From f688860bb27f16081fd83099f759e1819cea1acf Mon Sep 17 00:00:00 2001
From: ethicalhack3r <ryandewhurst@gmail.com>
Date: Sat, 26 Jan 2013 13:24:32 +0100
Subject: [PATCH] Added XMLRPC issues to all prev versions of WP. See issue
 #119.

---
 data/wp_vulns.xml | 480 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 480 insertions(+)

diff --git a/data/wp_vulns.xml b/data/wp_vulns.xml
index 13408bda..ead9f3c2 100644
--- a/data/wp_vulns.xml
+++ b/data/wp_vulns.xml
@@ -40,6 +40,16 @@
       <reference>http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.html</reference>
       <type>CSRF</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.4-beta4">
@@ -48,6 +58,16 @@
       <reference>http://www.exploit-db.com/exploits/18791/</reference>
       <type>CSRF</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.3.2">
@@ -61,6 +81,16 @@
       <reference>http://packetstormsecurity.org/files/113254</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.3.1">
@@ -79,6 +109,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.3">
@@ -92,6 +132,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.2.1">
@@ -100,6 +150,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.2">
@@ -108,6 +168,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.1.4">
@@ -116,6 +186,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.1.3">
@@ -129,6 +209,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.1.2">
@@ -142,6 +232,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.1.1">
@@ -155,6 +255,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.1">
@@ -163,6 +273,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.0.6">
@@ -171,6 +291,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.0.5">
@@ -179,6 +309,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.0.4">
@@ -187,6 +327,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.0.3">
@@ -205,6 +355,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.0.2">
@@ -218,6 +378,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.0.1">
@@ -231,6 +401,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="3.0">
@@ -239,6 +419,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.9.2">
@@ -247,6 +437,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.9.1">
@@ -255,6 +455,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.9">
@@ -273,6 +483,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.8.6">
@@ -281,6 +501,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.8.5">
@@ -294,6 +524,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.8.4">
@@ -302,6 +542,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.8.3">
@@ -315,6 +565,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.8.1">
@@ -328,6 +588,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.8">
@@ -336,6 +606,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.7.1">
@@ -349,6 +629,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.7">
@@ -357,6 +647,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.6.5">
@@ -365,6 +665,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.6.4">
@@ -373,6 +683,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.6.3">
@@ -381,6 +701,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.6.2">
@@ -389,6 +719,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.6.1">
@@ -402,6 +742,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.6">
@@ -410,6 +760,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.5.1">
@@ -418,6 +778,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.5">
@@ -426,6 +796,16 @@
       <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
       <type>XSS</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.3.1">
@@ -434,6 +814,16 @@
       <reference>http://www.exploit-db.com/exploits/4721/</reference>
       <type>SQLI</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.2">
@@ -447,6 +837,16 @@
       <reference>http://www.exploit-db.com/exploits/4039/</reference>
       <type>SQLI</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.1.3">
@@ -455,6 +855,16 @@
       <reference>http://www.exploit-db.com/exploits/3960/</reference>
       <type>SQLI</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.1.2">
@@ -463,6 +873,16 @@
       <reference>http://www.exploit-db.com/exploits/3656/</reference>
       <type>SQLI</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.0.6">
@@ -471,6 +891,16 @@
       <reference>http://www.exploit-db.com/exploits/3109/</reference>
       <type>SQLI</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.0.5">
@@ -479,6 +909,16 @@
       <reference>http://www.exploit-db.com/exploits/3095/</reference>
       <type>SQLI</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="2.0.2">
@@ -487,6 +927,16 @@
       <reference>http://www.exploit-db.com/exploits/6/</reference>
       <type>UNKNOWN</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="1.5.1.3">
@@ -495,6 +945,16 @@
       <reference>http://www.exploit-db.com/exploits/1145/</reference>
       <type>SQLI</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="1.5.1.2">
@@ -503,6 +963,16 @@
       <reference>http://www.exploit-db.com/exploits/1077/</reference>
       <type>SQLI</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
   <wordpress version="1.5.1.1">
@@ -516,6 +986,16 @@
       <reference>http://www.exploit-db.com/exploits/1033/</reference>
       <type>SQLI</type>
     </vulnerability>
+    <vulnerability>
+      <title>XMLRPC Pingback API Internal/External Port Scanning</title>
+      <reference>https://github.com/FireFart/WordpressPingbackPortScanner</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+    <vulnerability>
+      <title>WordPress XMLRPC pingback additional issues</title>
+      <reference>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
   </wordpress>
 
 </vulnerabilities>