callAPI() Function MitM Information Disclosure","url":"http://www.securityfocus.com/bid/67220","osvdb":"106711","secunia":"67220","created_at":"2014-08-01T10:51:55.196Z","updated_at":"2014-08-01T10:51:55.196Z","fixed_in":"1.0.4.1"}]}},{"tinymce-colorpicker":{"vulnerabilities":[{"id":93754,"title":"TinyMCE Color Picker 1.1 - tinymce-colorpicker.php Color Saving CSRF","url":"http://www.securityfocus.com/bid/67333","osvdb":"106854","secunia":"58095","created_at":"2014-08-01T10:51:55.257Z","updated_at":"2014-08-01T10:51:55.257Z","fixed_in":"1.2"},{"id":93755,"title":"TinyMCE Color Picker 1.1 - tinymce-colorpicker.php Missing edit_others_posts Capability Check","url":"http://www.securityfocus.com/bid/67333","osvdb":"106854","secunia":"58095","created_at":"2014-08-01T10:51:55.330Z","updated_at":"2014-08-01T10:51:55.330Z","fixed_in":"1.2"}]}},{"contact-bank":{"vulnerabilities":[{"id":93756,"title":"Contact Bank 2.0.19 - Multiple Unspecified Issues","osvdb":"106868","secunia":"67334","created_at":"2014-08-01T10:51:55.394Z","updated_at":"2014-08-01T10:51:55.394Z","fixed_in":"2.0.20"}]}},{"bonuspressx":{"vulnerabilities":[{"id":93757,"title":"Bonuspressx - ar_submit.php n Parameter XSS","url":"http://packetstormsecurity.com/files/126595/","osvdb":"106931","created_at":"2014-08-01T10:51:55.456Z","updated_at":"2014-08-01T10:51:55.456Z"}]}},{"profile-builder":{"vulnerabilities":[{"id":93758,"title":"Profile Builder 1.1.59 - front-end/wppb.recover.password.php Password Recovery Bypass","url":"http://www.securityfocus.com/bid/67331","osvdb":"106986","secunia":"58511","created_at":"2014-08-01T10:51:55.516Z","updated_at":"2014-08-01T10:51:55.516Z","fixed_in":"1.1.60"}]}},{"basic-google-maps-placemarks":{"vulnerabilities":[{"id":93759,"title":"Basic Google Maps Placemarks 1.10.2 - settings.php Multiple Fields Stored XSS Weakness","osvdb":"107121","created_at":"2014-08-01T10:51:55.581Z","updated_at":"2014-08-01T10:51:55.581Z","fixed_in":"1.10.3"}]}},{"simple-popup":{"vulnerabilities":[{"id":93760,"title":"Simple Popup - popup.php z Parameter XSS","url":"http://packetstormsecurity.com/files/126763/,http://www.securityfocus.com/bid/67562","osvdb":"107294","cve":"2014-3921","created_at":"2014-08-01T10:51:55.650Z","updated_at":"2014-08-01T10:51:55.650Z"}]}},{"bib2html":{"vulnerabilities":[{"id":93761,"title":"bib2html 0.9.3 - /OSBiB/create/index.php styleShortName Parameter XSS","url":"http://packetstormsecurity.com/files/126782/,http://www.securityfocus.com/bid/67589","osvdb":"107296","cve":"2014-3870","created_at":"2014-08-01T10:51:55.705Z","updated_at":"2014-08-01T10:51:55.705Z"}]}},{"conversionninja":{"vulnerabilities":[{"id":93762,"title":"Conversion Ninja - /lp/index.php id Parameter XSS","url":"http://packetstormsecurity.com/files/126781/,http://www.securityfocus.com/bid/67590","osvdb":"107297","cve":"2014-4017","created_at":"2014-08-01T10:51:55.761Z","updated_at":"2014-08-01T10:51:55.761Z"}]}},{"cool-video-gallery":{"vulnerabilities":[{"id":93763,"title":"Cool Video Gallery 1.8 - admin/gallery-details.php Multiple Actions CSRF","osvdb":"107354","created_at":"2014-08-01T10:51:55.812Z","updated_at":"2014-08-01T10:51:55.812Z","fixed_in":"1.9"},{"id":93764,"title":"Cool Video Gallery 1.8 - admin/gallery-manage.php Gallery Deletion CSRF","osvdb":"107355","created_at":"2014-08-01T10:51:55.872Z","updated_at":"2014-08-01T10:51:55.872Z","fixed_in":"1.9"},{"id":93765,"title":"Cool Video Gallery 1.8 - admin/gallery-settings.php Gallery Settings Manipulation CSRF","osvdb":"107356","created_at":"2014-08-01T10:51:55.935Z","updated_at":"2014-08-01T10:51:55.935Z","fixed_in":"1.9"},{"id":93766,"title":"Cool Video Gallery 1.8 - admin/gallery-sort.php Gallery Sort Order Manipulation CSRF","osvdb":"107357","created_at":"2014-08-01T10:51:56.001Z","updated_at":"2014-08-01T10:51:56.001Z","fixed_in":"1.9"},{"id":93767,"title":"Cool Video Gallery 1.8 - admin/player-settings.php Player Settings Manipulation CSRF","osvdb":"107358","created_at":"2014-08-01T10:51:56.065Z","updated_at":"2014-08-01T10:51:56.065Z","fixed_in":"1.9"},{"id":93768,"title":"Cool Video Gallery 1.8 - admin/plugin-uninstall.php Plugin Uninstallation CSRF","osvdb":"107359","created_at":"2014-08-01T10:51:56.128Z","updated_at":"2014-08-01T10:51:56.128Z","fixed_in":"1.9"},{"id":93769,"title":"Cool Video Gallery 1.8 - admin/video-sitemap.php XML Video Sitemap Generation CSRF","osvdb":"107360","created_at":"2014-08-01T10:51:56.192Z","updated_at":"2014-08-01T10:51:56.192Z","fixed_in":"1.9"},{"id":93770,"title":"Cool Video Gallery 1.8 - lib/core.php Multiple Actions CSRF","osvdb":"107361","created_at":"2014-08-01T10:51:56.254Z","updated_at":"2014-08-01T10:51:56.254Z","fixed_in":"1.9"}]}},{"gtranslate":{"vulnerabilities":[{"id":93771,"title":"GTranslate 1.0.12 - gtranslate.php Widget Code Editing CSRF","osvdb":"107399","created_at":"2014-08-01T10:51:56.329Z","updated_at":"2014-08-01T10:51:56.329Z","fixed_in":"1.0.13"}]}},{"world-of-warcraft-armory-table":{"vulnerabilities":[{"id":93772,"title":"World of Warcraft Armory Table 0.2.5 - WoWArmoryTable.php page Parameter Reflected XSS","url":"http://www.securityfocus.com/bid/67628","osvdb":"107479","secunia":"58596","created_at":"2014-08-01T10:51:56.394Z","updated_at":"2014-08-01T10:51:56.394Z","fixed_in":"0.2.6"}]}},{"participants-database":{"vulnerabilities":[{"id":93773,"title":"Participants Database 1.5.4.8 - pdb-signup CSV_type Action query Parameter SQL Injection","url":"http://www.exploit-db.com/exploits/33613,http://packetstormsecurity.com/files/126878/,http://www.securityfocus.com/bid/67769,http://www.securityfocus.com/bid/67938","osvdb":"107626","cve":"2014-3961","secunia":"58816","created_at":"2014-08-01T10:51:56.470Z","updated_at":"2014-08-01T10:51:56.470Z","fixed_in":"1.5.4.9"}]}},{"popup-images":{"vulnerabilities":[{"id":93774,"title":"Popup Images - popup-images/popup.php z Parameter XSS","url":"http://packetstormsecurity.com/files/126872/","osvdb":"107627","created_at":"2014-08-01T10:51:56.532Z","updated_at":"2014-08-01T10:51:56.532Z"}]}},{"ose-firewall":{"vulnerabilities":[{"id":93775,"title":"Centrora Security 3.2.1 - Multiple Admin Actions CSRF","osvdb":"107658","created_at":"2014-08-01T10:51:56.586Z","updated_at":"2014-08-01T10:51:56.586Z","fixed_in":"3.3.0"}]}},{"lively-chat-support":{"vulnerabilities":[{"id":93776,"title":"Lively Chat Support 1.0.29 - Unspecified Issue","osvdb":"107689","created_at":"2014-08-01T10:51:56.650Z","updated_at":"2014-08-01T10:51:56.650Z","fixed_in":"1.0.30"}]}},{"feature-comments":{"vulnerabilities":[{"id":93777,"title":"Featured Comments 1.2.1 - wp-admin/admin-ajax.php Comment Status Manipulation CSRF","url":"https://security.dxw.com/advisories/csrf-in-featured-comments-1-2-1-allows-an-attacker-to-set-and-unset-comment-statuses/,http://www.securityfocus.com/bid/67955,http://packetstormsecurity.com/files/127023/","osvdb":"107844","cve":"2014-4163","created_at":"2014-08-01T10:51:56.719Z","updated_at":"2014-08-01T10:51:56.719Z"}]}},{"wp-football":{"vulnerabilities":[{"id":93778,"title":"wp-football 1.1 - templates/template_worldCup_preview.php league Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108336","created_at":"2014-08-01T10:51:56.771Z","updated_at":"2014-08-01T10:51:56.771Z"},{"id":93779,"title":"wp-football 1.1 - templates/template_default_preview.php league Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108337","created_at":"2014-08-01T10:51:56.823Z","updated_at":"2014-08-01T10:51:56.823Z"},{"id":93780,"title":"wp-football 1.1 - football_phases_list.php id Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108338","created_at":"2014-08-01T10:51:56.875Z","updated_at":"2014-08-01T10:51:56.875Z"},{"id":93781,"title":"wp-football 1.1 - football_matches_phase.php id Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108339","created_at":"2014-08-01T10:51:56.932Z","updated_at":"2014-08-01T10:51:56.932Z"},{"id":93782,"title":"wp-football 1.1 - football_matches_load.php id_league Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108340","created_at":"2014-08-01T10:51:56.996Z","updated_at":"2014-08-01T10:51:56.996Z"},{"id":93783,"title":"wp-football 1.1 - football_matches_list.php id Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108341","created_at":"2014-08-01T10:51:57.050Z","updated_at":"2014-08-01T10:51:57.050Z"},{"id":93784,"title":"wp-football 1.1 - football_groups_list.php id Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108342","created_at":"2014-08-01T10:51:57.102Z","updated_at":"2014-08-01T10:51:57.102Z"},{"id":93785,"title":"wp-football 1.1 - football-functions.php f Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108343","created_at":"2014-08-01T10:51:57.156Z","updated_at":"2014-08-01T10:51:57.156Z"},{"id":93786,"title":"wp-football 1.1 - football_criteria.php league Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108344","created_at":"2014-08-01T10:51:57.209Z","updated_at":"2014-08-01T10:51:57.209Z"},{"id":93787,"title":"wp-football 1.1 - football_classification.php league Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-wp-football-a3-cross-site-scripting-xss/","osvdb":"108345","created_at":"2014-08-01T10:51:57.260Z","updated_at":"2014-08-01T10:51:57.260Z"}]}},{"member-approval":{"vulnerabilities":[{"id":93788,"title":"Member Approval 131109 - wp-admin/options-general.php Option Manipulation CSRF","url":"http://www.securityfocus.com/bid/67952,http://packetstormsecurity.com/files/127024/","osvdb":"107845","cve":"2014-3850","created_at":"2014-08-01T10:51:57.321Z","updated_at":"2014-08-01T10:51:57.321Z"}]}},{"jw-player-plugin-for-wordpress":{"vulnerabilities":[{"id":93789,"title":"JW Player 2.1.2 - wp-admin/admin.php Player Deletion CSRF","url":"http://www.securityfocus.com/bid/67954,http://packetstormsecurity.com/files/127025/","osvdb":"107846","cve":"2014-4030","created_at":"2014-08-01T10:51:57.372Z","updated_at":"2014-08-01T10:51:57.372Z"}]}},{"adminonline":{"vulnerabilities":[{"id":93790,"title":"AdminOnline - download.php file Parameter Remote Path Traversal File Access","url":"http://packetstormsecurity.com/files/127046/","osvdb":"108024","created_at":"2014-08-01T10:51:57.424Z","updated_at":"2014-08-01T10:51:57.424Z"}]}},{"ruven-toolkit":{"vulnerabilities":[{"id":93791,"title":"Ruven Toolkit 1.1 - tinymce/popup.php popup Parameter Reflected XSS","osvdb":"108312","created_at":"2014-08-01T10:51:57.474Z","updated_at":"2014-08-01T10:51:57.474Z"}]}},{"verification-code-for-comments":{"vulnerabilities":[{"id":93792,"title":"Verification Code for Comments 2.1.0 - vcc.js.php Multiple Parameter Reflected XSS","url":"http://codevigilant.com/disclosure/wp-plugin-verification-code-for-comments-a3-cross-site-scripting-xss","osvdb":"108313","cve":"2014-4565","created_at":"2014-08-01T10:51:57.532Z","updated_at":"2014-08-01T10:51:57.532Z"}]}},{"wpcb":{"vulnerabilities":[{"id":93793,"title":"wpcb 2.4.8 - facture.php id Parameter Reflected XSS","url":"http://www.securityfocus.com/bid/68357","osvdb":"108407","cve":"2014-4581","created_at":"2014-08-01T10:51:57.584Z","updated_at":"2014-08-01T10:51:57.584Z"}]}},{"wp-app-maker":{"vulnerabilities":[{"id":93794,"title":"WP App Maker 1.0.16.4 - icons-launcher.php uid Parameter Reflected XSS","osvdb":"108408","cve":"2014-4578","created_at":"2014-08-01T10:51:57.639Z","updated_at":"2014-08-01T10:51:57.639Z"}]}},{"wp-amasin-the-amazon-affiliate-shop":{"vulnerabilities":[{"id":93795,"title":"wp-amasin-the-amazon-affiliate-shop 0.9.6 - reviews.php url Parameter Local File Inclusion","osvdb":"108501","cve":"2014-4577","created_at":"2014-08-01T10:51:57.691Z","updated_at":"2014-08-01T10:51:57.691Z"}]}},{"cross-rss":{"vulnerabilities":[{"id":93796,"title":"Cross RSS 1.7 - proxy.php rss Parameter Local File Inclusion","url":"http://www.securityfocus.com/bid/68555,http://codevigilant.com/disclosure/wp-plugin-cross-rss-local-file-inclusion/","osvdb":"108502","cve":"2014-4941","created_at":"2014-08-01T10:51:57.744Z","updated_at":"2014-08-01T10:51:57.744Z"}]}},{"wphotfiles":{"vulnerabilities":[{"id":93797,"title":"Hot Files \u003c 1.0.0 - Cross-site scripting (XSS) vulnerability in tpls/editmedia.php","osvdb":"108720","cve":"2014-4588","created_at":"2014-08-01T10:51:57.796Z","updated_at":"2014-08-01T10:51:57.796Z"}]}},{"yahoo-updates-for-wordpress":{"vulnerabilities":[{"id":93798,"title":"Yahoo Updates \u003c 1.0 - XSS vulnerabilities in yupdates_application.php","url":"http://codevigilant.com/disclosure/wp-plugin-yahoo-updates-for-wordpress-a3-cross-site-scripting-xss/","cve":"2014-4603","created_at":"2014-08-01T10:51:57.852Z","updated_at":"2014-08-01T10:51:57.852Z"}]}},{"toolpage":{"vulnerabilities":[{"id":93799,"title":"Toolpage 1.6.1 - XSS vulnerability in includes/getTipo.php","url":"http://codevigilant.com/disclosure/wp-plugin-toolpage-a3-cross-site-scripting-xss/","osvdb":"108704","cve":"2014-4560","created_at":"2014-08-01T10:51:57.909Z","updated_at":"2014-08-01T10:51:57.909Z"}]}},{"url-cloak-encrypt":{"vulnerabilities":[{"id":93800,"title":"Cloak and Encrypt \u003c 2.0 - XSS vulnerability in go.php","url":"http://codevigilant.com/disclosure/wp-plugin-url-cloak-encrypt-a3-cross-site-scripting-xss/","osvdb":"108895","cve":"2014-4563","created_at":"2014-08-01T10:51:57.961Z","updated_at":"2014-08-01T10:51:57.961Z"}]}},{"validated":{"vulnerabilities":[{"id":93801,"title":"Validated \u003c 1.0.2 - XSS vulnerability in check.php","url":"http://www.securityfocus.com/bid/68320,http://codevigilant.com/disclosure/wp-plugin-validated-a3-cross-site-scripting-xss/","osvdb":"108659","cve":"2014-4564","created_at":"2014-08-01T10:51:58.013Z","updated_at":"2014-08-01T10:51:58.013Z"}]}},{"verweise-wordpress-twitter":{"vulnerabilities":[{"id":93802,"title":"Verwei.se WordPress Twitter \u003c 1.0 2 - XSS vulnerability in res/fake_twitter/frame.php","url":"http://codevigilant.com/disclosure/wp-plugin-verweise-wordpress-twitter-a3-cross-site-scripting-xss/","cve":"2014-4566","created_at":"2014-08-01T10:51:58.067Z","updated_at":"2014-08-01T10:51:58.067Z"}]}},{"easy-banners":{"vulnerabilities":[{"id":93803,"title":"Easy Banners 1.4 - XSS vulnerability in wp-admin/options-general.php","url":"http://packetstormsecurity.com/files/127293/,http://www.securityfocus.com/bid/68281","osvdb":"108626","cve":"2014-4723","created_at":"2014-08-01T10:51:58.118Z","updated_at":"2014-08-01T10:51:58.118Z"}]}},{"custom-banners":{"vulnerabilities":[{"id":93804,"title":"Custom Banners plugin 1.2.2.2 - XSS vulnerability in custom_banners_registered_name parameter to wp-admin/options.php","url":"http://packetstormsecurity.com/files/127291/,http://www.securityfocus.com/bid/68279","osvdb":"108683","cve":"2014-4724","created_at":"2014-08-01T10:51:58.170Z","updated_at":"2014-08-01T10:51:58.170Z"}]}},{"video-posts-webcam-recorder":{"vulnerabilities":[{"id":93805,"title":"Video Posts Webcam Recorder plugin \u003c 1.55.4 - XSS vulnerability in posts/videowhisper/r_logout.php","url":"http://codevigilant.com/disclosure/wp-plugin-video-posts-webcam-recorder-a3-cross-site-scripting-xss/","cve":"2014-4568","created_at":"2014-08-01T10:51:58.225Z","updated_at":"2014-08-01T10:51:58.225Z"}]}},{"zeenshare":{"vulnerabilities":[{"id":93806,"title":"ZeenShare plugin \u003c 1.0.1 - XSS vulnerability in redirect_to_zeenshare.php via the zs_sid parameter","url":"http://codevigilant.com/disclosure/wp-plugin-zeenshare-a3-cross-site-scripting-xss/","cve":"2014-4606","created_at":"2014-08-01T10:51:58.279Z","updated_at":"2014-08-01T10:51:58.279Z"}]}},{"zdstats":{"vulnerabilities":[{"id":93807,"title":"ZdStatistics \u003c 2.0.1 - XSS vulnerability in cal/test.php via the lang parameter","url":"http://codevigilant.com/disclosure/wp-plugin-zdstats-a3-cross-site-scripting-xss/","osvdb":"108731","cve":"2014-4605","created_at":"2014-08-01T10:51:58.341Z","updated_at":"2014-08-01T10:51:58.341Z"}]}},{"your-text-manager":{"vulnerabilities":[{"id":93808,"title":"Your Text Manager \u003c 0.3.0 - XSS vulnerability in settings/pwsettings.php via the ytmpw parameter","url":"http://codevigilant.com/disclosure/wp-plugin-your-text-manager-a3-cross-site-scripting-xss/","cve":"2014-4604","created_at":"2014-08-01T10:51:58.394Z","updated_at":"2014-08-01T10:51:58.394Z"}]}},{"xen-carousel":{"vulnerabilities":[{"id":93809,"title":"XEN Carousel \u003c 0.12.2 - XSS vulnerabilities in xencarousel-admin.js.php via path or ajaxpath parameter","url":"http://codevigilant.com/disclosure/wp-plugin-xen-carousel-a3-cross-site-scripting-xss/","cve":"2014-4602","created_at":"2014-08-01T10:51:58.451Z","updated_at":"2014-08-01T10:51:58.451Z"}]}},{"wp-media-player":{"vulnerabilities":[{"id":93810,"title":"WP Silverlight Media Player \u003c 0.8 - XSS vulnerability in uploader.php via the post_id parameter","url":"http://codevigilant.com/disclosure/wp-plugin-wp-media-player-a3-cross-site-scripting-xss/","osvdb":"108721","cve":"2014-4589","created_at":"2014-08-01T10:51:58.512Z","updated_at":"2014-08-01T10:51:58.512Z"}]}},{"wp-microblogs":{"vulnerabilities":[{"id":93811,"title":"WP Microblogs plugin \u003c 0.4.0 - XSS vulnerability in get.php via the oauth_verifier parameter","url":"http://codevigilant.com/disclosure/wp-plugin-wp-microblogs-a3-cross-site-scripting-xss/","cve":"2014-4590","created_at":"2014-08-01T10:51:58.577Z","updated_at":"2014-08-01T10:51:58.577Z"}]}},{"wp-php-widget":{"vulnerabilities":[{"id":93812,"title":"WP PHP Widget 1.0.2 - Full Path Disclosure vulnerability","osvdb":"88846","cve":"2013-0721","created_at":"2014-08-01T10:51:58.627Z","updated_at":"2014-08-01T10:51:58.627Z"}]}},{"socialgrid":{"vulnerabilities":[{"id":93813,"title":"SocialGrid 2.3 - inline-admin.js.php default_services Parameter XSS","url":"http://seclists.org/bugtraq/2011/Apr/176","osvdb":"71966","secunia":"44256","created_at":"2014-08-01T10:51:58.686Z","updated_at":"2014-08-01T10:51:58.686Z"}]}},{"wp-easycart":{"vulnerabilities":[{"id":93814,"title":"EasyCart 2.0.5 - inc/admin/phpinfo.php Direct Request Remote Information Disclosure","url":"http://www.securityfocus.com/bid/68692","osvdb":"109030","cve":"2014-4942","created_at":"2014-08-01T10:51:58.754Z","updated_at":"2014-08-01T10:51:58.754Z","fixed_in":"2.0.6"}]}},{"simple-slider":{"vulnerabilities":[{"id":93815,"title":"Simple Slider 1.0 - New Image URL Field XSS","url":"http://packetstormsecurity.org/files/118309/,http://xforce.iss.net/xforce/xfdb/80260,http://seclists.org/bugtraq/2012/Nov/89","osvdb":"87806","created_at":"2014-08-01T10:51:58.815Z","updated_at":"2014-08-01T10:51:58.815Z","fixed_in":"1.1"}]}},{"bookx":{"vulnerabilities":[{"id":93816,"title":"BookX 1.7 - includes/bookx_export.php file Parameter Remote Path Traversal File Access","url":"http://www.securityfocus.com/bid/68556,http://codevigilant.com/disclosure/wp-plugin-bookx-local-file-inclusion/","osvdb":"109022","cve":"2014-4937","created_at":"2014-08-01T10:51:58.876Z","updated_at":"2014-08-01T10:51:58.876Z"}]}},{"wp-rss-poster":{"vulnerabilities":[{"id":93817,"title":"WP Rss Poster 1.0.0 - wp-admin/admin.php wrp-add-new Page id Parameter SQL Injection","url":"http://codevigilant.com/disclosure/wp-plugin-wp-rss-poster-a1-injection/","osvdb":"109023","cve":"2014-4938","created_at":"2014-08-01T10:51:58.928Z","updated_at":"2014-08-01T10:51:58.928Z"}]}},{"bannerman":{"vulnerabilities":[{"id":93818,"title":"BannerMan 0.2.4 - XSS in wp-admin/options-general.php via bannerman_background parameter","url":"http://packetstormsecurity.com/files/127289/","osvdb":"108682","cve":"2014-4845","created_at":"2014-08-01T10:51:58.986Z","updated_at":"2014-08-01T10:51:58.986Z"}]}},{"random-banner":{"vulnerabilities":[{"id":93819,"title":"Random Banner 1.1.2.1 - random-banner/random-banner.php buffercode_RBanner_url_banner1 Parameter XSS","url":"http://packetstormsecurity.com/files/127292/,http://www.securityfocus.com/bid/68280","osvdb":"108627","cve":"2014-4847","created_at":"2014-08-01T10:51:59.041Z","updated_at":"2014-08-01T10:51:59.041Z"}]}},{"blogstand-smart-banner":{"vulnerabilities":[{"id":93820,"title":"Blogstand Smart Banner 1.0 - blogstand-banner.php bs_blog_id Parameter XSS","url":"http://packetstormsecurity.com/files/127290/,http://www.securityfocus.com/bid/68282","osvdb":"108625","cve":"2014-4848","created_at":"2014-08-01T10:51:59.092Z","updated_at":"2014-08-01T10:51:59.092Z"}]}},{"wp-construction-mode":{"vulnerabilities":[{"id":93821,"title":"Construction Mode 1.8 - under-construction.php wuc_logo Parameter XSS","url":"http://packetstormsecurity.com/files/127287/,http://www.securityfocus.com/bid/68287","osvdb":"108630","cve":"2014-4854","secunia":"58932","created_at":"2014-08-01T10:51:59.144Z","updated_at":"2014-08-01T10:51:59.144Z"}]}},{"polylang":{"vulnerabilities":[{"id":93822,"title":"Polylang 1.5.1 - User Description Handling Stored XSS","url":"http://www.securityfocus.com/bid/68509","osvdb":"108634","cve":"2014-4855","secunia":"59357","created_at":"2014-08-01T10:51:59.195Z","updated_at":"2014-08-01T10:51:59.195Z","fixed_in":"1.5.2"},{"id":93823,"title":"Polylang 1.4.5 - Multiple Unspecified Issues","osvdb":"108953","created_at":"2014-08-01T10:51:59.258Z","updated_at":"2014-08-01T10:51:59.258Z","fixed_in":"1.5"}]}},{"enl-newsletter":{"vulnerabilities":[{"id":93824,"title":"ENL Newsletter 1.0.1 - wp-admin/admin.php enl-add-new Page id Parameter SQL Injection","url":"http://codevigilant.com/disclosure/wp-plugin-enl-newsletter-a1-injection/","osvdb":"109027","cve":"2014-4939","created_at":"2014-08-01T10:51:59.350Z","updated_at":"2014-08-01T10:51:59.350Z"}]}},{"tera-charts":{"vulnerabilities":[{"id":93825,"title":"Tera Charts 0.1 - charts/zoomabletreemap.php fn Parameter Remote Path Traversal File Disclosure","url":"http://www.securityfocus.com/bid/68662,http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/","osvdb":"109029","cve":"2014-4940","created_at":"2014-08-01T10:51:59.406Z","updated_at":"2014-08-01T10:51:59.406Z","fixed_in":"1.0"},{"id":93826,"title":"Tera Charts 0.1 - charts/treemap.php fn Parameter Remote Path Traversal File Disclosure","url":"http://www.securityfocus.com/bid/68662,http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/","osvdb":"109028","cve":"2014-4940","created_at":"2014-08-01T10:51:59.470Z","updated_at":"2014-08-01T10:51:59.470Z","fixed_in":"1.0"}]}},{"starbox-voting":{"vulnerabilities":[{"id":93827,"title":"Starbox Voting - ajax.php Full Path Disclosure vulnerability","url":"http://seclists.org/bugtraq/2011/Feb/222","created_at":"2014-08-01T10:51:59.535Z","updated_at":"2014-08-01T10:51:59.535Z"}]}},{"uploadify":{"vulnerabilities":[{"id":93828,"title":"Uploadify 1.0 - process_upload.php Arbitrary File Upload","url":"http://packetstormsecurity.org/files/98652/","osvdb":"73444","created_at":"2014-08-01T10:51:59.591Z","updated_at":"2014-08-01T10:51:59.591Z"}]}},{"plg_novana":{"vulnerabilities":[{"id":93829,"title":"Plg Novana - wp-content/plugins/plg_novana/novana_detail.php id Parameter SQL Injection","url":"http://www.securityfocus.com/bid/56661,http://packetstormsecurity.org/files/118324/,http://xforce.iss.net/xforce/xfdb/80258","osvdb":"87839","created_at":"2014-08-01T10:51:59.644Z","updated_at":"2014-08-01T10:51:59.644Z"}]}},{"paid-memberships-pro":{"vulnerabilities":[{"id":93830,"title":"Paid Memberships Pro 1.4.7 - adminpages/memberslist-csv.php Direct Request Member Personal Information Disclosure","osvdb":"83760","secunia":"49630","created_at":"2014-08-01T10:51:59.699Z","updated_at":"2014-08-01T10:51:59.699Z","fixed_in":"1.5"}]}},{"wppageflip":{"vulnerabilities":[{"id":93831,"title":"A Page Flip Book 2.3 - index.php pageflipbook_language Parameter Traversal Local File Inclusion","osvdb":"83667","cve":"2012-6652","secunia":"49505","created_at":"2014-08-01T10:51:59.765Z","updated_at":"2014-08-01T10:51:59.765Z"}]}},{"thisisnew":{"vulnerabilities":[]}},{"thisisnewnew":{"vulnerabilities":[]}},{"newplugin":{"vulnerabilities":[{"id":94050,"title":"testing 123","created_at":"2014-08-01T11:58:40.757Z","updated_at":"2014-08-01T11:58:40.757Z"},{"id":94051,"title":"testing","created_at":"2014-08-01T11:59:03.139Z","updated_at":"2014-08-01T11:59:03.139Z"}]}},{"test":{"vulnerabilities":[{"id":94054,"title":"testing","created_at":"2014-09-04T07:55:15.888Z","updated_at":"2014-09-04T07:55:15.888Z"}]}},{"testing":{"vulnerabilities":[{"id":94068,"title":"testing downcasing plugin names","url":"http://www.example.com","created_at":"2014-09-05T11:11:05.618Z","updated_at":"2014-09-05T11:11:05.618Z"}]}},{"tESTING7":{"vulnerabilities":[{"id":94068,"title":"testing downcasing plugin names","url":"http://www.example.com","created_at":"2014-09-05T11:11:05.618Z","updated_at":"2014-09-05T11:11:05.618Z"}]}},{"bigcase":{"vulnerabilities":[]}},{"hohoho":{"vulnerabilities":[]}},{"yuuu":{"vulnerabilities":[]}},{"upcase":{"vulnerabilities":[{"id":94069,"title":"Upcase plugin name mofo","url":"http://www.example.com","created_at":"2014-09-05T11:20:44.113Z","updated_at":"2014-09-05T11:20:44.113Z"}]}},{"mofo":{"vulnerabilities":[{"id":94069,"title":"Upcase plugin name mofo","url":"http://www.example.com","created_at":"2014-09-05T11:20:44.113Z","updated_at":"2014-09-05T11:20:44.113Z"}]}},{"youo":{"vulnerabilities":[{"id":94069,"title":"Upcase plugin name mofo","url":"http://www.example.com","created_at":"2014-09-05T11:20:44.113Z","updated_at":"2014-09-05T11:20:44.113Z"}]}},{"upcasegygy":{"vulnerabilities":[{"id":94070,"title":"testing theme and plugin name downcasing","url":"http://www.example.com,http://www.example2.com","created_at":"2014-09-05T11:23:09.793Z","updated_at":"2014-09-08T13:51:59.461Z"}]}}]
