From f704efb2afcd34a0cee6e57b7c921ff93323664d Mon Sep 17 00:00:00 2001 From: ethicalhack3r Date: Fri, 23 Aug 2013 12:55:04 +0200 Subject: [PATCH] Vulnerable plugin updates. See Issue #264 --- data/plugin_vulns.xml | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 8538cbb7..c3fc562c 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -1466,6 +1466,12 @@ + + CVE-2013-5098: Download Monitor < 3.3.6.2 Cross Site Scripting + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5098 + XSS + 3.3.6.2 + Download Monitor <= 3.3.5.7 Cross Site Scripting http://www.reactionpenetrationtesting.co.uk/wordpress-download-monitor-xss.html @@ -5014,7 +5020,7 @@ - Duplicator installer.cleanup.php package Parameter XSS + CVE-2013-4625: Duplicator installer.cleanup.php package Parameter XSS http://osvdb.org/95627 XSS 0.4.5 @@ -5048,4 +5054,22 @@ + + + CVE-2013-3253: CSRF in admin/setting.php in Xhanch + https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3253 + CSRF + 2.7.7 + + + + + + CVE-2013-3256: CSRF in sexybookmarks + http://wordpress.org/plugins/sexybookmarks/changelog/ + CSRF + 6.1.5.0 + + +