\ No newline at end of file
diff --git a/data/theme_vulns.json b/data/theme_vulns.json
index 5db524f3..5fe3eb9d 100644
--- a/data/theme_vulns.json
+++ b/data/theme_vulns.json
@@ -1 +1 @@
-[{"crius":{"vulnerabilities":[{"id":7306,"title":"Crius - VideoJS Cross-Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/77","secunia":"53427","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"source":{"vulnerabilities":[{"id":7307,"title":"Source - VideoJS Cross-Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/77","secunia":"53457","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"i-love-it":{"vulnerabilities":[{"id":7308,"title":"I Love It - VideoJS Cross-Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/77","secunia":"53548","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"smartstart":{"vulnerabilities":[{"id":7309,"title":"Smart Start - VideoJS Cross-Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/77","secunia":"53460","created_at":"2014-08-01T10:59:16.000Z","updated_at":"2014-08-01T10:59:16.000Z"}]}},{"covertvideopress":{"vulnerabilities":[{"id":7310,"title":"Covert Videopress - VideoJS Cross-Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/77","secunia":"53494","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"photolio":{"vulnerabilities":[{"id":7311,"title":"Photolio - VideoJS Cross-Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/77","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"onepagewebsite":{"vulnerabilities":[{"id":7312,"title":"onepagewebsite - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20027","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"vithy":{"vulnerabilities":[{"id":7313,"title":"vithy - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20040","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"},{"id":7314,"title":"vithy - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/19830","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"},{"id":7315,"title":"vithy - Custom Background Shell Upload","url":"http://packetstormsecurity.com/files/125827/","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"appius":{"vulnerabilities":[{"id":7316,"title":"appius - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20039","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"},{"id":7317,"title":"appius - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/19831","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"},{"id":7318,"title":"appius - Custom Background Shell Upload","url":"http://packetstormsecurity.com/files/125827/","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"yvora":{"vulnerabilities":[{"id":7319,"title":"yvora - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20038","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"},{"id":7320,"title":"yvora - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/19834","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"shotzz":{"vulnerabilities":[{"id":7321,"title":"Shotzz - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20041","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"},{"id":7322,"title":"Shotzz - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/19829","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"},{"id":7323,"title":"Shotzz - Custom Background Shell Upload","url":"http://packetstormsecurity.com/files/125827/","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"dagda":{"vulnerabilities":[{"id":7324,"title":"dagda - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/19832","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"},{"id":7325,"title":"dagda - Custom Background Shell Upload","url":"http://packetstormsecurity.com/files/125827/","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"moneymasters":{"vulnerabilities":[{"id":7326,"title":"moneymasters - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20077","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"},{"id":7327,"title":"moneymasters - File Upload Vulnerability (metasploit)","url":"http://1337day.com/exploit/20076","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"ovum":{"vulnerabilities":[{"id":7328,"title":"XSS vulnerability in Imediapixel premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"avanix":{"vulnerabilities":[{"id":7328,"title":"XSS vulnerability in Imediapixel premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"ebiz":{"vulnerabilities":[{"id":7328,"title":"XSS vulnerability in Imediapixel premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"ecobiz":{"vulnerabilities":[{"id":7328,"title":"XSS vulnerability in Imediapixel premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"traject":{"vulnerabilities":[{"id":7329,"title":"XSS vulnerability in Parallelus premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"intersect":{"vulnerabilities":[{"id":7329,"title":"XSS vulnerability in Parallelus premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"salutation":{"vulnerabilities":[{"id":7329,"title":"XSS vulnerability in Parallelus premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"unite":{"vulnerabilities":[{"id":7329,"title":"XSS vulnerability in Parallelus premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"shapeless":{"vulnerabilities":[{"id":7330,"title":"Shapeless - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85919","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"brisk":{"vulnerabilities":[{"id":7331,"title":"Brisk - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85918","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"blaze":{"vulnerabilities":[{"id":7332,"title":"Blaze - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85917","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"eunice":{"vulnerabilities":[{"id":7333,"title":"Eunice - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85916","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"explicit":{"vulnerabilities":[{"id":7334,"title":"Explicit - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85915","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"essence":{"vulnerabilities":[{"id":7335,"title":"Essence - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85914","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"paramount":{"vulnerabilities":[{"id":7336,"title":"Paramount - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85913","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"picturefactory":{"vulnerabilities":[{"id":7337,"title":"PictureFactory - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85912","created_at":"2014-08-01T10:59:17.000Z","updated_at":"2014-08-01T10:59:17.000Z"}]}},{"sparky":{"vulnerabilities":[{"id":7338,"title":"Sparky - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85911","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"theagency":{"vulnerabilities":[{"id":7339,"title":"TheAgency - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85910","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"konzept":{"vulnerabilities":[{"id":7340,"title":"Konzept - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85920","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"daisho":{"vulnerabilities":[{"id":7341,"title":"Daisho - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85921","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"choices":{"vulnerabilities":[{"id":7342,"title":"Choices - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86755","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"brightbox":{"vulnerabilities":[{"id":7343,"title":"Brightbox - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86756","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"broadscope":{"vulnerabilities":[{"id":7344,"title":"Broadscope - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86757","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"corona":{"vulnerabilities":[{"id":7345,"title":"Corona - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86758","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"flashlight":{"vulnerabilities":[{"id":7346,"title":"Flashlight - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86759","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"coalition":{"vulnerabilities":[{"id":7347,"title":"Coalition - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86760","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"shoutbox":{"vulnerabilities":[{"id":7348,"title":"Shoutbox - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86761","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"velvet":{"vulnerabilities":[{"id":7349,"title":"Velvet - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86762","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"upscale":{"vulnerabilities":[{"id":7350,"title":"Upscale - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86763","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"expose":{"vulnerabilities":[{"id":7351,"title":"Expose - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86764","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"abundance":{"vulnerabilities":[{"id":7352,"title":"Abundance - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86765","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"eunoia":{"vulnerabilities":[{"id":7353,"title":"Eunoia - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86766","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"wise":{"vulnerabilities":[{"id":7354,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"webfolio":{"vulnerabilities":[{"id":7354,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z","fixed_in":"2.0"}]}},{"colorbold":{"vulnerabilities":[{"id":7354,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"rockwell":{"vulnerabilities":[{"id":7354,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"xmas":{"vulnerabilities":[{"id":7354,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"designpile":{"vulnerabilities":[{"id":7354,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"alltuts":{"vulnerabilities":[{"id":7354,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z","fixed_in":"2.0"}]}},{"boldy":{"vulnerabilities":[{"id":7354,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z","fixed_in":"2.0"}]}},{"simplo":{"vulnerabilities":[{"id":7354,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"diary":{"vulnerabilities":[{"id":7354,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z","fixed_in":"2.0"}]}},{"journalcrunch":{"vulnerabilities":[{"id":7354,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z","fixed_in":"2.0"}]}},{"prosume":{"vulnerabilities":[{"id":7354,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z","fixed_in":"2.0"}]}},{"famous":{"vulnerabilities":[{"id":7355,"title":"Famous 2.0.5 - Shell Upload","url":"http://packetstormsecurity.org/files/113842/","osvdb":"83013","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"deep-blue":{"vulnerabilities":[{"id":7356,"title":"Deep-Blue 1.9.2 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.org/files/113843/","osvdb":"83014","secunia":"49611","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"classipress":{"vulnerabilities":[{"id":7357,"title":"Classipress \u003c= 3.1.4 - Stored XSS","url":"http://cxsecurity.com/issue/WLB-2011110001","osvdb":"76712","cve":"2011-5257","exploitdb":"18053","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z","fixed_in":"3.1.5"}]}},{"merchant":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"smpl":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"drawar":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"sentient":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"whitelight":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"unsigned":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"shelflife":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"olya":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"sliding":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"beveled":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"empire-commerce":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"buro-commerce":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"briefed-commerce":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"wikeasi":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"currents":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"emporium":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"biznizz-commerce":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"kaboodle-commerce":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"inspire-commerce":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"teamster":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"argentum":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"statua-commerce":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"simplicity-commerce":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"canvas-commerce":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"wootique":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"woostore":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"coquette":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"buro":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"swatch":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"announcement":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"empire":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"supportpress":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"editorial":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"statua":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"briefed":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"faultpress":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"kaboodle":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"savinggrace":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"premiere":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"simplicity":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"deliciousmagazine":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"bookclub":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"boldnews":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"placeholder":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"biznizz":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"auld":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"listings":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"elefolio":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"chapters":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"continuum":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"diner":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"skeptical":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"caffeinated":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"crisp":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"sealight":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"estate":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"tma":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"coda":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"inspire":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"apz":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"spectrum":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"diarise":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"boast":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"retreat":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"cityguide":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"canvas":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"postcard":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"delegate":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"mystream":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"optimize":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"backstage":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"bueno":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"digitalfarm":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"headlines":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"therapy":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"rockstar":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"DailyDeal":{"vulnerabilities":[{"id":7359,"title":"DailyDeal - File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/123748/,http://templatic.com/app-themes/daily-deal-premium-wordpress-app-theme","osvdb":"98924","created_at":"2014-08-01T10:59:20.000Z","updated_at":"2014-08-01T10:59:20.000Z"},{"id":7482,"title":"Dailydeal - Templatic Theme CSRF File Upload Vulnerability","url":"http://1337day.com/exploit/22091","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"dailyedition":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"object":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"coffeebreak":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"mainstream":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"featurepitch":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"thejournal":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"aperture":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"metamorphosis":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"bloggingstream":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"thestation":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"groovyvideo":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"irresistible":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"cushy":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"wootube":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"abstract":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"busybee":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"blogtheme":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"typebased":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"overeasy":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"snapshot":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"openair":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"freshnews":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"livewire":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"flashnews":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"},{"id":7360,"title":"Flash News - thumb.php src Parameter XSS","url":"http://packetstormsecurity.com/files/120037/,http://seclists.org/fulldisclosure/2013/Feb/8,http://cxsecurity.com/issue/WLB-2013020010","osvdb":"89887","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"},{"id":7361,"title":"Flash News - Multiple Script Path Disclosure","url":"http://packetstormsecurity.com/files/120037/,http://seclists.org/fulldisclosure/2013/Feb/8,http://cxsecurity.com/issue/WLB-2013020010","osvdb":"89888","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"},{"id":7362,"title":"Flash News - includes/test.php a Parameter XSS","url":"http://packetstormsecurity.com/files/120037/,http://seclists.org/fulldisclosure/2013/Feb/8,http://cxsecurity.com/issue/WLB-2013020010","osvdb":"89889","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"},{"id":7363,"title":"Flash News - includes/test.php Direct Request Information Disclosure","url":"http://packetstormsecurity.com/files/120037/,http://seclists.org/fulldisclosure/2013/Feb/8,http://cxsecurity.com/issue/WLB-2013020010","osvdb":"89890","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"},{"id":7364,"title":"Flash News - thumb.php src Parameter File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/120037/,http://seclists.org/fulldisclosure/2013/Feb/8,http://cxsecurity.com/issue/WLB-2013020010","osvdb":"89891","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"},{"id":7365,"title":"Flash News - thumb.php src Parameter Remote DoS","url":"http://packetstormsecurity.com/files/120037/,http://seclists.org/fulldisclosure/2013/Feb/8,http://cxsecurity.com/issue/WLB-2013020010","osvdb":"89892","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"}]}},{"gazette":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"premiumnews":{"vulnerabilities":[{"id":7358,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:59:18.000Z","updated_at":"2014-08-01T10:59:18.000Z"}]}},{"dt-chocolate":{"vulnerabilities":[{"id":7366,"title":"dt-chocolate - jPlayer XSS","url":"http://packetstormsecurity.com/files/124756/","secunia":"56379","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"},{"id":7367,"title":"dt-chocolate - Image Open redirect","url":"http://cxsecurity.com/issue/WLB-2013020011","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"},{"id":7368,"title":"Multiple vulnerabilities in Chocolate WP theme for WordPress","url":"http://seclists.org/fulldisclosure/2013/Jan/215","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"}]}},{"sandbox":{"vulnerabilities":[{"id":7369,"title":"sandbox - Arbitrary File Upload/FD Vulnerability","url":"http://1337day.com/exploit/20228","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"}]}},{"clockstone":{"vulnerabilities":[{"id":7370,"title":"Clockstone 1.2 - upload.php Arbitrary File Upload Vulnerability","url":"http://www.exploit-db.com/exploits/23494,http://www.securityfocus.com/bid/56988,http://xforce.iss.net/xforce/xfdb/80725","osvdb":"88622","secunia":"51619","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"}]}},{"archin":{"vulnerabilities":[{"id":7371,"title":"Archin 3.2 - Cross-Site Scripting and Arbitrary File Upload Vulnerabilities","secunia":"50711","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"},{"id":7372,"title":"Archin 3.2 - hades_framework/option_panel/ajax.php Configuration Option Manipulation","osvdb":"86991","exploitdb":"21646","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"}]}},{"purity":{"vulnerabilities":[{"id":7373,"title":"Purity - Multiple Cross-Site Scripting Vulnerabilities","secunia":"50627","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"}]}},{"pinboard":{"vulnerabilities":[{"id":7374,"title":"Pinboard 1.0.6 - includes/theme-options.php tab Parameter XSS","url":"http://seclists.org/oss-sec/2013/q1/274,http://cxsecurity.com/issue/WLB-2013020062","osvdb":"90070","cve":"2013-0286","secunia":"52079","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"},{"id":7375,"title":"Pinboard - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124151/","osvdb":"100271","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"}]}},{"montezuma":{"vulnerabilities":[{"id":7376,"title":"montezuma \u003c= 1.1.3 - XSS in ZeroClipboard.swf","url":"http://1337day.com/exploit/20396","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"}]}},{"scarlet":{"vulnerabilities":[{"id":7377,"title":"scarlet \u003c= 1.1.3 - XSS in ZeroClipboard.swf","url":"http://1337day.com/exploit/20396","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"}]}},{"allure-real-estate-theme-for-placester":{"vulnerabilities":[{"id":7378,"title":"allure-real-estate-theme-for-placester \u003c= 0.1.1 - XSS in ZeroClipboard.swf","url":"http://1337day.com/exploit/20396","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"}]}},{"allure-real-estate-theme-for-real-estate":{"vulnerabilities":[{"id":7379,"title":"allure-real-estate-theme-for-real-estate \u003c= 0.1.1 - XSS in ZeroClipboard.swf","url":"http://1337day.com/exploit/20396","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"}]}},{"felici":{"vulnerabilities":[{"id":7380,"title":"felici - XSS Vulnerability","url":"http://1337day.com/exploit/20560","created_at":"2014-08-01T10:59:21.000Z","updated_at":"2014-08-01T10:59:21.000Z"},{"id":7381,"title":"felici - Custom Background Shell Upload","url":"http://packetstormsecurity.com/files/125830/","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"classic":{"vulnerabilities":[{"id":7382,"title":"Classic 1.5 - PHP_SELF XSS","osvdb":"38450","cve":"2007-4483","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"brilliant":{"vulnerabilities":[{"id":7383,"title":"brilliant - File Upload Vulnerability","url":"http://ruinedsec.wordpress.com/2013/04/03/wordpress-themes-exploits-are-in-action-wpscan/","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"colormix":{"vulnerabilities":[{"id":7384,"title":"Colormix - Multiple vulnerabilities","url":"http://packetstormsecurity.com/files/121372/,http://seclists.org/fulldisclosure/2013/Apr/172","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"jobroller":{"vulnerabilities":[{"id":7385,"title":"XSS in jobroller theme","url":"http://cxsecurity.com/issue/WLB-2013060089","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"ambience":{"vulnerabilities":[{"id":7386,"title":"Xss In wordpress ambience theme","url":"http://www.websecuritywatch.com/wordpress-ambience-xss/","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"slash-wp":{"vulnerabilities":[{"id":7387,"title":"Slash WP - FPD, XSS and CS vulnerabilities","url":"http://packetstormsecurity.com/files/123748/,http://seclists.org/fulldisclosure/2013/Jun/166","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"persuasion":{"vulnerabilities":[{"id":7388,"title":"Persuasion - PrettyPhoto DOM XSS","url":"http://www.rafayhackingarticles.net/2013/05/kali-linux-dom-based-xss-writeup.html","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"},{"id":7389,"title":"Persuasion \u003c= 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://packetstormsecurity.com/files/124547/,http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z","fixed_in":"2.5"},{"id":7390,"title":"Persuasion \u003c= 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://packetstormsecurity.com/files/124547/,http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z","fixed_in":"2.5"}]}},{"More":{"vulnerabilities":[{"id":7391,"title":"MORE+ - PrettyPhoto XSS Vulnerability","url":"http://archives.neohapsis.com/archives/fulldisclosure/2013-09/0177.html","secunia":"54924","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"silverorchid":{"vulnerabilities":[{"id":7392,"title":"silverOrchid \u003c= 1.5.0 - XSS Vulnerability","url":"http://packetstormsecurity.com/files/122986/","osvdb":"96723","secunia":"54662","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"Caulk":{"vulnerabilities":[{"id":7393,"title":"Caulk - path disclosure vulnerability","url":"http://packetstormsecurity.com/files/120632/,http://themeforest.net/item/caulk/76108","osvdb":"90889","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"WPLocalPlaces":{"vulnerabilities":[{"id":7394,"title":"WPLocalPlaces - File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/123697/","osvdb":"98806","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"photocrati-theme":{"vulnerabilities":[{"id":7395,"title":"Photocrati 4.7.3 - photocrati-gallery/ecomm-sizes.php prod_id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124986/","osvdb":"102717","secunia":"56690","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"},{"id":7396,"title":"Photocrati - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Apr/238","osvdb":"92836","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"music":{"vulnerabilities":[{"id":7397,"title":"Music - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Apr/238","osvdb":"92837","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"imperial-fairytale":{"vulnerabilities":[{"id":7398,"title":"Imperial Fairytale - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Apr/238","osvdb":"92838","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"},{"id":7399,"title":"Imperial Fairytale - jPlayer Cross-Site Scripting Vulnerability","url":"http://seclists.org/oss-sec/2013/q2/177","secunia":"53210","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"feather12":{"vulnerabilities":[{"id":7400,"title":"Feather12 - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Apr/238","osvdb":"92839","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"studiozen":{"vulnerabilities":[{"id":7401,"title":"Studio Zen - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Apr/238","osvdb":"92840","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"area53":{"vulnerabilities":[{"id":7402,"title":"AREA53 \u003c= 1.0.5 - File Upload Code Execution","url":"http://www.securityfocus.com/bid/63306,http://1337day.com/exploit/21442","osvdb":"98927","exploitdb":"29068","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"sahifa":{"vulnerabilities":[{"id":7403,"title":"Sahifa 2.4.0 - Multiple Script Path Disclosure Direct Request Path Disclosure","url":"http://packetstormsecurity.com/files/119191/,http://www.securityfocus.com/bid/57109","osvdb":"88926","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"},{"id":7404,"title":"Sahifa 2.4.0 - Site Setting Reset CSRF","url":"http://packetstormsecurity.com/files/119191/,http://www.securityfocus.com/bid/57109","osvdb":"88927","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"simpledark":{"vulnerabilities":[{"id":7405,"title":"SimpleDark 1.2.10 - 's' Parameter Cross Site Scripting Vulnerability","url":"http://www.securityfocus.com/bid/46615","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"geoplaces4":{"vulnerabilities":[{"id":7406,"title":"GeoPlaces - File Upload Handling Remote Command Execution","url":"http://packetstormsecurity.com/files/123773/","osvdb":"98975","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"GeoPlaces4beta":{"vulnerabilities":[{"id":7406,"title":"GeoPlaces - File Upload Handling Remote Command Execution","url":"http://packetstormsecurity.com/files/123773/","osvdb":"98975","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"curvo":{"vulnerabilities":[{"id":7407,"title":"Curvo - wp-content/themes/curvo/functions/upload-handler.php File Upload CSRF","url":"http://packetstormsecurity.com/files/123799/,http://packetstormsecurity.com/files/123820/","osvdb":"99043","exploitdb":"29211","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"MoneyTheme":{"vulnerabilities":[{"id":7408,"title":"Money - wp-content/themes/MoneyTheme/uploads/upload.php File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/123819/","osvdb":"99187","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"saico":{"vulnerabilities":[{"id":7409,"title":"Saico - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21440","exploitdb":"29150","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"ThisWay":{"vulnerabilities":[{"id":7410,"title":"ThisWay - remote shell upload vulnerability","url":"http://packetstormsecurity.com/files/123895/","secunia":"55587","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"ThinkResponsive":{"vulnerabilities":[{"id":7411,"title":"Think Responsive 1.0 - Arbitrary shell upload vulnerability","url":"http://packetstormsecurity.com/files/123880/","exploitdb":"29332","created_at":"2014-08-01T10:59:22.000Z","updated_at":"2014-08-01T10:59:22.000Z"}]}},{"anthology":{"vulnerabilities":[{"id":7412,"title":"Anthology - Remote File Upload Vulnerability","url":"http://1337day.com/exploit/21460","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"amoveo":{"vulnerabilities":[{"id":7413,"title":"Amoveo - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21451","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"switchblade":{"vulnerabilities":[{"id":7414,"title":"Switchblade 1.3 - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21457","osvdb":"88918","exploitdb":"29330","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"magnitudo":{"vulnerabilities":[{"id":7415,"title":"Magnitudo - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21457","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"ghost":{"vulnerabilities":[{"id":7416,"title":"Ghost - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21416","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"RightNow":{"vulnerabilities":[{"id":7417,"title":"Right Now - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21420","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"ColdFusion":{"vulnerabilities":[{"id":7418,"title":"Cold Fusion - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21431","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"chameleon":{"vulnerabilities":[{"id":7419,"title":"Chameleon - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21449","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"kernel-theme":{"vulnerabilities":[{"id":7420,"title":"Kernel Theme - functions/upload-handler.php File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/123954/","osvdb":"99553","exploitdb":"29482","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"rockstar-theme":{"vulnerabilities":[{"id":7421,"title":"Rockstar - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21510","exploitdb":"29946","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"reganto-theme":{"vulnerabilities":[{"id":7422,"title":"Reganto - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21511","exploitdb":"29946","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"rayoflight-theme":{"vulnerabilities":[{"id":7423,"title":"Ray of Light - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21512","exploitdb":"29946","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"radial-theme":{"vulnerabilities":[{"id":7424,"title":"Radial - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21513","exploitdb":"29946","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"oxygen-theme":{"vulnerabilities":[{"id":7425,"title":"Oxygen - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21514","exploitdb":"29946","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"bulteno-theme":{"vulnerabilities":[{"id":7426,"title":"Bulteno - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21515","exploitdb":"29946","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"bordeaux-theme":{"vulnerabilities":[{"id":7427,"title":"Bordeaux - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21516","exploitdb":"29946","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"agritourismo-theme":{"vulnerabilities":[{"id":7428,"title":"Agritourismo - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/124232/","exploitdb":"29946","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"highlight":{"vulnerabilities":[{"id":7429,"title":"Highlight Powerful Premium - upload-handler.php File Upload CSRF","url":"http://packetstormsecurity.com/files/123974/","osvdb":"99703","secunia":"55671","exploitdb":"29525","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"euclid":{"vulnerabilities":[{"id":7430,"title":"Euclid - CSRF Vulnerability","url":"http://packetstormsecurity.com/files/124043/,http://1337day.com/exploit/21538","exploitdb":"29667","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"dimension":{"vulnerabilities":[{"id":7431,"title":"Dimension - CSRF Vulnerability","url":"http://packetstormsecurity.com/files/124042/,http://1337day.com/exploit/21537","exploitdb":"29668","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"amplus":{"vulnerabilities":[{"id":7432,"title":"Amplus - CSRF Vulnerability","url":"http://packetstormsecurity.com/files/124041/,http://1337day.com/exploit/21535","exploitdb":"29669","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"make_a_statement":{"vulnerabilities":[{"id":7433,"title":"Make A Statement - CSRF Vulnerability","url":"http://packetstormsecurity.com/files/124044/,http://1337day.com/exploit/21536","exploitdb":"29670","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"ithemes2":{"vulnerabilities":[{"id":7434,"title":"iThemes2 - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/","osvdb":"100271","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"suco":{"vulnerabilities":[{"id":7435,"title":"Suco - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124094/","osvdb":"100271","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"elemin":{"vulnerabilities":[{"id":7436,"title":"Elemin - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124149/","osvdb":"100271","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"folo":{"vulnerabilities":[{"id":7437,"title":"Folo - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124150/","osvdb":"100271","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"},{"id":7438,"title":"Folo - Cross Site Scripting","url":"http://packetstormsecurity.com/files/124230/","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"Bloggie":{"vulnerabilities":[{"id":7439,"title":"Bloggie - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124152/","osvdb":"100271","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"blogfolio":{"vulnerabilities":[{"id":7440,"title":"Blogfolio - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124156/","osvdb":"100271","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"OptimizePress":{"vulnerabilities":[{"id":7441,"title":"OptimizePress - File Upload Vulnerability","url":"http://packetstormsecurity.com/files/124246/,http://www.osirt.com/2013/11/wordpress-optimizepress-hack-file-upload-vulnerability/","osvdb":"100509","cve":"2013-7102","secunia":"56379","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z","metasploit":"exploit/unix/webapp/php_wordpress_optimizepress","fixed_in":"1.6"}]}},{"blooog":{"vulnerabilities":[{"id":7442,"title":"Blooog 1.1 - jplayer.swf Cross Site Scripting","url":"http://packetstormsecurity.com/files/124240/,http://xforce.iss.net/xforce/xfdb/89356","osvdb":"92254","cve":"2013-7129","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"toolbox":{"vulnerabilities":[{"id":7443,"title":"Toolbox 1.4 - flyer.php mls Parameter SQL Injection","url":"http://www.securityfocus.com/bid/56745","osvdb":"88293","created_at":"2014-08-01T10:59:23.000Z","updated_at":"2014-08-01T10:59:23.000Z"}]}},{"oberliga_theme":{"vulnerabilities":[{"id":7444,"title":"Oberliga - team.php team Parameter SQL Injection","url":"http://packetstormsecurity.org/files/118368/,http://xforce.iss.net/xforce/xfdb/80273","osvdb":"88454","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z"}]}},{"cstardesign":{"vulnerabilities":[{"id":7445,"title":"CStar Design 2.0 - flashmoXML.php id Parameter SQL Injection","url":"http://www.securityfocus.com/bid/56694","osvdb":"88291","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z"}]}},{"malmonation":{"vulnerabilities":[{"id":7446,"title":"Malmonation - debate.php id Parameter SQL Injection","url":"http://packetstormsecurity.org/files/118340/,http://xforce.iss.net/xforce/xfdb/80252","osvdb":"87866","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z"}]}},{"lightspeed":{"vulnerabilities":[{"id":7447,"title":"LightSpeed - Valums Uploader Shell Upload Exploit","url":"http://packetstormsecurity.com/files/119241/","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z"}]}},{"eptonic":{"vulnerabilities":[{"id":7448,"title":"Eptonic - Valums Uploader Shell Upload Exploit","url":"http://packetstormsecurity.com/files/119241/","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z"}]}},{"nuance":{"vulnerabilities":[{"id":7449,"title":"Nuance - Valums Uploader Shell Upload Exploit","url":"http://packetstormsecurity.com/files/119241/","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z"}]}},{"dejavu":{"vulnerabilities":[{"id":7450,"title":"DejaVu 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.5"},{"id":7451,"title":"DejaVu 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.5"}]}},{"elegance":{"vulnerabilities":[{"id":7452,"title":"Elegance - lib/scripts/dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Access","url":"http://packetstormsecurity.com/files/126989/","osvdb":"108100","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z"},{"id":7453,"title":"Elegance 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.5"},{"id":7454,"title":"Elegance 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.5"}]}},{"echelon":{"vulnerabilities":[{"id":7455,"title":"Echelon - media-upload.php Remote File Upload","url":"http://www.securityfocus.com/bid/67080,http://packetstormsecurity.com/files/126327/","osvdb":"106929","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z"},{"id":7456,"title":"Echelon 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.5"},{"id":7457,"title":"Echelon 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.5"}]}},{"modular":{"vulnerabilities":[{"id":7458,"title":"Modular 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.5"},{"id":7459,"title":"Modular 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.5"}]}},{"fusion":{"vulnerabilities":[{"id":7460,"title":"Fusion 2.1 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.2"},{"id":7461,"title":"Fusion 2.1 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.2"}]}},{"method":{"vulnerabilities":[{"id":7462,"title":"Method 2.1 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.5"},{"id":7463,"title":"Method 2.1 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.2"}]}},{"myriad":{"vulnerabilities":[{"id":7464,"title":"Myriad 2.0 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.5"},{"id":7465,"title":"Myriad 2.0 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.1"}]}},{"construct":{"vulnerabilities":[{"id":7466,"title":"Construct 1.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.5"},{"id":7467,"title":"Construct 1.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"1.5"}]}},{"awake":{"vulnerabilities":[{"id":7468,"title":"Awake 3.3 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"2.5"},{"id":7469,"title":"Awake 3.3 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"3.4"}]}},{"infocus":{"vulnerabilities":[{"id":7470,"title":"InFocus - lib/scripts/dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Access","url":"http://packetstormsecurity.com/files/126988/","osvdb":"108099","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z"},{"id":7471,"title":"InFocus - prettyPhoto Cross-Site Scripting Vulnerability","url":"http://packetstormsecurity.com/files/124960/","secunia":"56583","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z"},{"id":7472,"title":"InFocus 3.3 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:59:24.000Z","updated_at":"2014-08-01T10:59:24.000Z","fixed_in":"3.4"},{"id":7473,"title":"InFocus 3.3 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z","fixed_in":"3.4"}]}},{"elegant-grunge":{"vulnerabilities":[{"id":7474,"title":"Elegant Grunge 1.0.3 - s Parameter XSS","url":"http://www.securityfocus.com/bid/49869","osvdb":"75942","cve":"2011-3856","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z","fixed_in":"1.0.4"}]}},{"simplebalance":{"vulnerabilities":[{"id":7475,"title":"Simple Balance \u003c= 2.2.1 - index.php s Parameter XSS","url":"http://packetstormsecurity.com/files/106341/","osvdb":"76722","secunia":"46671","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"codilight":{"vulnerabilities":[{"id":7476,"title":"Codilight Premium 1.0.0 - admin/front-end/options.php reset Parameter XSS","osvdb":"100791","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"iloveit":{"vulnerabilities":[{"id":7477,"title":"Love It - XSS / Content Spoofing / Path Disclosure","url":"http://packetstormsecurity.com/files/122386/","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"dandelion":{"vulnerabilities":[{"id":7478,"title":"Dandelion - Arbitry File Upload","url":"http://packetstormsecurity.com/files/125098/","osvdb":"99043","exploitdb":"31424","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"kiddo":{"vulnerabilities":[{"id":7479,"title":"Kiddo - remote shell upload vulnerability","url":"http://packetstormsecurity.com/files/125138/","secunia":"56874","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"thecotton_v114":{"vulnerabilities":[{"id":7480,"title":"The Cotton - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/125506/,http://www.securityfocus.com/bid/65958,http://seclists.org/bugtraq/2014/Mar/9","osvdb":"103911","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"Realestate":{"vulnerabilities":[{"id":7481,"title":"Real Estate - Templatic Theme CSRF File Upload Vulnerability","url":"http://1337day.com/exploit/22091","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"dailydeal":{"vulnerabilities":[]}},{"nightlife":{"vulnerabilities":[{"id":7483,"title":"Nightlife - Templatic Theme CSRF File Upload Vulnerability","url":"http://1337day.com/exploit/22091","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"5star":{"vulnerabilities":[{"id":7484,"title":"5star - Templatic Theme CSRF File Upload Vulnerability","url":"http://1337day.com/exploit/22091","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"specialist":{"vulnerabilities":[{"id":7485,"title":"Specialist - Templatic Theme CSRF File Upload Vulnerability","url":"http://1337day.com/exploit/22091","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"flatshop":{"vulnerabilities":[{"id":7486,"title":"Flatshop - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"magazine":{"vulnerabilities":[{"id":7487,"title":"Magazine - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"parallax":{"vulnerabilities":[{"id":7488,"title":"Parallax - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"bold":{"vulnerabilities":[{"id":7489,"title":"Bold - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"metro":{"vulnerabilities":[{"id":7490,"title":"Metro - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"pinshop":{"vulnerabilities":[{"id":7491,"title":"Pinshop - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"agency":{"vulnerabilities":[{"id":7492,"title":"Agency - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"slide":{"vulnerabilities":[{"id":7493,"title":"Slide - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"postline":{"vulnerabilities":[{"id":7494,"title":"Postline - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"fullscreen":{"vulnerabilities":[{"id":7495,"title":"Fulscreen - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"shopo":{"vulnerabilities":[{"id":7496,"title":"Shopo - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"minshop":{"vulnerabilities":[{"id":7497,"title":"Minshop - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"notes":{"vulnerabilities":[{"id":7498,"title":"Notes - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:25.000Z","updated_at":"2014-08-01T10:59:25.000Z"}]}},{"shopdock":{"vulnerabilities":[{"id":7499,"title":"Shopdock - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"phototouch":{"vulnerabilities":[{"id":7500,"title":"Phototouch - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"basic":{"vulnerabilities":[{"id":7501,"title":"Basic - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"responz":{"vulnerabilities":[{"id":7502,"title":"Responz - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"simfo":{"vulnerabilities":[{"id":7503,"title":"Simfo - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"grido":{"vulnerabilities":[{"id":7504,"title":"Grido - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"tisa":{"vulnerabilities":[{"id":7505,"title":"Tisa - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"funki":{"vulnerabilities":[{"id":7506,"title":"Funki - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"minblr":{"vulnerabilities":[{"id":7507,"title":"Minblr - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"newsy":{"vulnerabilities":[{"id":7508,"title":"Newsy - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"wumblr":{"vulnerabilities":[{"id":7509,"title":"Wumblr - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"rezo":{"vulnerabilities":[{"id":7510,"title":"Rezo - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"photobox":{"vulnerabilities":[{"id":7511,"title":"Photobox - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"edmin":{"vulnerabilities":[{"id":7512,"title":"Edmin - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"koi":{"vulnerabilities":[{"id":7513,"title":"Koi - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"bizco":{"vulnerabilities":[{"id":7514,"title":"Bizco - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"thememin":{"vulnerabilities":[{"id":7515,"title":"Thememin - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"wigi":{"vulnerabilities":[{"id":7516,"title":"Wigi - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"sidepane":{"vulnerabilities":[{"id":7517,"title":"Sidepane - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"Sixtees":{"vulnerabilities":[{"id":7518,"title":"Sixtees - Shell Upload","url":"http://packetstormsecurity.com/files/125491/","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"linenity":{"vulnerabilities":[{"id":7519,"title":"LineNity 1.20 - download.php imgurl Parameter Remote Path Traversal File Access","osvdb":"105767","exploitdb":"32861","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"SCv1":{"vulnerabilities":[{"id":7520,"title":"SCv1 - download.php file Parameter Traversal Remote File Access","url":"http://packetstormsecurity.com/files/127022/","osvdb":"107940","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}},{"magazine-basic":{"vulnerabilities":[{"id":7521,"title":"Magazine Basic - wp-content/themes/magazine-basic/view_artist.php id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/118321/,http://www.securityfocus.com/bid/56664","osvdb":"87838","created_at":"2014-08-01T10:59:26.000Z","updated_at":"2014-08-01T10:59:26.000Z"}]}}]
\ No newline at end of file
+[{"crius":{"vulnerabilities":[{"id":93832,"title":"Crius - VideoJS Cross-Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/77","secunia":"53427","created_at":"2014-08-01T10:51:59.834Z","updated_at":"2014-08-01T10:51:59.834Z"}]}},{"source":{"vulnerabilities":[{"id":93833,"title":"Source - VideoJS Cross-Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/77","secunia":"53457","created_at":"2014-08-01T10:51:59.887Z","updated_at":"2014-08-01T10:51:59.887Z"}]}},{"i-love-it":{"vulnerabilities":[{"id":93834,"title":"I Love It - VideoJS Cross-Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/77","secunia":"53548","created_at":"2014-08-01T10:51:59.938Z","updated_at":"2014-08-01T10:51:59.938Z"}]}},{"smartstart":{"vulnerabilities":[{"id":93835,"title":"Smart Start - VideoJS Cross-Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/77","secunia":"53460","created_at":"2014-08-01T10:52:00.007Z","updated_at":"2014-08-01T10:52:00.007Z"}]}},{"covertvideopress":{"vulnerabilities":[{"id":93836,"title":"Covert Videopress - VideoJS Cross-Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/77","secunia":"53494","created_at":"2014-08-01T10:52:00.062Z","updated_at":"2014-08-01T10:52:00.062Z"}]}},{"photolio":{"vulnerabilities":[{"id":93837,"title":"Photolio - VideoJS Cross-Site Scripting Vulnerability","url":"http://seclists.org/fulldisclosure/2013/May/77","created_at":"2014-08-01T10:52:00.118Z","updated_at":"2014-08-01T10:52:00.118Z"}]}},{"onepagewebsite":{"vulnerabilities":[{"id":93838,"title":"onepagewebsite - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20027","created_at":"2014-08-01T10:52:00.173Z","updated_at":"2014-08-01T10:52:00.173Z"}]}},{"vithy":{"vulnerabilities":[{"id":93839,"title":"vithy - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20040","created_at":"2014-08-01T10:52:00.236Z","updated_at":"2014-08-01T10:52:00.236Z"},{"id":93840,"title":"vithy - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/19830","created_at":"2014-08-01T10:52:00.308Z","updated_at":"2014-08-01T10:52:00.308Z"},{"id":93841,"title":"vithy - Custom Background Shell Upload","url":"http://packetstormsecurity.com/files/125827/","created_at":"2014-08-01T10:52:00.390Z","updated_at":"2014-08-01T10:52:00.390Z"}]}},{"appius":{"vulnerabilities":[{"id":93842,"title":"appius - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20039","created_at":"2014-08-01T10:52:00.444Z","updated_at":"2014-08-01T10:52:00.444Z"},{"id":93843,"title":"appius - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/19831","created_at":"2014-08-01T10:52:00.497Z","updated_at":"2014-08-01T10:52:00.497Z"},{"id":93844,"title":"appius - Custom Background Shell Upload","url":"http://packetstormsecurity.com/files/125827/","created_at":"2014-08-01T10:52:00.548Z","updated_at":"2014-08-01T10:52:00.548Z"}]}},{"yvora":{"vulnerabilities":[{"id":93845,"title":"yvora - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20038","created_at":"2014-08-01T10:52:00.600Z","updated_at":"2014-08-01T10:52:00.600Z"},{"id":93846,"title":"yvora - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/19834","created_at":"2014-08-01T10:52:00.652Z","updated_at":"2014-08-01T10:52:00.652Z"}]}},{"shotzz":{"vulnerabilities":[{"id":93847,"title":"Shotzz - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20041","created_at":"2014-08-01T10:52:00.705Z","updated_at":"2014-08-01T10:52:00.705Z"},{"id":93848,"title":"Shotzz - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/19829","created_at":"2014-08-01T10:52:00.760Z","updated_at":"2014-08-01T10:52:00.760Z"},{"id":93849,"title":"Shotzz - Custom Background Shell Upload","url":"http://packetstormsecurity.com/files/125827/","created_at":"2014-08-01T10:52:00.816Z","updated_at":"2014-08-01T10:52:00.816Z"}]}},{"dagda":{"vulnerabilities":[{"id":93850,"title":"dagda - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/19832","created_at":"2014-08-01T10:52:00.870Z","updated_at":"2014-08-01T10:52:00.870Z"},{"id":93851,"title":"dagda - Custom Background Shell Upload","url":"http://packetstormsecurity.com/files/125827/","created_at":"2014-08-01T10:52:00.929Z","updated_at":"2014-08-01T10:52:00.929Z"}]}},{"moneymasters":{"vulnerabilities":[{"id":93852,"title":"moneymasters - Full Path Disclosure vulnerability","url":"http://1337day.com/exploit/20077","created_at":"2014-08-01T10:52:00.988Z","updated_at":"2014-08-01T10:52:00.988Z"},{"id":93853,"title":"moneymasters - File Upload Vulnerability (metasploit)","url":"http://1337day.com/exploit/20076","created_at":"2014-08-01T10:52:01.045Z","updated_at":"2014-08-01T10:52:01.045Z"}]}},{"ovum":{"vulnerabilities":[{"id":93854,"title":"XSS vulnerability in Imediapixel premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html","created_at":"2014-08-01T10:52:01.104Z","updated_at":"2014-08-01T10:52:01.104Z"}]}},{"avanix":{"vulnerabilities":[{"id":93854,"title":"XSS vulnerability in Imediapixel premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html","created_at":"2014-08-01T10:52:01.104Z","updated_at":"2014-08-01T10:52:01.104Z"}]}},{"ebiz":{"vulnerabilities":[{"id":93854,"title":"XSS vulnerability in Imediapixel premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html","created_at":"2014-08-01T10:52:01.104Z","updated_at":"2014-08-01T10:52:01.104Z"}]}},{"ecobiz":{"vulnerabilities":[{"id":93854,"title":"XSS vulnerability in Imediapixel premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html","created_at":"2014-08-01T10:52:01.104Z","updated_at":"2014-08-01T10:52:01.104Z"}]}},{"traject":{"vulnerabilities":[{"id":93855,"title":"XSS vulnerability in Parallelus premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html","created_at":"2014-08-01T10:52:01.367Z","updated_at":"2014-08-01T10:52:01.367Z"},{"id":94070,"title":"testing theme and plugin name downcasing","url":"http://www.example.com,http://www.example2.com","created_at":"2014-09-05T11:23:09.793Z","updated_at":"2014-09-08T13:51:59.461Z"}]}},{"intersect":{"vulnerabilities":[{"id":93855,"title":"XSS vulnerability in Parallelus premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html","created_at":"2014-08-01T10:52:01.367Z","updated_at":"2014-08-01T10:52:01.367Z"}]}},{"salutation":{"vulnerabilities":[{"id":93855,"title":"XSS vulnerability in Parallelus premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html","created_at":"2014-08-01T10:52:01.367Z","updated_at":"2014-08-01T10:52:01.367Z"}]}},{"unite":{"vulnerabilities":[{"id":93855,"title":"XSS vulnerability in Parallelus premium WordPress themes","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html","created_at":"2014-08-01T10:52:01.367Z","updated_at":"2014-08-01T10:52:01.367Z"}]}},{"shapeless":{"vulnerabilities":[{"id":93856,"title":"Shapeless - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85919","created_at":"2014-08-01T10:52:01.600Z","updated_at":"2014-08-01T10:52:01.600Z"}]}},{"brisk":{"vulnerabilities":[{"id":93857,"title":"Brisk - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85918","created_at":"2014-08-01T10:52:01.653Z","updated_at":"2014-08-01T10:52:01.653Z"}]}},{"blaze":{"vulnerabilities":[{"id":93858,"title":"Blaze - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85917","created_at":"2014-08-01T10:52:01.719Z","updated_at":"2014-08-01T10:52:01.719Z"}]}},{"eunice":{"vulnerabilities":[{"id":93859,"title":"Eunice - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85916","created_at":"2014-08-01T10:52:01.775Z","updated_at":"2014-08-01T10:52:01.775Z"}]}},{"explicit":{"vulnerabilities":[{"id":93860,"title":"Explicit - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85915","created_at":"2014-08-01T10:52:01.828Z","updated_at":"2014-08-01T10:52:01.828Z"}]}},{"essence":{"vulnerabilities":[{"id":93861,"title":"Essence - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85914","created_at":"2014-08-01T10:52:01.883Z","updated_at":"2014-08-01T10:52:01.883Z"}]}},{"paramount":{"vulnerabilities":[{"id":93862,"title":"Paramount - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85913","created_at":"2014-08-01T10:52:01.937Z","updated_at":"2014-08-01T10:52:01.937Z"}]}},{"picturefactory":{"vulnerabilities":[{"id":93863,"title":"PictureFactory - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85912","created_at":"2014-08-01T10:52:01.989Z","updated_at":"2014-08-01T10:52:01.989Z"}]}},{"sparky":{"vulnerabilities":[{"id":93864,"title":"Sparky - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85911","created_at":"2014-08-01T10:52:02.040Z","updated_at":"2014-08-01T10:52:02.040Z"}]}},{"theagency":{"vulnerabilities":[{"id":93865,"title":"TheAgency - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85910","created_at":"2014-08-01T10:52:02.097Z","updated_at":"2014-08-01T10:52:02.097Z"}]}},{"konzept":{"vulnerabilities":[{"id":93866,"title":"Konzept - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85920","created_at":"2014-08-01T10:52:02.156Z","updated_at":"2014-08-01T10:52:02.156Z"}]}},{"daisho":{"vulnerabilities":[{"id":93867,"title":"Daisho - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html","osvdb":"85921","created_at":"2014-08-01T10:52:02.212Z","updated_at":"2014-08-01T10:52:02.212Z"}]}},{"choices":{"vulnerabilities":[{"id":93868,"title":"Choices - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86755","created_at":"2014-08-01T10:52:02.266Z","updated_at":"2014-08-01T10:52:02.266Z"}]}},{"brightbox":{"vulnerabilities":[{"id":93869,"title":"Brightbox - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86756","created_at":"2014-08-01T10:52:02.346Z","updated_at":"2014-08-01T10:52:02.346Z"}]}},{"broadscope":{"vulnerabilities":[{"id":93870,"title":"Broadscope - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86757","created_at":"2014-08-01T10:52:02.398Z","updated_at":"2014-08-01T10:52:02.398Z"}]}},{"corona":{"vulnerabilities":[{"id":93871,"title":"Corona - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86758","created_at":"2014-08-01T10:52:02.457Z","updated_at":"2014-08-01T10:52:02.457Z"}]}},{"flashlight":{"vulnerabilities":[{"id":93872,"title":"Flashlight - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86759","created_at":"2014-08-01T10:52:02.508Z","updated_at":"2014-08-01T10:52:02.508Z"}]}},{"coalition":{"vulnerabilities":[{"id":93873,"title":"Coalition - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86760","created_at":"2014-08-01T10:52:02.567Z","updated_at":"2014-08-01T10:52:02.567Z"}]}},{"shoutbox":{"vulnerabilities":[{"id":93874,"title":"Shoutbox - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86761","created_at":"2014-08-01T10:52:02.620Z","updated_at":"2014-08-01T10:52:02.620Z"}]}},{"velvet":{"vulnerabilities":[{"id":93875,"title":"Velvet - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86762","created_at":"2014-08-01T10:52:02.675Z","updated_at":"2014-08-01T10:52:02.675Z"}]}},{"upscale":{"vulnerabilities":[{"id":93876,"title":"Upscale - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86763","created_at":"2014-08-01T10:52:02.731Z","updated_at":"2014-08-01T10:52:02.731Z"}]}},{"expose":{"vulnerabilities":[{"id":93877,"title":"Expose - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86764","created_at":"2014-08-01T10:52:02.786Z","updated_at":"2014-08-01T10:52:02.786Z"}]}},{"abundance":{"vulnerabilities":[{"id":93878,"title":"Abundance - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86765","created_at":"2014-08-01T10:52:02.841Z","updated_at":"2014-08-01T10:52:02.841Z"}]}},{"eunoia":{"vulnerabilities":[{"id":93879,"title":"Eunoia - Unspecified XSS","url":"http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html","osvdb":"86766","created_at":"2014-08-01T10:52:02.893Z","updated_at":"2014-08-01T10:52:02.893Z"}]}},{"wise":{"vulnerabilities":[{"id":93880,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:52:02.943Z","updated_at":"2014-08-01T10:52:02.943Z"}]}},{"webfolio":{"vulnerabilities":[{"id":93880,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:52:02.943Z","updated_at":"2014-08-01T10:52:02.943Z","fixed_in":"2.0"}]}},{"colorbold":{"vulnerabilities":[{"id":93880,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:52:02.943Z","updated_at":"2014-08-01T10:52:02.943Z"}]}},{"rockwell":{"vulnerabilities":[{"id":93880,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:52:02.943Z","updated_at":"2014-08-01T10:52:02.943Z"}]}},{"xmas":{"vulnerabilities":[{"id":93880,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:52:02.943Z","updated_at":"2014-08-01T10:52:02.943Z"}]}},{"designpile":{"vulnerabilities":[{"id":93880,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:52:02.943Z","updated_at":"2014-08-01T10:52:02.943Z"}]}},{"alltuts":{"vulnerabilities":[{"id":93880,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:52:02.943Z","updated_at":"2014-08-01T10:52:02.943Z","fixed_in":"2.0"}]}},{"boldy":{"vulnerabilities":[{"id":93880,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:52:02.943Z","updated_at":"2014-08-01T10:52:02.943Z","fixed_in":"2.0"}]}},{"simplo":{"vulnerabilities":[{"id":93880,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:52:02.943Z","updated_at":"2014-08-01T10:52:02.943Z"}]}},{"diary":{"vulnerabilities":[{"id":93880,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:52:02.943Z","updated_at":"2014-08-01T10:52:02.943Z","fixed_in":"2.0"}]}},{"journalcrunch":{"vulnerabilities":[{"id":93880,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:52:02.943Z","updated_at":"2014-08-01T10:52:02.943Z","fixed_in":"2.0"}]}},{"prosume":{"vulnerabilities":[{"id":93880,"title":"Site5 Wordpress Themes Email Spoofing","url":"http://packetstormsecurity.org/files/114750/","created_at":"2014-08-01T10:52:02.943Z","updated_at":"2014-08-01T10:52:02.943Z","fixed_in":"2.0"}]}},{"famous":{"vulnerabilities":[{"id":93881,"title":"Famous 2.0.5 - Shell Upload","url":"http://packetstormsecurity.org/files/113842/","osvdb":"83013","created_at":"2014-08-01T10:52:03.667Z","updated_at":"2014-08-01T10:52:03.667Z"}]}},{"deep-blue":{"vulnerabilities":[{"id":93882,"title":"Deep-Blue 1.9.2 - Arbitrary File Upload Vulnerability","url":"http://packetstormsecurity.org/files/113843/","osvdb":"83014","secunia":"49611","created_at":"2014-08-01T10:52:03.723Z","updated_at":"2014-08-01T10:52:03.723Z"}]}},{"classipress":{"vulnerabilities":[{"id":93883,"title":"Classipress \u003c= 3.1.4 - Stored XSS","url":"http://cxsecurity.com/issue/WLB-2011110001","osvdb":"76712","cve":"2011-5257","exploitdb":"18053","created_at":"2014-08-01T10:52:03.777Z","updated_at":"2014-08-01T10:52:03.777Z","fixed_in":"3.1.5"}]}},{"merchant":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"smpl":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"drawar":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"sentient":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"whitelight":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"unsigned":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"shelflife":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"olya":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"sliding":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"beveled":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"empire-commerce":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"buro-commerce":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"briefed-commerce":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"wikeasi":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"currents":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"emporium":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"biznizz-commerce":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"kaboodle-commerce":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"inspire-commerce":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"teamster":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"argentum":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"statua-commerce":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"simplicity-commerce":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"canvas-commerce":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"wootique":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"woostore":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"coquette":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"buro":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"swatch":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"announcement":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"empire":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"supportpress":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"editorial":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"statua":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"briefed":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"faultpress":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"kaboodle":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"savinggrace":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"premiere":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"simplicity":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"deliciousmagazine":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"bookclub":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"boldnews":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"placeholder":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"biznizz":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"auld":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"listings":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"elefolio":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"chapters":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"continuum":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"diner":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"skeptical":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"caffeinated":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"crisp":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"sealight":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"estate":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"tma":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"coda":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"inspire":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"apz":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"spectrum":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"diarise":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"boast":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"retreat":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"cityguide":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"canvas":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"postcard":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"delegate":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"mystream":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"optimize":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"backstage":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"bueno":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"digitalfarm":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"headlines":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"therapy":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"rockstar":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"DailyDeal":{"vulnerabilities":[{"id":93885,"title":"DailyDeal - File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/123748/,http://templatic.com/app-themes/daily-deal-premium-wordpress-app-theme","osvdb":"98924","created_at":"2014-08-01T10:52:08.465Z","updated_at":"2014-08-01T10:52:08.465Z"}]}},{"dailyedition":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"object":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"coffeebreak":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"mainstream":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"featurepitch":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"thejournal":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"aperture":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"metamorphosis":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"bloggingstream":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"thestation":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"groovyvideo":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"irresistible":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"cushy":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"wootube":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"abstract":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"busybee":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"blogtheme":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"typebased":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"overeasy":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"snapshot":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"openair":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"freshnews":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"livewire":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"flashnews":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"},{"id":93886,"title":"Flash News - thumb.php src Parameter XSS","url":"http://packetstormsecurity.com/files/120037/,http://seclists.org/fulldisclosure/2013/Feb/8,http://cxsecurity.com/issue/WLB-2013020010","osvdb":"89887","created_at":"2014-08-01T10:52:10.161Z","updated_at":"2014-08-01T10:52:10.161Z"},{"id":93887,"title":"Flash News - Multiple Script Path Disclosure","url":"http://packetstormsecurity.com/files/120037/,http://seclists.org/fulldisclosure/2013/Feb/8,http://cxsecurity.com/issue/WLB-2013020010","osvdb":"89888","created_at":"2014-08-01T10:52:10.215Z","updated_at":"2014-08-01T10:52:10.215Z"},{"id":93888,"title":"Flash News - includes/test.php a Parameter XSS","url":"http://packetstormsecurity.com/files/120037/,http://seclists.org/fulldisclosure/2013/Feb/8,http://cxsecurity.com/issue/WLB-2013020010","osvdb":"89889","created_at":"2014-08-01T10:52:10.272Z","updated_at":"2014-08-01T10:52:10.272Z"},{"id":93889,"title":"Flash News - includes/test.php Direct Request Information Disclosure","url":"http://packetstormsecurity.com/files/120037/,http://seclists.org/fulldisclosure/2013/Feb/8,http://cxsecurity.com/issue/WLB-2013020010","osvdb":"89890","created_at":"2014-08-01T10:52:10.335Z","updated_at":"2014-08-01T10:52:10.335Z"},{"id":93890,"title":"Flash News - thumb.php src Parameter File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/120037/,http://seclists.org/fulldisclosure/2013/Feb/8,http://cxsecurity.com/issue/WLB-2013020010","osvdb":"89891","created_at":"2014-08-01T10:52:10.393Z","updated_at":"2014-08-01T10:52:10.393Z"},{"id":93891,"title":"Flash News - thumb.php src Parameter Remote DoS","url":"http://packetstormsecurity.com/files/120037/,http://seclists.org/fulldisclosure/2013/Feb/8,http://cxsecurity.com/issue/WLB-2013020010","osvdb":"89892","created_at":"2014-08-01T10:52:10.446Z","updated_at":"2014-08-01T10:52:10.446Z"}]}},{"gazette":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"premiumnews":{"vulnerabilities":[{"id":93884,"title":"WooThemes WooFramework Remote Unauthenticated Shortcode Execution","url":"https://gist.github.com/2523147","created_at":"2014-08-01T10:52:03.837Z","updated_at":"2014-08-01T10:52:03.837Z"}]}},{"dt-chocolate":{"vulnerabilities":[{"id":93892,"title":"dt-chocolate - jPlayer XSS","url":"http://packetstormsecurity.com/files/124756/","secunia":"56379","created_at":"2014-08-01T10:52:10.635Z","updated_at":"2014-08-01T10:52:10.635Z"},{"id":93893,"title":"dt-chocolate - Image Open redirect","url":"http://cxsecurity.com/issue/WLB-2013020011","created_at":"2014-08-01T10:52:10.686Z","updated_at":"2014-08-01T10:52:10.686Z"},{"id":93894,"title":"Multiple vulnerabilities in Chocolate WP theme for WordPress","url":"http://seclists.org/fulldisclosure/2013/Jan/215","created_at":"2014-08-01T10:52:10.737Z","updated_at":"2014-08-01T10:52:10.737Z"}]}},{"sandbox":{"vulnerabilities":[{"id":93895,"title":"sandbox - Arbitrary File Upload/FD Vulnerability","url":"http://1337day.com/exploit/20228","created_at":"2014-08-01T10:52:10.795Z","updated_at":"2014-08-01T10:52:10.795Z"}]}},{"clockstone":{"vulnerabilities":[{"id":93896,"title":"Clockstone 1.2 - upload.php Arbitrary File Upload Vulnerability","url":"http://www.exploit-db.com/exploits/23494,http://www.securityfocus.com/bid/56988,http://xforce.iss.net/xforce/xfdb/80725","osvdb":"88622","secunia":"51619","created_at":"2014-08-01T10:52:10.849Z","updated_at":"2014-08-01T10:52:10.849Z"}]}},{"archin":{"vulnerabilities":[{"id":93897,"title":"Archin 3.2 - Cross-Site Scripting and Arbitrary File Upload Vulnerabilities","secunia":"50711","created_at":"2014-08-01T10:52:10.906Z","updated_at":"2014-08-01T10:52:10.906Z"},{"id":93898,"title":"Archin 3.2 - hades_framework/option_panel/ajax.php Configuration Option Manipulation","osvdb":"86991","exploitdb":"21646","created_at":"2014-08-01T10:52:10.965Z","updated_at":"2014-08-01T10:52:10.965Z"}]}},{"purity":{"vulnerabilities":[{"id":93899,"title":"Purity - Multiple Cross-Site Scripting Vulnerabilities","secunia":"50627","created_at":"2014-08-01T10:52:11.025Z","updated_at":"2014-08-01T10:52:11.025Z"}]}},{"pinboard":{"vulnerabilities":[{"id":93900,"title":"Pinboard 1.0.6 - includes/theme-options.php tab Parameter XSS","url":"http://seclists.org/oss-sec/2013/q1/274,http://cxsecurity.com/issue/WLB-2013020062","osvdb":"90070","cve":"2013-0286","secunia":"52079","created_at":"2014-08-01T10:52:11.109Z","updated_at":"2014-08-01T10:52:11.109Z"},{"id":93901,"title":"Pinboard - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124151/","osvdb":"100271","created_at":"2014-08-01T10:52:11.162Z","updated_at":"2014-08-01T10:52:11.162Z"}]}},{"montezuma":{"vulnerabilities":[{"id":93902,"title":"montezuma \u003c= 1.1.3 - XSS in ZeroClipboard.swf","url":"http://1337day.com/exploit/20396","created_at":"2014-08-01T10:52:11.215Z","updated_at":"2014-08-01T10:52:11.215Z"}]}},{"scarlet":{"vulnerabilities":[{"id":93903,"title":"scarlet \u003c= 1.1.3 - XSS in ZeroClipboard.swf","url":"http://1337day.com/exploit/20396","created_at":"2014-08-01T10:52:11.276Z","updated_at":"2014-08-01T10:52:11.276Z"}]}},{"allure-real-estate-theme-for-placester":{"vulnerabilities":[{"id":93904,"title":"allure-real-estate-theme-for-placester \u003c= 0.1.1 - XSS in ZeroClipboard.swf","url":"http://1337day.com/exploit/20396","created_at":"2014-08-01T10:52:11.351Z","updated_at":"2014-08-01T10:52:11.351Z"}]}},{"allure-real-estate-theme-for-real-estate":{"vulnerabilities":[{"id":93905,"title":"allure-real-estate-theme-for-real-estate \u003c= 0.1.1 - XSS in ZeroClipboard.swf","url":"http://1337day.com/exploit/20396","created_at":"2014-08-01T10:52:11.413Z","updated_at":"2014-08-01T10:52:11.413Z"}]}},{"felici":{"vulnerabilities":[{"id":93906,"title":"felici - XSS Vulnerability","url":"http://1337day.com/exploit/20560","created_at":"2014-08-01T10:52:11.468Z","updated_at":"2014-08-01T10:52:11.468Z"},{"id":93907,"title":"felici - Custom Background Shell Upload","url":"http://packetstormsecurity.com/files/125830/","created_at":"2014-08-01T10:52:11.523Z","updated_at":"2014-08-01T10:52:11.523Z"}]}},{"classic":{"vulnerabilities":[{"id":93908,"title":"Classic 1.5 - PHP_SELF XSS","osvdb":"38450","cve":"2007-4483","created_at":"2014-08-01T10:52:11.578Z","updated_at":"2014-08-01T10:52:11.578Z"}]}},{"brilliant":{"vulnerabilities":[{"id":93909,"title":"brilliant - File Upload Vulnerability","url":"http://ruinedsec.wordpress.com/2013/04/03/wordpress-themes-exploits-are-in-action-wpscan/","created_at":"2014-08-01T10:52:11.631Z","updated_at":"2014-08-01T10:52:11.631Z"}]}},{"colormix":{"vulnerabilities":[{"id":93910,"title":"Colormix - Multiple vulnerabilities","url":"http://packetstormsecurity.com/files/121372/,http://seclists.org/fulldisclosure/2013/Apr/172","created_at":"2014-08-01T10:52:11.686Z","updated_at":"2014-08-01T10:52:11.686Z"}]}},{"jobroller":{"vulnerabilities":[{"id":93911,"title":"XSS in jobroller theme","url":"http://cxsecurity.com/issue/WLB-2013060089","created_at":"2014-08-01T10:52:11.774Z","updated_at":"2014-08-01T10:52:11.774Z"}]}},{"ambience":{"vulnerabilities":[{"id":93912,"title":"Xss In wordpress ambience theme","url":"http://www.websecuritywatch.com/wordpress-ambience-xss/","created_at":"2014-08-01T10:52:11.828Z","updated_at":"2014-08-01T10:52:11.828Z"}]}},{"slash-wp":{"vulnerabilities":[{"id":93913,"title":"Slash WP - FPD, XSS and CS vulnerabilities","url":"http://packetstormsecurity.com/files/123748/,http://seclists.org/fulldisclosure/2013/Jun/166","created_at":"2014-08-01T10:52:11.883Z","updated_at":"2014-08-01T10:52:11.883Z"}]}},{"persuasion":{"vulnerabilities":[{"id":93914,"title":"Persuasion - PrettyPhoto DOM XSS","url":"http://www.rafayhackingarticles.net/2013/05/kali-linux-dom-based-xss-writeup.html","created_at":"2014-08-01T10:52:11.942Z","updated_at":"2014-08-01T10:52:11.942Z"},{"id":93915,"title":"Persuasion \u003c= 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://packetstormsecurity.com/files/124547/,http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:52:11.999Z","updated_at":"2014-08-01T10:52:11.999Z","fixed_in":"2.5"},{"id":93916,"title":"Persuasion \u003c= 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://packetstormsecurity.com/files/124547/,http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:52:12.070Z","updated_at":"2014-08-01T10:52:12.070Z","fixed_in":"2.5"}]}},{"More":{"vulnerabilities":[{"id":93917,"title":"MORE+ - PrettyPhoto XSS Vulnerability","url":"http://archives.neohapsis.com/archives/fulldisclosure/2013-09/0177.html","secunia":"54924","created_at":"2014-08-01T10:52:12.143Z","updated_at":"2014-08-01T10:52:12.143Z"}]}},{"silverorchid":{"vulnerabilities":[{"id":93918,"title":"silverOrchid \u003c= 1.5.0 - XSS Vulnerability","url":"http://packetstormsecurity.com/files/122986/","osvdb":"96723","secunia":"54662","created_at":"2014-08-01T10:52:12.201Z","updated_at":"2014-08-01T10:52:12.201Z"}]}},{"Caulk":{"vulnerabilities":[{"id":93919,"title":"Caulk - path disclosure vulnerability","url":"http://packetstormsecurity.com/files/120632/,http://themeforest.net/item/caulk/76108","osvdb":"90889","created_at":"2014-08-01T10:52:12.260Z","updated_at":"2014-08-01T10:52:12.260Z"}]}},{"WPLocalPlaces":{"vulnerabilities":[{"id":93920,"title":"WPLocalPlaces - File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/123697/","osvdb":"98806","created_at":"2014-08-01T10:52:12.332Z","updated_at":"2014-08-01T10:52:12.332Z"}]}},{"photocrati-theme":{"vulnerabilities":[{"id":93921,"title":"Photocrati 4.7.3 - photocrati-gallery/ecomm-sizes.php prod_id Parameter Reflected XSS","url":"http://packetstormsecurity.com/files/124986/","osvdb":"102717","secunia":"56690","created_at":"2014-08-01T10:52:12.395Z","updated_at":"2014-08-01T10:52:12.395Z"},{"id":93922,"title":"Photocrati - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Apr/238","osvdb":"92836","created_at":"2014-08-01T10:52:12.480Z","updated_at":"2014-08-01T10:52:12.480Z"}]}},{"music":{"vulnerabilities":[{"id":93923,"title":"Music - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Apr/238","osvdb":"92837","created_at":"2014-08-01T10:52:12.557Z","updated_at":"2014-08-01T10:52:12.557Z"}]}},{"imperial-fairytale":{"vulnerabilities":[{"id":93924,"title":"Imperial Fairytale - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Apr/238","osvdb":"92838","created_at":"2014-08-01T10:52:12.633Z","updated_at":"2014-08-01T10:52:12.633Z"},{"id":93925,"title":"Imperial Fairytale - jPlayer Cross-Site Scripting Vulnerability","url":"http://seclists.org/oss-sec/2013/q2/177","secunia":"53210","created_at":"2014-08-01T10:52:12.699Z","updated_at":"2014-08-01T10:52:12.699Z"}]}},{"feather12":{"vulnerabilities":[{"id":93926,"title":"Feather12 - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Apr/238","osvdb":"92839","created_at":"2014-08-01T10:52:12.759Z","updated_at":"2014-08-01T10:52:12.759Z"}]}},{"studiozen":{"vulnerabilities":[{"id":93927,"title":"Studio Zen - Multiple Script Direct Request Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Apr/238","osvdb":"92840","created_at":"2014-08-01T10:52:12.817Z","updated_at":"2014-08-01T10:52:12.817Z"}]}},{"area53":{"vulnerabilities":[{"id":93928,"title":"AREA53 \u003c= 1.0.5 - File Upload Code Execution","url":"http://www.securityfocus.com/bid/63306,http://1337day.com/exploit/21442","osvdb":"98927","exploitdb":"29068","created_at":"2014-08-01T10:52:12.886Z","updated_at":"2014-08-01T10:52:12.886Z"}]}},{"sahifa":{"vulnerabilities":[{"id":93929,"title":"Sahifa 2.4.0 - Multiple Script Path Disclosure Direct Request Path Disclosure","url":"http://packetstormsecurity.com/files/119191/,http://www.securityfocus.com/bid/57109","osvdb":"88926","created_at":"2014-08-01T10:52:12.944Z","updated_at":"2014-08-01T10:52:12.944Z"},{"id":93930,"title":"Sahifa 2.4.0 - Site Setting Reset CSRF","url":"http://packetstormsecurity.com/files/119191/,http://www.securityfocus.com/bid/57109","osvdb":"88927","created_at":"2014-08-01T10:52:12.996Z","updated_at":"2014-08-01T10:52:12.996Z"}]}},{"simpledark":{"vulnerabilities":[{"id":93931,"title":"SimpleDark 1.2.10 - 's' Parameter Cross Site Scripting Vulnerability","url":"http://www.securityfocus.com/bid/46615","created_at":"2014-08-01T10:52:13.049Z","updated_at":"2014-08-01T10:52:13.049Z"}]}},{"geoplaces4":{"vulnerabilities":[{"id":93932,"title":"GeoPlaces - File Upload Handling Remote Command Execution","url":"http://packetstormsecurity.com/files/123773/","osvdb":"98975","created_at":"2014-08-01T10:52:13.108Z","updated_at":"2014-08-01T10:52:13.108Z"}]}},{"GeoPlaces4beta":{"vulnerabilities":[{"id":93932,"title":"GeoPlaces - File Upload Handling Remote Command Execution","url":"http://packetstormsecurity.com/files/123773/","osvdb":"98975","created_at":"2014-08-01T10:52:13.108Z","updated_at":"2014-08-01T10:52:13.108Z"}]}},{"curvo":{"vulnerabilities":[{"id":93933,"title":"Curvo - wp-content/themes/curvo/functions/upload-handler.php File Upload CSRF","url":"http://packetstormsecurity.com/files/123799/,http://packetstormsecurity.com/files/123820/","osvdb":"99043","exploitdb":"29211","created_at":"2014-08-01T10:52:13.226Z","updated_at":"2014-08-01T10:52:13.226Z"}]}},{"MoneyTheme":{"vulnerabilities":[{"id":93934,"title":"Money - wp-content/themes/MoneyTheme/uploads/upload.php File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/123819/","osvdb":"99187","created_at":"2014-08-01T10:52:13.286Z","updated_at":"2014-08-01T10:52:13.286Z"}]}},{"saico":{"vulnerabilities":[{"id":93935,"title":"Saico - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21440","exploitdb":"29150","created_at":"2014-08-01T10:52:13.357Z","updated_at":"2014-08-01T10:52:13.357Z"}]}},{"ThisWay":{"vulnerabilities":[{"id":93936,"title":"ThisWay - remote shell upload vulnerability","url":"http://packetstormsecurity.com/files/123895/","secunia":"55587","created_at":"2014-08-01T10:52:13.409Z","updated_at":"2014-08-01T10:52:13.409Z"}]}},{"ThinkResponsive":{"vulnerabilities":[{"id":93937,"title":"Think Responsive 1.0 - Arbitrary shell upload vulnerability","url":"http://packetstormsecurity.com/files/123880/","exploitdb":"29332","created_at":"2014-08-01T10:52:13.476Z","updated_at":"2014-08-01T10:52:13.476Z"}]}},{"anthology":{"vulnerabilities":[{"id":93938,"title":"Anthology - Remote File Upload Vulnerability","url":"http://1337day.com/exploit/21460","created_at":"2014-08-01T10:52:13.542Z","updated_at":"2014-08-01T10:52:13.542Z"}]}},{"amoveo":{"vulnerabilities":[{"id":93939,"title":"Amoveo - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21451","created_at":"2014-08-01T10:52:13.595Z","updated_at":"2014-08-01T10:52:13.595Z"}]}},{"switchblade":{"vulnerabilities":[{"id":93940,"title":"Switchblade 1.3 - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21457","osvdb":"88918","exploitdb":"29330","created_at":"2014-08-01T10:52:13.647Z","updated_at":"2014-08-01T10:52:13.647Z"}]}},{"magnitudo":{"vulnerabilities":[{"id":93941,"title":"Magnitudo - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21457","created_at":"2014-08-01T10:52:13.698Z","updated_at":"2014-08-01T10:52:13.698Z"}]}},{"ghost":{"vulnerabilities":[{"id":93942,"title":"Ghost - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21416","created_at":"2014-08-01T10:52:13.763Z","updated_at":"2014-08-01T10:52:13.763Z"}]}},{"RightNow":{"vulnerabilities":[{"id":93943,"title":"Right Now - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21420","created_at":"2014-08-01T10:52:13.832Z","updated_at":"2014-08-01T10:52:13.832Z"}]}},{"ColdFusion":{"vulnerabilities":[{"id":93944,"title":"Cold Fusion - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21431","created_at":"2014-08-01T10:52:13.888Z","updated_at":"2014-08-01T10:52:13.888Z"}]}},{"chameleon":{"vulnerabilities":[{"id":93945,"title":"Chameleon - Arbitrary File Upload Vulnerability","url":"http://1337day.com/exploit/21449","created_at":"2014-08-01T10:52:13.941Z","updated_at":"2014-08-01T10:52:13.941Z"}]}},{"kernel-theme":{"vulnerabilities":[{"id":93946,"title":"Kernel Theme - functions/upload-handler.php File Upload Remote Code Execution","url":"http://packetstormsecurity.com/files/123954/","osvdb":"99553","exploitdb":"29482","created_at":"2014-08-01T10:52:14.000Z","updated_at":"2014-08-01T10:52:14.000Z"}]}},{"rockstar-theme":{"vulnerabilities":[{"id":93947,"title":"Rockstar - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21510","exploitdb":"29946","created_at":"2014-08-01T10:52:14.052Z","updated_at":"2014-08-01T10:52:14.052Z"}]}},{"reganto-theme":{"vulnerabilities":[{"id":93948,"title":"Reganto - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21511","exploitdb":"29946","created_at":"2014-08-01T10:52:14.109Z","updated_at":"2014-08-01T10:52:14.109Z"}]}},{"rayoflight-theme":{"vulnerabilities":[{"id":93949,"title":"Ray of Light - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21512","exploitdb":"29946","created_at":"2014-08-01T10:52:14.160Z","updated_at":"2014-08-01T10:52:14.160Z"}]}},{"radial-theme":{"vulnerabilities":[{"id":93950,"title":"Radial - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21513","exploitdb":"29946","created_at":"2014-08-01T10:52:14.219Z","updated_at":"2014-08-01T10:52:14.219Z"}]}},{"oxygen-theme":{"vulnerabilities":[{"id":93951,"title":"Oxygen - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21514","exploitdb":"29946","created_at":"2014-08-01T10:52:14.277Z","updated_at":"2014-08-01T10:52:14.277Z"}]}},{"bulteno-theme":{"vulnerabilities":[{"id":93952,"title":"Bulteno - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21515","exploitdb":"29946","created_at":"2014-08-01T10:52:14.347Z","updated_at":"2014-08-01T10:52:14.347Z"}]}},{"bordeaux-theme":{"vulnerabilities":[{"id":93953,"title":"Bordeaux - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/123999/,http://packetstormsecurity.com/files/124232/,http://1337day.com/exploit/21516","exploitdb":"29946","created_at":"2014-08-01T10:52:14.405Z","updated_at":"2014-08-01T10:52:14.405Z"}]}},{"agritourismo-theme":{"vulnerabilities":[{"id":93954,"title":"Agritourismo - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/124232/","exploitdb":"29946","created_at":"2014-08-01T10:52:14.460Z","updated_at":"2014-08-01T10:52:14.460Z"}]}},{"highlight":{"vulnerabilities":[{"id":93955,"title":"Highlight Powerful Premium - upload-handler.php File Upload CSRF","url":"http://packetstormsecurity.com/files/123974/","osvdb":"99703","secunia":"55671","exploitdb":"29525","created_at":"2014-08-01T10:52:14.517Z","updated_at":"2014-08-01T10:52:14.517Z"}]}},{"euclid":{"vulnerabilities":[{"id":93956,"title":"Euclid - CSRF Vulnerability","url":"http://packetstormsecurity.com/files/124043/,http://1337day.com/exploit/21538","exploitdb":"29667","created_at":"2014-08-01T10:52:14.575Z","updated_at":"2014-08-01T10:52:14.575Z"}]}},{"dimension":{"vulnerabilities":[{"id":93957,"title":"Dimension - CSRF Vulnerability","url":"http://packetstormsecurity.com/files/124042/,http://1337day.com/exploit/21537","exploitdb":"29668","created_at":"2014-08-01T10:52:14.631Z","updated_at":"2014-08-01T10:52:14.631Z"}]}},{"amplus":{"vulnerabilities":[{"id":93958,"title":"Amplus - CSRF Vulnerability","url":"http://packetstormsecurity.com/files/124041/,http://1337day.com/exploit/21535","exploitdb":"29669","created_at":"2014-08-01T10:52:14.683Z","updated_at":"2014-08-01T10:52:14.683Z"}]}},{"make_a_statement":{"vulnerabilities":[{"id":93959,"title":"Make A Statement - CSRF Vulnerability","url":"http://packetstormsecurity.com/files/124044/,http://1337day.com/exploit/21536","exploitdb":"29670","created_at":"2014-08-01T10:52:14.737Z","updated_at":"2014-08-01T10:52:14.737Z"}]}},{"ithemes2":{"vulnerabilities":[{"id":93960,"title":"iThemes2 - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/","osvdb":"100271","created_at":"2014-08-01T10:52:14.794Z","updated_at":"2014-08-01T10:52:14.794Z"}]}},{"suco":{"vulnerabilities":[{"id":93961,"title":"Suco - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124094/","osvdb":"100271","created_at":"2014-08-01T10:52:14.851Z","updated_at":"2014-08-01T10:52:14.851Z"}]}},{"elemin":{"vulnerabilities":[{"id":93962,"title":"Elemin - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124149/","osvdb":"100271","created_at":"2014-08-01T10:52:14.919Z","updated_at":"2014-08-01T10:52:14.919Z"}]}},{"folo":{"vulnerabilities":[{"id":93963,"title":"Folo - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124150/","osvdb":"100271","created_at":"2014-08-01T10:52:14.970Z","updated_at":"2014-08-01T10:52:14.970Z"},{"id":93964,"title":"Folo - Cross Site Scripting","url":"http://packetstormsecurity.com/files/124230/","created_at":"2014-08-01T10:52:15.023Z","updated_at":"2014-08-01T10:52:15.023Z"}]}},{"Bloggie":{"vulnerabilities":[{"id":93965,"title":"Bloggie - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124152/","osvdb":"100271","created_at":"2014-08-01T10:52:15.075Z","updated_at":"2014-08-01T10:52:15.075Z"}]}},{"blogfolio":{"vulnerabilities":[{"id":93966,"title":"Blogfolio - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124156/","osvdb":"100271","created_at":"2014-08-01T10:52:15.129Z","updated_at":"2014-08-01T10:52:15.129Z"}]}},{"OptimizePress":{"vulnerabilities":[{"id":93967,"title":"OptimizePress - File Upload Vulnerability","url":"http://packetstormsecurity.com/files/124246/,http://www.osirt.com/2013/11/wordpress-optimizepress-hack-file-upload-vulnerability/","osvdb":"100509","cve":"2013-7102","secunia":"56379","created_at":"2014-08-01T10:52:15.182Z","updated_at":"2014-08-01T10:52:15.182Z","metasploit":"exploit/unix/webapp/php_wordpress_optimizepress","fixed_in":"1.6"}]}},{"blooog":{"vulnerabilities":[{"id":93968,"title":"Blooog 1.1 - jplayer.swf Cross Site Scripting","url":"http://packetstormsecurity.com/files/124240/,http://xforce.iss.net/xforce/xfdb/89356","osvdb":"92254","cve":"2013-7129","created_at":"2014-08-01T10:52:15.239Z","updated_at":"2014-08-01T10:52:15.239Z"}]}},{"toolbox":{"vulnerabilities":[{"id":93969,"title":"Toolbox 1.4 - flyer.php mls Parameter SQL Injection","url":"http://www.securityfocus.com/bid/56745","osvdb":"88293","created_at":"2014-08-01T10:52:15.321Z","updated_at":"2014-08-01T10:52:15.321Z"}]}},{"oberliga_theme":{"vulnerabilities":[{"id":93970,"title":"Oberliga - team.php team Parameter SQL Injection","url":"http://packetstormsecurity.org/files/118368/,http://xforce.iss.net/xforce/xfdb/80273","osvdb":"88454","created_at":"2014-08-01T10:52:15.375Z","updated_at":"2014-08-01T10:52:15.375Z"}]}},{"cstardesign":{"vulnerabilities":[{"id":93971,"title":"CStar Design 2.0 - flashmoXML.php id Parameter SQL Injection","url":"http://www.securityfocus.com/bid/56694","osvdb":"88291","created_at":"2014-08-01T10:52:15.428Z","updated_at":"2014-08-01T10:52:15.428Z"}]}},{"malmonation":{"vulnerabilities":[{"id":93972,"title":"Malmonation - debate.php id Parameter SQL Injection","url":"http://packetstormsecurity.org/files/118340/,http://xforce.iss.net/xforce/xfdb/80252","osvdb":"87866","created_at":"2014-08-01T10:52:15.482Z","updated_at":"2014-08-01T10:52:15.482Z"}]}},{"lightspeed":{"vulnerabilities":[{"id":93973,"title":"LightSpeed - Valums Uploader Shell Upload Exploit","url":"http://packetstormsecurity.com/files/119241/","created_at":"2014-08-01T10:52:15.537Z","updated_at":"2014-08-01T10:52:15.537Z"}]}},{"eptonic":{"vulnerabilities":[{"id":93974,"title":"Eptonic - Valums Uploader Shell Upload Exploit","url":"http://packetstormsecurity.com/files/119241/","created_at":"2014-08-01T10:52:15.591Z","updated_at":"2014-08-01T10:52:15.591Z"}]}},{"nuance":{"vulnerabilities":[{"id":93975,"title":"Nuance - Valums Uploader Shell Upload Exploit","url":"http://packetstormsecurity.com/files/119241/","created_at":"2014-08-01T10:52:15.643Z","updated_at":"2014-08-01T10:52:15.643Z"}]}},{"dejavu":{"vulnerabilities":[{"id":93976,"title":"DejaVu 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:52:15.697Z","updated_at":"2014-08-01T10:52:15.697Z","fixed_in":"2.5"},{"id":93977,"title":"DejaVu 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:52:15.760Z","updated_at":"2014-08-01T10:52:15.760Z","fixed_in":"2.5"}]}},{"elegance":{"vulnerabilities":[{"id":93978,"title":"Elegance - lib/scripts/dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Access","url":"http://packetstormsecurity.com/files/126989/","osvdb":"108100","created_at":"2014-08-01T10:52:15.833Z","updated_at":"2014-08-01T10:52:15.833Z"},{"id":93979,"title":"Elegance 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:52:15.890Z","updated_at":"2014-08-01T10:52:15.890Z","fixed_in":"2.5"},{"id":93980,"title":"Elegance 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:52:15.953Z","updated_at":"2014-08-01T10:52:15.953Z","fixed_in":"2.5"}]}},{"echelon":{"vulnerabilities":[{"id":93981,"title":"Echelon - media-upload.php Remote File Upload","url":"http://www.securityfocus.com/bid/67080,http://packetstormsecurity.com/files/126327/","osvdb":"106929","created_at":"2014-08-01T10:52:16.020Z","updated_at":"2014-08-01T10:52:16.020Z"},{"id":93982,"title":"Echelon 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:52:16.076Z","updated_at":"2014-08-01T10:52:16.076Z","fixed_in":"2.5"},{"id":93983,"title":"Echelon 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:52:16.140Z","updated_at":"2014-08-01T10:52:16.140Z","fixed_in":"2.5"}]}},{"modular":{"vulnerabilities":[{"id":93984,"title":"Modular 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:52:16.208Z","updated_at":"2014-08-01T10:52:16.208Z","fixed_in":"2.5"},{"id":93985,"title":"Modular 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:52:16.267Z","updated_at":"2014-08-01T10:52:16.267Z","fixed_in":"2.5"}]}},{"fusion":{"vulnerabilities":[{"id":93986,"title":"Fusion 2.1 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:52:16.342Z","updated_at":"2014-08-01T10:52:16.342Z","fixed_in":"2.2"},{"id":93987,"title":"Fusion 2.1 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:52:16.410Z","updated_at":"2014-08-01T10:52:16.410Z","fixed_in":"2.2"}]}},{"method":{"vulnerabilities":[{"id":93988,"title":"Method 2.1 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:52:16.476Z","updated_at":"2014-08-01T10:52:16.476Z","fixed_in":"2.5"},{"id":93989,"title":"Method 2.1 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:52:16.542Z","updated_at":"2014-08-01T10:52:16.542Z","fixed_in":"2.2"}]}},{"myriad":{"vulnerabilities":[{"id":93990,"title":"Myriad 2.0 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:52:16.608Z","updated_at":"2014-08-01T10:52:16.608Z","fixed_in":"2.5"},{"id":93991,"title":"Myriad 2.0 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:52:16.671Z","updated_at":"2014-08-01T10:52:16.671Z","fixed_in":"2.1"}]}},{"construct":{"vulnerabilities":[{"id":93992,"title":"Construct 1.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:52:16.737Z","updated_at":"2014-08-01T10:52:16.737Z","fixed_in":"2.5"},{"id":93993,"title":"Construct 1.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:52:16.798Z","updated_at":"2014-08-01T10:52:16.798Z","fixed_in":"1.5"}]}},{"awake":{"vulnerabilities":[{"id":93994,"title":"Awake 3.3 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:52:16.863Z","updated_at":"2014-08-01T10:52:16.863Z","fixed_in":"2.5"},{"id":93995,"title":"Awake 3.3 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:52:16.926Z","updated_at":"2014-08-01T10:52:16.926Z","fixed_in":"3.4"}]}},{"infocus":{"vulnerabilities":[{"id":93996,"title":"InFocus - lib/scripts/dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Access","url":"http://packetstormsecurity.com/files/126988/","osvdb":"108099","created_at":"2014-08-01T10:52:16.988Z","updated_at":"2014-08-01T10:52:16.988Z"},{"id":93997,"title":"InFocus - prettyPhoto Cross-Site Scripting Vulnerability","url":"http://packetstormsecurity.com/files/124960/","secunia":"56583","created_at":"2014-08-01T10:52:17.046Z","updated_at":"2014-08-01T10:52:17.046Z"},{"id":93998,"title":"InFocus 3.3 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion","url":"http://www.securityfocus.com/bid/64501","osvdb":"101330","exploitdb":"30443","created_at":"2014-08-01T10:52:17.103Z","updated_at":"2014-08-01T10:52:17.103Z","fixed_in":"3.4"},{"id":93999,"title":"InFocus 3.3 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download","url":"http://www.securityfocus.com/bid/64501","osvdb":"101331","secunia":"56359","exploitdb":"30443","created_at":"2014-08-01T10:52:17.159Z","updated_at":"2014-08-01T10:52:17.159Z","fixed_in":"3.4"}]}},{"elegant-grunge":{"vulnerabilities":[{"id":94000,"title":"Elegant Grunge 1.0.3 - s Parameter XSS","url":"http://www.securityfocus.com/bid/49869","osvdb":"75942","cve":"2011-3856","created_at":"2014-08-01T10:52:17.220Z","updated_at":"2014-08-01T10:52:17.220Z","fixed_in":"1.0.4"}]}},{"simplebalance":{"vulnerabilities":[{"id":94001,"title":"Simple Balance \u003c= 2.2.1 - index.php s Parameter XSS","url":"http://packetstormsecurity.com/files/106341/","osvdb":"76722","secunia":"46671","created_at":"2014-08-01T10:52:17.297Z","updated_at":"2014-08-01T10:52:17.297Z"}]}},{"codilight":{"vulnerabilities":[{"id":94002,"title":"Codilight Premium 1.0.0 - admin/front-end/options.php reset Parameter XSS","osvdb":"100791","created_at":"2014-08-01T10:52:17.354Z","updated_at":"2014-08-01T10:52:17.354Z"}]}},{"iloveit":{"vulnerabilities":[{"id":94003,"title":"Love It - XSS / Content Spoofing / Path Disclosure","url":"http://packetstormsecurity.com/files/122386/","created_at":"2014-08-01T10:52:17.404Z","updated_at":"2014-08-01T10:52:17.404Z"}]}},{"dandelion":{"vulnerabilities":[{"id":94004,"title":"Dandelion - Arbitry File Upload","url":"http://packetstormsecurity.com/files/125098/","osvdb":"99043","exploitdb":"31424","created_at":"2014-08-01T10:52:17.455Z","updated_at":"2014-08-01T10:52:17.455Z"}]}},{"kiddo":{"vulnerabilities":[{"id":94005,"title":"Kiddo - remote shell upload vulnerability","url":"http://packetstormsecurity.com/files/125138/","secunia":"56874","created_at":"2014-08-01T10:52:17.510Z","updated_at":"2014-08-01T10:52:17.510Z"}]}},{"thecotton_v114":{"vulnerabilities":[{"id":94006,"title":"The Cotton - Remote File Upload Vulnerability","url":"http://packetstormsecurity.com/files/125506/,http://www.securityfocus.com/bid/65958,http://seclists.org/bugtraq/2014/Mar/9","osvdb":"103911","created_at":"2014-08-01T10:52:17.567Z","updated_at":"2014-08-01T10:52:17.567Z"}]}},{"Realestate":{"vulnerabilities":[{"id":94007,"title":"Real Estate - Templatic Theme CSRF File Upload Vulnerability","url":"http://1337day.com/exploit/22091","created_at":"2014-08-01T10:52:17.618Z","updated_at":"2014-08-01T10:52:17.618Z"}]}},{"dailydeal":{"vulnerabilities":[{"id":94008,"title":"Dailydeal - Templatic Theme CSRF File Upload Vulnerability","url":"http://1337day.com/exploit/22091","created_at":"2014-08-01T10:52:17.670Z","updated_at":"2014-08-01T10:52:17.670Z"}]}},{"nightlife":{"vulnerabilities":[{"id":94009,"title":"Nightlife - Templatic Theme CSRF File Upload Vulnerability","url":"http://1337day.com/exploit/22091","created_at":"2014-08-01T10:52:17.725Z","updated_at":"2014-08-01T10:52:17.725Z"}]}},{"5star":{"vulnerabilities":[{"id":94010,"title":"5star - Templatic Theme CSRF File Upload Vulnerability","url":"http://1337day.com/exploit/22091","created_at":"2014-08-01T10:52:17.777Z","updated_at":"2014-08-01T10:52:17.777Z"}]}},{"specialist":{"vulnerabilities":[{"id":94011,"title":"Specialist - Templatic Theme CSRF File Upload Vulnerability","url":"http://1337day.com/exploit/22091","created_at":"2014-08-01T10:52:17.828Z","updated_at":"2014-08-01T10:52:17.828Z"}]}},{"flatshop":{"vulnerabilities":[{"id":94012,"title":"Flatshop - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:17.884Z","updated_at":"2014-08-01T10:52:17.884Z"}]}},{"magazine":{"vulnerabilities":[{"id":94013,"title":"Magazine - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:17.935Z","updated_at":"2014-08-01T10:52:17.935Z"}]}},{"parallax":{"vulnerabilities":[{"id":94014,"title":"Parallax - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:17.987Z","updated_at":"2014-08-01T10:52:17.987Z"}]}},{"bold":{"vulnerabilities":[{"id":94015,"title":"Bold - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.038Z","updated_at":"2014-08-01T10:52:18.038Z"}]}},{"metro":{"vulnerabilities":[{"id":94016,"title":"Metro - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.089Z","updated_at":"2014-08-01T10:52:18.089Z"}]}},{"pinshop":{"vulnerabilities":[{"id":94017,"title":"Pinshop - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.144Z","updated_at":"2014-08-01T10:52:18.144Z"}]}},{"agency":{"vulnerabilities":[{"id":94018,"title":"Agency - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.196Z","updated_at":"2014-08-01T10:52:18.196Z"}]}},{"slide":{"vulnerabilities":[{"id":94019,"title":"Slide - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.249Z","updated_at":"2014-08-01T10:52:18.249Z"}]}},{"postline":{"vulnerabilities":[{"id":94020,"title":"Postline - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.308Z","updated_at":"2014-08-01T10:52:18.308Z"}]}},{"fullscreen":{"vulnerabilities":[{"id":94021,"title":"Fulscreen - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.362Z","updated_at":"2014-08-01T10:52:18.362Z"}]}},{"shopo":{"vulnerabilities":[{"id":94022,"title":"Shopo - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.411Z","updated_at":"2014-08-01T10:52:18.411Z"}]}},{"minshop":{"vulnerabilities":[{"id":94023,"title":"Minshop - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.462Z","updated_at":"2014-08-01T10:52:18.462Z"}]}},{"notes":{"vulnerabilities":[{"id":94024,"title":"Notes - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.513Z","updated_at":"2014-08-01T10:52:18.513Z"}]}},{"shopdock":{"vulnerabilities":[{"id":94025,"title":"Shopdock - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.563Z","updated_at":"2014-08-01T10:52:18.563Z"}]}},{"phototouch":{"vulnerabilities":[{"id":94026,"title":"Phototouch - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.617Z","updated_at":"2014-08-01T10:52:18.617Z"}]}},{"basic":{"vulnerabilities":[{"id":94027,"title":"Basic - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.672Z","updated_at":"2014-08-01T10:52:18.672Z"}]}},{"responz":{"vulnerabilities":[{"id":94028,"title":"Responz - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.723Z","updated_at":"2014-08-01T10:52:18.723Z"}]}},{"simfo":{"vulnerabilities":[{"id":94029,"title":"Simfo - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.773Z","updated_at":"2014-08-01T10:52:18.773Z"}]}},{"grido":{"vulnerabilities":[{"id":94030,"title":"Grido - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.828Z","updated_at":"2014-08-01T10:52:18.828Z"}]}},{"tisa":{"vulnerabilities":[{"id":94031,"title":"Tisa - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.883Z","updated_at":"2014-08-01T10:52:18.883Z"}]}},{"funki":{"vulnerabilities":[{"id":94032,"title":"Funki - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.938Z","updated_at":"2014-08-01T10:52:18.938Z"}]}},{"minblr":{"vulnerabilities":[{"id":94033,"title":"Minblr - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:18.988Z","updated_at":"2014-08-01T10:52:18.988Z"}]}},{"newsy":{"vulnerabilities":[{"id":94034,"title":"Newsy - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:19.039Z","updated_at":"2014-08-01T10:52:19.039Z"}]}},{"wumblr":{"vulnerabilities":[{"id":94035,"title":"Wumblr - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:19.090Z","updated_at":"2014-08-01T10:52:19.090Z"}]}},{"rezo":{"vulnerabilities":[{"id":94036,"title":"Rezo - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:19.140Z","updated_at":"2014-08-01T10:52:19.140Z"}]}},{"photobox":{"vulnerabilities":[{"id":94037,"title":"Photobox - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:19.192Z","updated_at":"2014-08-01T10:52:19.192Z"}]}},{"edmin":{"vulnerabilities":[{"id":94038,"title":"Edmin - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:19.242Z","updated_at":"2014-08-01T10:52:19.242Z"}]}},{"koi":{"vulnerabilities":[{"id":94039,"title":"Koi - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:19.303Z","updated_at":"2014-08-01T10:52:19.303Z"}]}},{"bizco":{"vulnerabilities":[{"id":94040,"title":"Bizco - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:19.357Z","updated_at":"2014-08-01T10:52:19.357Z"}]}},{"thememin":{"vulnerabilities":[{"id":94041,"title":"Thememin - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:19.407Z","updated_at":"2014-08-01T10:52:19.407Z"}]}},{"wigi":{"vulnerabilities":[{"id":94042,"title":"Wigi - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:19.463Z","updated_at":"2014-08-01T10:52:19.463Z"}]}},{"sidepane":{"vulnerabilities":[{"id":94043,"title":"Sidepane - themify-ajax.php File Upload Arbitrary Code Execution","url":"http://packetstormsecurity.com/files/124097/,http://1337day.com/exploit/22090","osvdb":"100271","created_at":"2014-08-01T10:52:19.528Z","updated_at":"2014-08-01T10:52:19.528Z"}]}},{"Sixtees":{"vulnerabilities":[{"id":94044,"title":"Sixtees - Shell Upload","url":"http://packetstormsecurity.com/files/125491/","created_at":"2014-08-01T10:52:19.582Z","updated_at":"2014-08-01T10:52:19.582Z"}]}},{"linenity":{"vulnerabilities":[{"id":94045,"title":"LineNity 1.20 - download.php imgurl Parameter Remote Path Traversal File Access","osvdb":"105767","exploitdb":"32861","created_at":"2014-08-01T10:52:19.639Z","updated_at":"2014-08-01T10:52:19.639Z"}]}},{"SCv1":{"vulnerabilities":[{"id":94046,"title":"SCv1 - download.php file Parameter Traversal Remote File Access","url":"http://packetstormsecurity.com/files/127022/","osvdb":"107940","created_at":"2014-08-01T10:52:19.697Z","updated_at":"2014-08-01T10:52:19.697Z"}]}},{"magazine-basic":{"vulnerabilities":[{"id":94047,"title":"Magazine Basic - wp-content/themes/magazine-basic/view_artist.php id Parameter SQL Injection","url":"http://packetstormsecurity.com/files/118321/,http://www.securityfocus.com/bid/56664","osvdb":"87838","created_at":"2014-08-01T10:52:19.752Z","updated_at":"2014-08-01T10:52:19.752Z"}]}},{"newtheme":{"vulnerabilities":[{"id":94048,"title":"testing123","url":"http://www.example.com,http://www.example1.com,http://www.example2.com","created_at":"2014-08-01T11:57:51.771Z","updated_at":"2014-08-01T11:57:51.771Z"},{"id":94049,"title":"testing 123","created_at":"2014-08-01T11:58:16.803Z","updated_at":"2014-08-01T11:58:16.803Z"}]}},{"Centum":{"vulnerabilities":[{"id":94063,"title":"Mulitple WordPress Themes (admin-ajax.php, img param) - Arbitrary File Download","url":"http://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html","exploitdb":"34511","created_at":"2014-09-05T10:56:43.626Z","updated_at":"2014-09-05T10:56:43.626Z"}]}},{"Test":{"vulnerabilities":[{"id":94064,"title":"testing downcasing assets","url":"http://www.example.com","created_at":"2014-09-05T10:59:03.291Z","updated_at":"2014-09-05T10:59:03.291Z"}]}},{"Test1":{"vulnerabilities":[{"id":94065,"title":"testing downcasing assets","url":"http://www.example.com","created_at":"2014-09-05T11:01:21.915Z","updated_at":"2014-09-05T11:01:21.915Z"}]}},{"Test2":{"vulnerabilities":[{"id":94065,"title":"testing downcasing assets","url":"http://www.example.com","created_at":"2014-09-05T11:01:21.915Z","updated_at":"2014-09-05T11:01:21.915Z"}]}},{"Test3":{"vulnerabilities":[{"id":94066,"title":"testing downcase assets 123","url":"http://www.example.com","created_at":"2014-09-05T11:03:17.234Z","updated_at":"2014-09-05T11:03:17.234Z"}]}},{"Test4":{"vulnerabilities":[{"id":94066,"title":"testing downcase assets 123","url":"http://www.example.com","created_at":"2014-09-05T11:03:17.234Z","updated_at":"2014-09-05T11:03:17.234Z"}]}},{"Test5":{"vulnerabilities":[{"id":94067,"title":"testing downcasing assets 1234","url":"http://www.example.com","created_at":"2014-09-05T11:04:36.175Z","updated_at":"2014-09-05T11:04:36.175Z"}]}},{"Test6":{"vulnerabilities":[{"id":94067,"title":"testing downcasing assets 1234","url":"http://www.example.com","created_at":"2014-09-05T11:04:36.175Z","updated_at":"2014-09-05T11:04:36.175Z"}]}},{"upcvase":{"vulnerabilities":[{"id":94070,"title":"testing theme and plugin name downcasing","url":"http://www.example.com,http://www.example2.com","created_at":"2014-09-05T11:23:09.793Z","updated_at":"2014-09-08T13:51:59.461Z"}]}},{"uuiuiuij":{"vulnerabilities":[{"id":94070,"title":"testing theme and plugin name downcasing","url":"http://www.example.com,http://www.example2.com","created_at":"2014-09-05T11:23:09.793Z","updated_at":"2014-09-08T13:51:59.461Z"}]}}]
\ No newline at end of file
diff --git a/data/wp_vulns.json b/data/wp_vulns.json
index 8bf4c567..d34fe198 100644
--- a/data/wp_vulns.json
+++ b/data/wp_vulns.json
@@ -1 +1 @@
-[{"3.8.1":{"vulnerabilities":[{"id":5963,"title":"Administrator-exploitable blind SQLi in WordPress 1.0 - 3.8.1","url":"https://security.dxw.com/advisories/sqli-in-wordpress-3-6-1/","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z"},{"id":5964,"title":"Potential Authentication Cookie Forgery","url":"https://labs.mwrinfosecurity.com/blog/2014/04/11/wordpress-auth-cookie-forgery/,https://github.com/WordPress/WordPress/commit/78a915e0e5927cf413aa6c2cef2fca3dc587f8be","osvdb":"105620","cve":"2014-0166","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.8.2"},{"id":5965,"title":"Privilege escalation: contributors publishing posts","url":"https://github.com/wpscanteam/wpscan/wiki/CVE-2014-0165","osvdb":"105630","cve":"2014-0165","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.8.2"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.8.2"}]}},{"3.8":{"vulnerabilities":[{"id":5967,"title":"wp-admin/options-writing.php Cleartext Admin Credentials Disclosure","url":"http://seclists.org/fulldisclosure/2013/Dec/135","osvdb":"101101","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z"}]}},{"3.7.1":{"vulnerabilities":[{"id":5964,"title":"Potential Authentication Cookie Forgery","url":"https://labs.mwrinfosecurity.com/blog/2014/04/11/wordpress-auth-cookie-forgery/,https://github.com/WordPress/WordPress/commit/78a915e0e5927cf413aa6c2cef2fca3dc587f8be","osvdb":"105620","cve":"2014-0166","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.7.2"},{"id":5965,"title":"Privilege escalation: contributors publishing posts","url":"https://github.com/wpscanteam/wpscan/wiki/CVE-2014-0165","osvdb":"105630","cve":"2014-0165","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.7.2"},{"id":5967,"title":"wp-admin/options-writing.php Cleartext Admin Credentials Disclosure","url":"http://seclists.org/fulldisclosure/2013/Dec/135","osvdb":"101101","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.7.2"}]}},{"3.6":{"vulnerabilities":[{"id":5968,"title":"PHP Object Injection","url":"http://vagosec.org/2013/09/wordpress-php-object-injection/,http://www.openwall.com/lists/oss-security/2013/09/12/1,http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4340,http://core.trac.wordpress.org/changeset/25325","osvdb":"97211","cve":"2013-4338","secunia":"54803","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5969,"title":"wp-includes/functions.php get_allowed_mime_types Function SWF / EXE File Upload XSS Weakness","url":"http://core.trac.wordpress.org/changeset/25322","osvdb":"97210","cve":"2013-5739","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5971,"title":"wp-admin/includes/post.php user_ID Parameter Manipulation Post Authorship Spoofing","url":"http://core.trac.wordpress.org/changeset/25321","osvdb":"97213","cve":"2013-4340","secunia":"54803","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5972,"title":"wp-includes/functions.php get_allowed_mime_types Function HTML File Upload XSS Weakness","url":"http://core.trac.wordpress.org/changeset/25322","osvdb":"97214","cve":"2013-5738","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5973,"title":"Multiple Function Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Nov/220","osvdb":"100487","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z"},{"id":5974,"title":"Multiple Script Arbitrary Site Redirect","url":"http://seclists.org/fulldisclosure/2013/Dec/174","osvdb":"101181","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5975,"title":"wp-admin/edit-tags.php _wp_http_referer Parameter Reflected XSS","url":"http://seclists.org/fulldisclosure/2013/Dec/174","osvdb":"101182","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.6.1"}]}},{"3.5.2":{"vulnerabilities":[{"id":5976,"title":"Media Library Multiple Function Path Disclosure","url":"http://websecurity.com.ua/6795/","osvdb":"100484","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5977,"title":"SWFUpload Content Spoofing","url":"http://bot24.blogspot.ca/2013/04/swfupload-object-injectioncsrf.html,https://github.com/wpscanteam/wpscan/issues/243","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.5.1":{"vulnerabilities":[{"id":5978,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5979,"title":"WordPress 3.4-3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5980,"title":"WordPress Multiple XSS","osvdb":"94791,94785,94786,94790","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5981,"title":"WordPress TinyMCE Plugin Flash Applet Unspecified Spoofing Weakness","osvdb":"94787","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5982,"title":"WordPress File Upload Unspecified Path Disclosure","osvdb":"94788","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5983,"title":"WordPress 3.5-3.5.1 oEmbed Unspecified XML External Entity (XXE) Arbitrary File Disclosure","osvdb":"94789","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5984,"title":"WordPress 3.5-3.5.1 Multiple Role Remote Privilege Escalation","osvdb":"94783","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5985,"title":"WordPress 3.5-3.5.1 HTTP API Unspecified Server Side Request Forgery (SSRF)","osvdb":"94784","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.5":{"vulnerabilities":[{"id":5978,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5986,"title":"WordPress 3.4 - 3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5990,"title":"Shortcodes / Post Content Multiple Unspecified XSS","url":"http://www.securityfocus.com/bid/57554,http://securitytracker.com/id?1028045","osvdb":"89576","cve":"2013-0236","secunia":"51967","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.4.2":{"vulnerabilities":[{"id":5978,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5986,"title":"WordPress 3.4 - 3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5991,"title":"WordPress 3.4.2 Cross Site Request Forgery","url":"http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.4.1":{"vulnerabilities":[{"id":5978,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5986,"title":"WordPress 3.4 - 3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.4":{"vulnerabilities":[{"id":5978,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5986,"title":"WordPress 3.4 - 3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.4-beta4":{"vulnerabilities":[{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5992,"title":"Wordpress 3.3.1 Multiple CSRF Vulnerabilities","exploitdb":"18791","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.3.3":{"vulnerabilities":[{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.3.2":{"vulnerabilities":[{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5992,"title":"Wordpress 3.3.1 Multiple CSRF Vulnerabilities","exploitdb":"18791","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5993,"title":"WordPress 3.3.2 Cross Site Scripting","url":"http://packetstormsecurity.org/files/113254","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.3.1":{"vulnerabilities":[{"id":5997,"title":"Multiple vulnerabilities including XSS and Privilege Escalation","url":"http://wordpress.org/news/2012/04/wordpress-3-3-2/","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5998,"title":"Wordpress 3.3.1 - Multiple CSRF Vulnerabilities","exploitdb":"18791","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.3":{"vulnerabilities":[{"id":6000,"title":"Reflected Cross-Site Scripting in WordPress 3.3","url":"http://oldmanlab.blogspot.com/2012/01/wordpress-33-xss-vulnerability.html","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.2.1":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.2":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.1.4":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.1.3":{"vulnerabilities":[{"id":6001,"title":"wp-admin/link-manager.php Multiple Parameter SQL Injection","osvdb":"73723","secunia":"45099","exploitdb":"17465","created_at":"2014-08-01T10:58:22.000Z","updated_at":"2014-08-01T10:58:22.000Z","fixed_in":"3.1.4"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.1.2":{"vulnerabilities":[{"id":6002,"title":"Wordpress \u003c= 3.1.2 Clickjacking Vulnerability","url":"http://seclists.org/fulldisclosure/2011/Sep/219,http://www.securityfocus.com/bid/49730","created_at":"2014-08-01T10:58:22.000Z","updated_at":"2014-08-01T10:58:22.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.1.1":{"vulnerabilities":[{"id":6003,"title":"WordPress wp-includes/formatting.php make_clickable() PCRE Library Remote DoS","osvdb":"72142","created_at":"2014-08-01T10:58:22.000Z","updated_at":"2014-08-01T10:58:22.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.1":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0.6":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0.5":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6004,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z","fixed_in":"3.0.6"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0.4":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6004,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z","fixed_in":"3.0.6"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0.3":{"vulnerabilities":[{"id":6005,"title":"SQL injection vulnerability in do_trackbacks() Wordpress function","exploitdb":"15684","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z"},{"id":6006,"title":"Wordpress 3.0.3 stored XSS IE7,6 NS8.1","exploitdb":"15858","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6004,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z","fixed_in":"3.0.6"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0.2":{"vulnerabilities":[{"id":6007,"title":"WordPress XML-RPC Interface Access Restriction Bypass","osvdb":"69761","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6004,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z","fixed_in":"3.0.6"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0.1":{"vulnerabilities":[{"id":6008,"title":"WordPress: Information Disclosure via SQL Injection Attack","url":"http://blog.sjinks.pro/wordpress/858-information-disclosure-via-sql-injection-attack/","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6004,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z","fixed_in":"3.0.6"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6004,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z","fixed_in":"3.0.6"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.1"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"2.9.2":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.9.1":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.9":{"vulnerabilities":[{"id":6014,"title":"WordPress 2.9 Failure to Restrict URL Access","exploitdb":"11441","created_at":"2014-08-01T10:58:25.000Z","updated_at":"2014-08-01T10:58:25.000Z"},{"id":6015,"title":"Wordpress DOS \u003c= 2.9","exploitdb":"11441","created_at":"2014-08-01T10:58:25.000Z","updated_at":"2014-08-01T10:58:25.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8.6":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8.5":{"vulnerabilities":[{"id":6016,"title":"WordPress \u003c= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution","exploitdb":"10089","created_at":"2014-08-01T10:58:25.000Z","updated_at":"2014-08-01T10:58:25.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8.4":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8.3":{"vulnerabilities":[{"id":6017,"title":"Wordpress \u003c= 2.8.3 Remote Admin Reset Password Vulnerability","exploitdb":"9410","created_at":"2014-08-01T10:58:25.000Z","updated_at":"2014-08-01T10:58:25.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8.2":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8.1":{"vulnerabilities":[{"id":6018,"title":"Wordpress 2.8.1 (url) Remote Cross Site Scripting Exploit","exploitdb":"9250","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.7.1":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.7":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.6.5":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.6.4":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.6.3":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.6.2":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.6.1":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6020,"title":"Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit","exploitdb":"6421","created_at":"2014-08-01T10:58:27.000Z","updated_at":"2014-08-01T10:58:27.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.6":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.5.1":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.5":{"vulnerabilities":[{"id":6021,"title":"Wordpress 2.5 Cookie Integrity Protection Vulnerability","url":"http://www.securityfocus.com/archive/1/archive/1/491356/100/0/threaded","cve":"2008-1930","created_at":"2014-08-01T10:58:28.000Z","updated_at":"2014-08-01T10:58:28.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.3.3":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.3.2":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.3.1":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6022,"title":"Wordpress \u003c= 2.3.1 Charset Remote SQL Injection Vulnerability","exploitdb":"4721","created_at":"2014-08-01T10:58:29.000Z","updated_at":"2014-08-01T10:58:29.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.3":{"vulnerabilities":[{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.2.3":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.2.2":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.2.1":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.2":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6023,"title":"WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit","exploitdb":"4113","created_at":"2014-08-01T10:58:30.000Z","updated_at":"2014-08-01T10:58:30.000Z"},{"id":6024,"title":"Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit","exploitdb":"4039","created_at":"2014-08-01T10:58:30.000Z","updated_at":"2014-08-01T10:58:30.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.1.3":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6025,"title":"Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit","exploitdb":"3960","created_at":"2014-08-01T10:58:30.000Z","updated_at":"2014-08-01T10:58:30.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.1.2":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6026,"title":"WordPress \"year\" Cross-Site Scripting Vulnerability","url":"http://www.securityfocus.com/archive/1/archive/1/462374/100/0/threaded","secunia":"24485","created_at":"2014-08-01T10:58:30.000Z","updated_at":"2014-08-01T10:58:30.000Z"},{"id":6027,"title":"Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit","exploitdb":"3656","created_at":"2014-08-01T10:58:30.000Z","updated_at":"2014-08-01T10:58:30.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.1.1":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6028,"title":"WordPress Command Execution and PHP Injection","url":"http://www.securityfocus.com/bid/22797,http://xforce.iss.net/xforce/xfdb/32807","cve":"2007-1277","secunia":"24374","created_at":"2014-08-01T10:58:31.000Z","updated_at":"2014-08-01T10:58:31.000Z","fixed_in":"2.1.2"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.1":{"vulnerabilities":[{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.11":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.10":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.9":{"vulnerabilities":[{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.8":{"vulnerabilities":[{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.7":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.6":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6029,"title":"Wordpress \u003c= 2.0.6 wp-trackback.php Remote SQL Injection Exploit","exploitdb":"3109","created_at":"2014-08-01T10:58:32.000Z","updated_at":"2014-08-01T10:58:32.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.5":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6030,"title":"Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit","exploitdb":"3095","created_at":"2014-08-01T10:58:32.000Z","updated_at":"2014-08-01T10:58:32.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.4":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6031,"title":"WordPress 2.0.2 - 2.0.4 Paged Parameter SQL Injection Vulnerability","url":"http://www.securityfocus.com/bid/18779","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.3":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6031,"title":"WordPress 2.0.2 - 2.0.4 Paged Parameter SQL Injection Vulnerability","url":"http://www.securityfocus.com/bid/18779","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.2":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6032,"title":"WordPress \u003c= 2.0.2 (cache) Remote Shell Injection Exploit","exploitdb":"6","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6031,"title":"WordPress 2.0.2 - 2.0.4 Paged Parameter SQL Injection Vulnerability","url":"http://www.securityfocus.com/bid/18779","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.1":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"1.5.2":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"}]}},{"1.5.1.3":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":6034,"title":"Wordpress \u003c= 1.5.1.3 Remote Code Execution eXploit (metasploit)","exploitdb":"1145","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"}]}},{"1.5.1.2":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":6035,"title":"Wordpress \u003c= 1.5.1.2 xmlrpc Interface SQL Injection Exploit","osvdb":"17636,17637,17638,17639,17640,17641","cve":"2005-2108","secunia":"15831,15898","exploitdb":"1077","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z","fixed_in":"1.5.1.3"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"}]}},{"1.5.1.1":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":6036,"title":"WordPress \u003c= 1.5.1.1 \"add new admin\" SQL Injection Exploit","exploitdb":"1059","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z"},{"id":6037,"title":"WordPress \u003c= 1.5.1.1 SQL Injection Exploit","exploitdb":"1033","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"}]}},{"1.5.1":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"}]}},{"1.5":{"vulnerabilities":[{"id":6038,"title":"WordPress wp-trackback.php tb_id Parameter SQL Injection","osvdb":"16701,16702,16703","cve":"2005-1687","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z","fixed_in":"1.5.1"},{"id":6039,"title":"WordPress post.php p Parameter XSS","osvdb":"16702,16701,16703","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z","fixed_in":"1.5.1"},{"id":6040,"title":"WordPress Multiple Script Direct Request Path Disclosure","osvdb":"16703,16701,16702","cve":"2005-1688","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z","fixed_in":"1.5.1"},{"id":6041,"title":"WordPress Cross-Site Scripting and SQL Injection Vulnerabilities","osvdb":"16478","secunia":"15324","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z","fixed_in":"1.5.1"},{"id":6042,"title":"WordPress template-functions-post.php Multiple Field XSS","osvdb":"15643","cve":"2005-1102","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z"}]}}]
\ No newline at end of file
+[{"3.8.1":{"vulnerabilities":[{"id":92489,"title":"Administrator-exploitable blind SQLi in WordPress 1.0 - 3.8.1","url":"https://security.dxw.com/advisories/sqli-in-wordpress-3-6-1/","created_at":"2014-08-01T10:49:55.382Z","updated_at":"2014-08-01T10:49:55.382Z"},{"id":92490,"title":"Potential Authentication Cookie Forgery","url":"https://labs.mwrinfosecurity.com/blog/2014/04/11/wordpress-auth-cookie-forgery/,https://github.com/WordPress/WordPress/commit/78a915e0e5927cf413aa6c2cef2fca3dc587f8be","osvdb":"105620","cve":"2014-0166","created_at":"2014-08-01T10:49:55.457Z","updated_at":"2014-08-01T10:49:55.457Z","fixed_in":"3.8.2"},{"id":92491,"title":"Privilege escalation: contributors publishing posts","url":"https://github.com/wpscanteam/wpscan/wiki/CVE-2014-0165","osvdb":"105630","cve":"2014-0165","created_at":"2014-08-01T10:49:55.529Z","updated_at":"2014-08-01T10:49:55.529Z","fixed_in":"3.8.2"},{"id":92492,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:49:55.588Z","updated_at":"2014-08-01T10:49:55.588Z","fixed_in":"3.8.2"}]}},{"3.8":{"vulnerabilities":[{"id":92493,"title":"wp-admin/options-writing.php Cleartext Admin Credentials Disclosure","url":"http://seclists.org/fulldisclosure/2013/Dec/135","osvdb":"101101","created_at":"2014-08-01T10:49:55.646Z","updated_at":"2014-08-01T10:49:55.646Z"}]}},{"3.7.1":{"vulnerabilities":[{"id":92490,"title":"Potential Authentication Cookie Forgery","url":"https://labs.mwrinfosecurity.com/blog/2014/04/11/wordpress-auth-cookie-forgery/,https://github.com/WordPress/WordPress/commit/78a915e0e5927cf413aa6c2cef2fca3dc587f8be","osvdb":"105620","cve":"2014-0166","created_at":"2014-08-01T10:49:55.457Z","updated_at":"2014-08-01T10:49:55.457Z","fixed_in":"3.7.2"},{"id":92491,"title":"Privilege escalation: contributors publishing posts","url":"https://github.com/wpscanteam/wpscan/wiki/CVE-2014-0165","osvdb":"105630","cve":"2014-0165","created_at":"2014-08-01T10:49:55.529Z","updated_at":"2014-08-01T10:49:55.529Z","fixed_in":"3.7.2"},{"id":92493,"title":"wp-admin/options-writing.php Cleartext Admin Credentials Disclosure","url":"http://seclists.org/fulldisclosure/2013/Dec/135","osvdb":"101101","created_at":"2014-08-01T10:49:55.646Z","updated_at":"2014-08-01T10:49:55.646Z"},{"id":92492,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:49:55.588Z","updated_at":"2014-08-01T10:49:55.588Z","fixed_in":"3.7.2"}]}},{"3.6":{"vulnerabilities":[{"id":92494,"title":"PHP Object Injection","url":"http://vagosec.org/2013/09/wordpress-php-object-injection/,http://www.openwall.com/lists/oss-security/2013/09/12/1,http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4340,http://core.trac.wordpress.org/changeset/25325","osvdb":"97211","cve":"2013-4338","secunia":"54803","created_at":"2014-08-01T10:49:55.999Z","updated_at":"2014-08-01T10:49:55.999Z","fixed_in":"3.6.1"},{"id":92495,"title":"wp-includes/functions.php get_allowed_mime_types Function SWF / EXE File Upload XSS Weakness","url":"http://core.trac.wordpress.org/changeset/25322","osvdb":"97210","cve":"2013-5739","created_at":"2014-08-01T10:49:56.071Z","updated_at":"2014-08-01T10:49:56.071Z","fixed_in":"3.6.1"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"},{"id":92497,"title":"wp-admin/includes/post.php user_ID Parameter Manipulation Post Authorship Spoofing","url":"http://core.trac.wordpress.org/changeset/25321","osvdb":"97213","cve":"2013-4340","secunia":"54803","created_at":"2014-08-01T10:49:56.199Z","updated_at":"2014-08-01T10:49:56.199Z","fixed_in":"3.6.1"},{"id":92498,"title":"wp-includes/functions.php get_allowed_mime_types Function HTML File Upload XSS Weakness","url":"http://core.trac.wordpress.org/changeset/25322","osvdb":"97214","cve":"2013-5738","created_at":"2014-08-01T10:49:56.256Z","updated_at":"2014-08-01T10:49:56.256Z","fixed_in":"3.6.1"},{"id":92499,"title":"Multiple Function Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Nov/220","osvdb":"100487","created_at":"2014-08-01T10:49:56.321Z","updated_at":"2014-08-01T10:49:56.321Z"},{"id":92500,"title":"Multiple Script Arbitrary Site Redirect","url":"http://seclists.org/fulldisclosure/2013/Dec/174","osvdb":"101181","created_at":"2014-08-01T10:49:56.375Z","updated_at":"2014-08-01T10:49:56.375Z","fixed_in":"3.6.1"},{"id":92501,"title":"wp-admin/edit-tags.php _wp_http_referer Parameter Reflected XSS","url":"http://seclists.org/fulldisclosure/2013/Dec/174","osvdb":"101182","created_at":"2014-08-01T10:49:56.434Z","updated_at":"2014-08-01T10:49:56.434Z","fixed_in":"3.6.1"}]}},{"3.5.2":{"vulnerabilities":[{"id":92502,"title":"Media Library Multiple Function Path Disclosure","url":"http://websecurity.com.ua/6795/","osvdb":"100484","created_at":"2014-08-01T10:49:56.497Z","updated_at":"2014-08-01T10:49:56.497Z"},{"id":92503,"title":"SWFUpload Content Spoofing","url":"http://bot24.blogspot.ca/2013/04/swfupload-object-injectioncsrf.html,https://github.com/wpscanteam/wpscan/issues/243","created_at":"2014-08-01T10:49:56.549Z","updated_at":"2014-08-01T10:49:56.549Z"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.5.1":{"vulnerabilities":[{"id":92504,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:49:56.671Z","updated_at":"2014-08-01T10:49:56.671Z","fixed_in":"3.5.2"},{"id":92505,"title":"WordPress 3.4-3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:49:56.733Z","updated_at":"2014-08-01T10:49:56.733Z","fixed_in":"3.5.2"},{"id":92506,"title":"WordPress Multiple XSS","osvdb":"94791,94785,94786,94790","created_at":"2014-08-01T10:49:56.795Z","updated_at":"2014-08-01T10:49:56.795Z","fixed_in":"3.5.2"},{"id":92507,"title":"WordPress TinyMCE Plugin Flash Applet Unspecified Spoofing Weakness","osvdb":"94787","created_at":"2014-08-01T10:49:56.865Z","updated_at":"2014-08-01T10:49:56.865Z","fixed_in":"3.5.2"},{"id":92508,"title":"WordPress File Upload Unspecified Path Disclosure","osvdb":"94788","created_at":"2014-08-01T10:49:56.946Z","updated_at":"2014-08-01T10:49:56.946Z","fixed_in":"3.5.2"},{"id":92509,"title":"WordPress 3.5-3.5.1 oEmbed Unspecified XML External Entity (XXE) Arbitrary File Disclosure","osvdb":"94789","created_at":"2014-08-01T10:49:57.090Z","updated_at":"2014-08-01T10:49:57.090Z","fixed_in":"3.5.2"},{"id":92510,"title":"WordPress 3.5-3.5.1 Multiple Role Remote Privilege Escalation","osvdb":"94783","created_at":"2014-08-01T10:49:57.166Z","updated_at":"2014-08-01T10:49:57.166Z","fixed_in":"3.5.2"},{"id":92511,"title":"WordPress 3.5-3.5.1 HTTP API Unspecified Server Side Request Forgery (SSRF)","osvdb":"94784","created_at":"2014-08-01T10:49:57.247Z","updated_at":"2014-08-01T10:49:57.247Z","fixed_in":"3.5.2"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.5":{"vulnerabilities":[{"id":92504,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:49:56.671Z","updated_at":"2014-08-01T10:49:56.671Z","fixed_in":"3.5.2"},{"id":92512,"title":"WordPress 3.4 - 3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:49:57.530Z","updated_at":"2014-08-01T10:49:57.530Z","fixed_in":"3.5.2"},{"id":92513,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:49:57.599Z","updated_at":"2014-08-01T10:49:57.599Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"},{"id":92516,"title":"Shortcodes / Post Content Multiple Unspecified XSS","url":"http://www.securityfocus.com/bid/57554,http://securitytracker.com/id?1028045","osvdb":"89576","cve":"2013-0236","secunia":"51967","created_at":"2014-08-01T10:49:57.838Z","updated_at":"2014-08-01T10:49:57.838Z","fixed_in":"3.5.1"},{"id":92492,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:49:55.588Z","updated_at":"2014-08-01T10:49:55.588Z","fixed_in":"3.5.1"}]}},{"3.4.2":{"vulnerabilities":[{"id":92504,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:49:56.671Z","updated_at":"2014-08-01T10:49:56.671Z","fixed_in":"3.5.2"},{"id":92512,"title":"WordPress 3.4 - 3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:49:57.530Z","updated_at":"2014-08-01T10:49:57.530Z","fixed_in":"3.5.2"},{"id":92513,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:49:57.599Z","updated_at":"2014-08-01T10:49:57.599Z"},{"id":92517,"title":"WordPress 3.4.2 Cross Site Request Forgery","url":"http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.html","created_at":"2014-08-01T10:49:58.194Z","updated_at":"2014-08-01T10:49:58.194Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"},{"id":92492,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:49:55.588Z","updated_at":"2014-08-01T10:49:55.588Z","fixed_in":"3.5.1"}]}},{"3.4.1":{"vulnerabilities":[{"id":92504,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:49:56.671Z","updated_at":"2014-08-01T10:49:56.671Z","fixed_in":"3.5.2"},{"id":92512,"title":"WordPress 3.4 - 3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:49:57.530Z","updated_at":"2014-08-01T10:49:57.530Z","fixed_in":"3.5.2"},{"id":92513,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:49:57.599Z","updated_at":"2014-08-01T10:49:57.599Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"},{"id":92492,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:49:55.588Z","updated_at":"2014-08-01T10:49:55.588Z","fixed_in":"3.5.1"}]}},{"3.4":{"vulnerabilities":[{"id":92504,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:49:56.671Z","updated_at":"2014-08-01T10:49:56.671Z","fixed_in":"3.5.2"},{"id":92512,"title":"WordPress 3.4 - 3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:49:57.530Z","updated_at":"2014-08-01T10:49:57.530Z","fixed_in":"3.5.2"},{"id":92513,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:49:57.599Z","updated_at":"2014-08-01T10:49:57.599Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"},{"id":92492,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:49:55.588Z","updated_at":"2014-08-01T10:49:55.588Z","fixed_in":"3.5.1"}]}},{"3.4-beta4":{"vulnerabilities":[{"id":92513,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:49:57.599Z","updated_at":"2014-08-01T10:49:57.599Z"},{"id":92518,"title":"Wordpress 3.3.1 Multiple CSRF Vulnerabilities","exploitdb":"18791","created_at":"2014-08-01T10:49:59.704Z","updated_at":"2014-08-01T10:49:59.704Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"},{"id":92492,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:49:55.588Z","updated_at":"2014-08-01T10:49:55.588Z","fixed_in":"3.5.1"}]}},{"3.3.3":{"vulnerabilities":[{"id":92513,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:49:57.599Z","updated_at":"2014-08-01T10:49:57.599Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"},{"id":92492,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:49:55.588Z","updated_at":"2014-08-01T10:49:55.588Z","fixed_in":"3.5.1"},{"id":92569,"title":"Theme My Login 6.3.9 - Local File Inclusion","url":"http://packetstormsecurity.com/files/127302/,http://seclists.org/fulldisclosure/2014/Jun/172,http://www.securityfocus.com/bid/68254,https://security.dxw.com/advisories/lfi-in-theme-my-login/","osvdb":"108517","created_at":"2014-08-01T10:50:39.792Z","updated_at":"2014-09-09T09:02:27.460Z"}]}},{"3.3.2":{"vulnerabilities":[{"id":92513,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:49:57.599Z","updated_at":"2014-08-01T10:49:57.599Z"},{"id":92518,"title":"Wordpress 3.3.1 Multiple CSRF Vulnerabilities","exploitdb":"18791","created_at":"2014-08-01T10:49:59.704Z","updated_at":"2014-08-01T10:49:59.704Z"},{"id":92519,"title":"WordPress 3.3.2 Cross Site Scripting","url":"http://packetstormsecurity.org/files/113254","created_at":"2014-08-01T10:50:00.571Z","updated_at":"2014-08-01T10:50:00.571Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"},{"id":92492,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:49:55.588Z","updated_at":"2014-08-01T10:49:55.588Z","fixed_in":"3.5.1"}]}},{"3.3.1":{"vulnerabilities":[{"id":92523,"title":"Multiple vulnerabilities including XSS and Privilege Escalation","url":"http://wordpress.org/news/2012/04/wordpress-3-3-2/","created_at":"2014-08-01T10:50:01.103Z","updated_at":"2014-08-01T10:50:01.103Z"},{"id":92524,"title":"Wordpress 3.3.1 - Multiple CSRF Vulnerabilities","exploitdb":"18791","created_at":"2014-08-01T10:50:01.159Z","updated_at":"2014-08-01T10:50:01.159Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.3":{"vulnerabilities":[{"id":92526,"title":"Reflected Cross-Site Scripting in WordPress 3.3","url":"http://oldmanlab.blogspot.com/2012/01/wordpress-33-xss-vulnerability.html","created_at":"2014-08-01T10:50:01.733Z","updated_at":"2014-08-01T10:50:01.733Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.2.1":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.2":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.1.4":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.1.3":{"vulnerabilities":[{"id":92527,"title":"wp-admin/link-manager.php Multiple Parameter SQL Injection","osvdb":"73723","secunia":"45099","exploitdb":"17465","created_at":"2014-08-01T10:50:03.848Z","updated_at":"2014-08-01T10:50:03.848Z","fixed_in":"3.1.4"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.1.2":{"vulnerabilities":[{"id":92528,"title":"Wordpress \u003c= 3.1.2 Clickjacking Vulnerability","url":"http://seclists.org/fulldisclosure/2011/Sep/219,http://www.securityfocus.com/bid/49730","created_at":"2014-08-01T10:50:04.408Z","updated_at":"2014-08-01T10:50:04.408Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.1.1":{"vulnerabilities":[{"id":92529,"title":"WordPress wp-includes/formatting.php make_clickable() PCRE Library Remote DoS","osvdb":"72142","created_at":"2014-08-01T10:50:04.943Z","updated_at":"2014-08-01T10:50:04.943Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.1":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.0.6":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.0.5":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92530,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:50:06.719Z","updated_at":"2014-08-01T10:50:06.719Z","fixed_in":"3.0.6"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.0.4":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92530,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:50:06.719Z","updated_at":"2014-08-01T10:50:06.719Z","fixed_in":"3.0.6"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.0.3":{"vulnerabilities":[{"id":92531,"title":"SQL injection vulnerability in do_trackbacks() Wordpress function","exploitdb":"15684","created_at":"2014-08-01T10:50:07.680Z","updated_at":"2014-08-01T10:50:07.680Z"},{"id":92532,"title":"Wordpress 3.0.3 stored XSS IE7,6 NS8.1","exploitdb":"15858","created_at":"2014-08-01T10:50:07.740Z","updated_at":"2014-08-01T10:50:07.740Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92530,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:50:06.719Z","updated_at":"2014-08-01T10:50:06.719Z","fixed_in":"3.0.6"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.0.2":{"vulnerabilities":[{"id":92533,"title":"WordPress XML-RPC Interface Access Restriction Bypass","osvdb":"69761","created_at":"2014-08-01T10:50:08.347Z","updated_at":"2014-08-01T10:50:08.347Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92530,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:50:06.719Z","updated_at":"2014-08-01T10:50:06.719Z","fixed_in":"3.0.6"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.0.1":{"vulnerabilities":[{"id":92534,"title":"WordPress: Information Disclosure via SQL Injection Attack","url":"http://blog.sjinks.pro/wordpress/858-information-disclosure-via-sql-injection-attack/","created_at":"2014-08-01T10:50:09.017Z","updated_at":"2014-08-01T10:50:09.017Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92530,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:50:06.719Z","updated_at":"2014-08-01T10:50:06.719Z","fixed_in":"3.0.6"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"}]}},{"3.0":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92530,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:50:06.719Z","updated_at":"2014-08-01T10:50:06.719Z","fixed_in":"3.0.6"},{"id":92520,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:50:00.759Z","updated_at":"2014-08-01T10:50:00.759Z","fixed_in":"3.3.3"},{"id":92521,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:50:00.829Z","updated_at":"2014-08-01T10:50:00.829Z","fixed_in":"3.3.3"},{"id":92522,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:50:00.896Z","updated_at":"2014-08-01T10:50:00.896Z","fixed_in":"3.3.3"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0.1"},{"id":92496,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:49:56.135Z","updated_at":"2014-08-01T10:49:56.135Z","fixed_in":"3.6.1"},{"id":94053,"title":"testing","created_at":"2014-09-04T07:40:43.618Z","updated_at":"2014-09-04T07:40:43.618Z"},{"id":94060,"title":"before_save :ensure_has_an_asset","created_at":"2014-09-04T10:23:40.479Z","updated_at":"2014-09-04T10:29:41.654Z"},{"id":94061,"title":"ensure has an asset 1","url":"http://www.example.com","created_at":"2014-09-04T10:30:43.530Z","updated_at":"2014-09-04T10:30:43.530Z"},{"id":94062,"title":"testing ","url":"http://www.example.com","created_at":"2014-09-05T09:28:40.038Z","updated_at":"2014-09-05T09:28:40.038Z"},{"id":92569,"title":"Theme My Login 6.3.9 - Local File Inclusion","url":"http://packetstormsecurity.com/files/127302/,http://seclists.org/fulldisclosure/2014/Jun/172,http://www.securityfocus.com/bid/68254,https://security.dxw.com/advisories/lfi-in-theme-my-login/","osvdb":"108517","created_at":"2014-08-01T10:50:39.792Z","updated_at":"2014-09-09T09:02:27.460Z"}]}},{"2.9.2":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.9.1":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.9":{"vulnerabilities":[{"id":92540,"title":"WordPress 2.9 Failure to Restrict URL Access","exploitdb":"11441","created_at":"2014-08-01T10:50:12.326Z","updated_at":"2014-08-01T10:50:12.326Z"},{"id":92541,"title":"Wordpress DOS \u003c= 2.9","exploitdb":"11441","created_at":"2014-08-01T10:50:12.387Z","updated_at":"2014-08-01T10:50:12.387Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.8.6":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.8.5":{"vulnerabilities":[{"id":92542,"title":"WordPress \u003c= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution","exploitdb":"10089","created_at":"2014-08-01T10:50:13.705Z","updated_at":"2014-08-01T10:50:13.705Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.8.4":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.8.3":{"vulnerabilities":[{"id":92543,"title":"Wordpress \u003c= 2.8.3 Remote Admin Reset Password Vulnerability","exploitdb":"9410","created_at":"2014-08-01T10:50:14.981Z","updated_at":"2014-08-01T10:50:14.981Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.8.2":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.8.1":{"vulnerabilities":[{"id":92544,"title":"Wordpress 2.8.1 (url) Remote Cross Site Scripting Exploit","exploitdb":"9250","created_at":"2014-08-01T10:50:16.187Z","updated_at":"2014-08-01T10:50:16.187Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.8":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.7.1":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.7":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.6.5":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.6.4":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.6.3":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.6.2":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.6.1":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92546,"title":"Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit","exploitdb":"6421","created_at":"2014-08-01T10:50:21.009Z","updated_at":"2014-08-01T10:50:21.009Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.6":{"vulnerabilities":[{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.5.1":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.5":{"vulnerabilities":[{"id":92547,"title":"Wordpress 2.5 Cookie Integrity Protection Vulnerability","url":"http://www.securityfocus.com/archive/1/archive/1/491356/100/0/threaded","cve":"2008-1930","created_at":"2014-08-01T10:50:22.945Z","updated_at":"2014-08-01T10:50:22.945Z"},{"id":92525,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:50:01.218Z","updated_at":"2014-08-01T10:50:01.218Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.3.3":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.3.2":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.3.1":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92548,"title":"Wordpress \u003c= 2.3.1 Charset Remote SQL Injection Vulnerability","exploitdb":"4721","created_at":"2014-08-01T10:50:24.865Z","updated_at":"2014-08-01T10:50:24.865Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.3":{"vulnerabilities":[{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.2.3":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.2.2":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.2.1":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.2":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92549,"title":"WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit","exploitdb":"4113","created_at":"2014-08-01T10:50:27.686Z","updated_at":"2014-08-01T10:50:27.686Z"},{"id":92550,"title":"Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit","exploitdb":"4039","created_at":"2014-08-01T10:50:27.746Z","updated_at":"2014-08-01T10:50:27.746Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.1.3":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92551,"title":"Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit","exploitdb":"3960","created_at":"2014-08-01T10:50:28.508Z","updated_at":"2014-08-01T10:50:28.508Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.1.2":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92552,"title":"WordPress \"year\" Cross-Site Scripting Vulnerability","url":"http://www.securityfocus.com/archive/1/archive/1/462374/100/0/threaded","secunia":"24485","created_at":"2014-08-01T10:50:29.216Z","updated_at":"2014-08-01T10:50:29.216Z"},{"id":92553,"title":"Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit","exploitdb":"3656","created_at":"2014-08-01T10:50:29.271Z","updated_at":"2014-08-01T10:50:29.271Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.1.1":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92554,"title":"WordPress Command Execution and PHP Injection","url":"http://www.securityfocus.com/bid/22797,http://xforce.iss.net/xforce/xfdb/32807","cve":"2007-1277","secunia":"24374","created_at":"2014-08-01T10:50:29.871Z","updated_at":"2014-08-01T10:50:29.871Z","fixed_in":"2.1.2"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.1":{"vulnerabilities":[{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.0.11":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.0.10":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.0.9":{"vulnerabilities":[{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.0.8":{"vulnerabilities":[{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.0.7":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.0.6":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92555,"title":"Wordpress \u003c= 2.0.6 wp-trackback.php Remote SQL Injection Exploit","exploitdb":"3109","created_at":"2014-08-01T10:50:33.964Z","updated_at":"2014-08-01T10:50:33.964Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.0.5":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92556,"title":"Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit","exploitdb":"3095","created_at":"2014-08-01T10:50:34.576Z","updated_at":"2014-08-01T10:50:34.576Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.0.4":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92557,"title":"WordPress 2.0.2 - 2.0.4 Paged Parameter SQL Injection Vulnerability","url":"http://www.securityfocus.com/bid/18779","created_at":"2014-08-01T10:50:35.282Z","updated_at":"2014-08-01T10:50:35.282Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.0.3":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92557,"title":"WordPress 2.0.2 - 2.0.4 Paged Parameter SQL Injection Vulnerability","url":"http://www.securityfocus.com/bid/18779","created_at":"2014-08-01T10:50:35.282Z","updated_at":"2014-08-01T10:50:35.282Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.0.2":{"vulnerabilities":[{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92558,"title":"WordPress \u003c= 2.0.2 (cache) Remote Shell Injection Exploit","exploitdb":"6","created_at":"2014-08-01T10:50:36.381Z","updated_at":"2014-08-01T10:50:36.381Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92557,"title":"WordPress 2.0.2 - 2.0.4 Paged Parameter SQL Injection Vulnerability","url":"http://www.securityfocus.com/bid/18779","created_at":"2014-08-01T10:50:35.282Z","updated_at":"2014-08-01T10:50:35.282Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.0.1":{"vulnerabilities":[{"id":92559,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:50:36.975Z","updated_at":"2014-08-01T10:50:36.975Z","fixed_in":"2.0.2"},{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"2.0":{"vulnerabilities":[{"id":92559,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:50:36.975Z","updated_at":"2014-08-01T10:50:36.975Z","fixed_in":"2.0.2"},{"id":92545,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:50:17.405Z","updated_at":"2014-08-01T10:50:17.405Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"},{"id":92535,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:50:09.640Z","updated_at":"2014-08-01T10:50:09.640Z","fixed_in":"3.0.2"},{"id":92536,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:50:09.725Z","updated_at":"2014-08-01T10:50:09.725Z","fixed_in":"3.0.2"},{"id":92537,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:50:09.798Z","updated_at":"2014-08-01T10:50:09.798Z","fixed_in":"3.0.2"},{"id":92538,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:50:09.874Z","updated_at":"2014-08-01T10:50:09.874Z","fixed_in":"3.0.2"},{"id":92539,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:50:10.902Z","updated_at":"2014-08-01T10:50:10.902Z","fixed_in":"3.0"}]}},{"1.5.2":{"vulnerabilities":[{"id":92559,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:50:36.975Z","updated_at":"2014-08-01T10:50:36.975Z","fixed_in":"2.0.2"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"}]}},{"1.5.1.3":{"vulnerabilities":[{"id":92559,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:50:36.975Z","updated_at":"2014-08-01T10:50:36.975Z","fixed_in":"2.0.2"},{"id":92560,"title":"Wordpress \u003c= 1.5.1.3 Remote Code Execution eXploit (metasploit)","exploitdb":"1145","created_at":"2014-08-01T10:50:38.511Z","updated_at":"2014-08-01T10:50:38.511Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"}]}},{"1.5.1.2":{"vulnerabilities":[{"id":92559,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:50:36.975Z","updated_at":"2014-08-01T10:50:36.975Z","fixed_in":"2.0.2"},{"id":92561,"title":"Wordpress \u003c= 1.5.1.2 xmlrpc Interface SQL Injection Exploit","osvdb":"17636,17637,17638,17639,17640,17641","cve":"2005-2108","secunia":"15831,15898","exploitdb":"1077","created_at":"2014-08-01T10:50:38.758Z","updated_at":"2014-08-01T10:50:38.758Z","fixed_in":"1.5.1.3"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"}]}},{"1.5.1.1":{"vulnerabilities":[{"id":92559,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:50:36.975Z","updated_at":"2014-08-01T10:50:36.975Z","fixed_in":"2.0.2"},{"id":92562,"title":"WordPress \u003c= 1.5.1.1 \"add new admin\" SQL Injection Exploit","exploitdb":"1059","created_at":"2014-08-01T10:50:39.012Z","updated_at":"2014-08-01T10:50:39.012Z"},{"id":92563,"title":"WordPress \u003c= 1.5.1.1 SQL Injection Exploit","exploitdb":"1033","created_at":"2014-08-01T10:50:39.068Z","updated_at":"2014-08-01T10:50:39.068Z"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"}]}},{"1.5.1":{"vulnerabilities":[{"id":92559,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:50:36.975Z","updated_at":"2014-08-01T10:50:36.975Z","fixed_in":"2.0.2"},{"id":92514,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:49:57.659Z","updated_at":"2014-08-01T10:49:57.659Z"},{"id":92515,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:49:57.716Z","updated_at":"2014-08-01T10:49:57.716Z"}]}},{"1.5":{"vulnerabilities":[{"id":92564,"title":"WordPress wp-trackback.php tb_id Parameter SQL Injection","osvdb":"16701,16702,16703","cve":"2005-1687","created_at":"2014-08-01T10:50:39.485Z","updated_at":"2014-08-01T10:50:39.485Z","fixed_in":"1.5.1"},{"id":92565,"title":"WordPress post.php p Parameter XSS","osvdb":"16702,16701,16703","created_at":"2014-08-01T10:50:39.546Z","updated_at":"2014-08-01T10:50:39.546Z","fixed_in":"1.5.1"},{"id":92566,"title":"WordPress Multiple Script Direct Request Path Disclosure","osvdb":"16703,16701,16702","cve":"2005-1688","created_at":"2014-08-01T10:50:39.607Z","updated_at":"2014-08-01T10:50:39.607Z","fixed_in":"1.5.1"},{"id":92567,"title":"WordPress Cross-Site Scripting and SQL Injection Vulnerabilities","osvdb":"16478","secunia":"15324","created_at":"2014-08-01T10:50:39.670Z","updated_at":"2014-08-01T10:50:39.670Z","fixed_in":"1.5.1"},{"id":92568,"title":"WordPress template-functions-post.php Multiple Field XSS","osvdb":"15643","cve":"2005-1102","created_at":"2014-08-01T10:50:39.730Z","updated_at":"2014-08-01T10:50:39.730Z"}]}}]
\ No newline at end of file
diff --git a/lib/common/updater/db_updater.rb b/lib/common/updater/db_updater.rb
index d8a54dcb..aee80e9a 100644
--- a/lib/common/updater/db_updater.rb
+++ b/lib/common/updater/db_updater.rb
@@ -28,11 +28,11 @@ class DbUpdater < Updater
 
   # @return [ String ] The checksum of the associated remote filename
   def remote_file_checksum(filename)
-    url = "#{remote_file_url(filename)}.sha2"
+    url = "#{remote_file_url(filename)}.sha512"
 
     res = Browser.get(url, request_params)
     fail "Unable to get #{url}" unless res && res.code == 200
-    res.body.chomp
+    res.body
   end
 
   def local_file_path(filename)
@@ -49,6 +49,7 @@ class DbUpdater < Updater
   end
 
   def restore_backup(filename)
+    return unless File.exist?(backup_file_path(filename))
     FileUtils.cp(backup_file_path(filename), local_file_path(filename))
   end
 
@@ -65,7 +66,7 @@ class DbUpdater < Updater
     fail "Error while downloading #{file_url}" unless res && res.code == 200
     File.write(file_path, res.body.chomp)
 
-    Digest::MD5.file(file_path).hexdigest
+    Digest::SHA512.file(file_path).hexdigest
   end
 
   def update
@@ -73,13 +74,11 @@ class DbUpdater < Updater
       begin
         create_backup(filename)
         checksum = download(filename)
-        # p checksum
 
-        # unless checksum == remote_file_checksum(filename)
-        #  fail "#{filename}: checksums do not match"
-        # end
+        unless checksum == remote_file_checksum(filename)
+          fail "#{filename}: checksums do not match"
+        end
       rescue => e
-        # p e
         restore_backup(filename)
         raise e
       ensure
diff --git a/wpscan.rb b/wpscan.rb
index 6abdd9c2..d9d043d8 100755
--- a/wpscan.rb
+++ b/wpscan.rb
@@ -39,12 +39,10 @@ def main
 
     # Check for updates
     if wpscan_options.update
-      puts 'Updating the DB ..'
+      puts 'Updating the DB ...'
       DbUpdater.new(DATA_DIR).update
       puts 'Done.'
 
-      exit # remove me
-
       if !@updater.nil?
         if @updater.has_local_changes?
           print "#{red('[!]')} Local file changes detected, an update will override local changes, do you want to continue updating? [y/n] "