From f8ba2b71f8d15341cc44fae2c71e5c97c265b960 Mon Sep 17 00:00:00 2001 From: erwanlr Date: Sun, 6 Jan 2013 15:02:39 +0100 Subject: [PATCH] Added Moneymasters FDP & File upload --- data/plugin_vulns.xml | 316 ++++++++++++++++++++++++++++++++++++++++ data/wp_theme_vulns.xml | 16 +- 2 files changed, 331 insertions(+), 1 deletion(-) diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml index 7d8deb72..a808caed 100644 --- a/data/plugin_vulns.xml +++ b/data/plugin_vulns.xml @@ -30,6 +30,7 @@ ryandewhurst at gmail --> + WP-UserOnline Full Path Disclosure @@ -42,6 +43,7 @@ ryandewhurst at gmail XSS + Shopping Cart 8.1.14 Shell Upload / SQL Injection @@ -49,6 +51,7 @@ ryandewhurst at gmail MULTI + ReFlex Gallery <= 1.4 Shell Upload @@ -56,6 +59,7 @@ ryandewhurst at gmail UPLOAD + Uploader 1.0.4 Shell Upload @@ -63,6 +67,7 @@ ryandewhurst at gmail UPLOAD + Xerte Online 0.32 Shell Upload @@ -70,6 +75,7 @@ ryandewhurst at gmail UPLOAD + Advanced Custom Fields <= 3.5.1 Remote File Inclusion @@ -77,6 +83,7 @@ ryandewhurst at gmail RFI + Wordpress sitepress-multilingual-cms Full Path Disclosure @@ -84,6 +91,7 @@ ryandewhurst at gmail FPD + WordPress plugin Asset manager upload.php Arbitrary Code Execution @@ -91,6 +99,7 @@ ryandewhurst at gmail UPLOAD + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -98,6 +107,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -105,6 +115,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -112,6 +123,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -119,6 +131,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -126,6 +139,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -133,6 +147,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -140,6 +155,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -147,6 +163,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -154,6 +171,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -161,6 +179,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -168,6 +187,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -175,6 +195,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -182,6 +203,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -189,6 +211,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -196,6 +219,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -203,6 +227,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -210,6 +235,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -217,6 +243,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -224,6 +251,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -231,6 +259,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -238,6 +267,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -245,6 +275,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -252,6 +283,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -259,6 +291,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -266,6 +299,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -273,6 +307,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -280,6 +315,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -287,6 +323,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -294,6 +331,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -301,6 +339,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -308,6 +347,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -315,6 +355,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -322,6 +363,7 @@ ryandewhurst at gmail XSS + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -329,6 +371,7 @@ ryandewhurst at gmail XSS + Ajax Post Search 1.1 Sql Injection @@ -336,6 +379,7 @@ ryandewhurst at gmail SQLI + Answer My Question 1.1 Multiple XSS @@ -343,6 +387,7 @@ ryandewhurst at gmail XSS + Catalog HTML Code Injection and Cross-site scripting @@ -350,6 +395,7 @@ ryandewhurst at gmail MULTI + Wordfence 3.3.5 XSS and IAA @@ -357,6 +403,7 @@ ryandewhurst at gmail MULTI + Slideshow jQuery Image Gallery Multiple Vulnerabilities @@ -364,6 +411,7 @@ ryandewhurst at gmail MULTI + Social Discussions Multiple Vulnerabilities @@ -371,6 +419,7 @@ ryandewhurst at gmail MULTI + ABtest Directory Traversal @@ -378,6 +427,7 @@ ryandewhurst at gmail UNKNOWN + BBPress SQL Injection / Path Disclosure @@ -385,6 +435,7 @@ ryandewhurst at gmail MULTI + NextGen Cu3er Gallery Information Disclosure @@ -392,6 +443,7 @@ ryandewhurst at gmail UNKNOWN + Rich Widget File Upload @@ -399,6 +451,7 @@ ryandewhurst at gmail UPLOAD + Monsters Editor Shell Upload @@ -406,6 +459,7 @@ ryandewhurst at gmail UPLOAD + Quick Post Widget 1.9.1 Multiple Cross-site scripting vulnerabilities @@ -413,6 +467,7 @@ ryandewhurst at gmail XSS + ThreeWP Email Reflector 1.13 Stored XSS @@ -420,6 +475,7 @@ ryandewhurst at gmail XSS + SimpleMail 1.0.6 Stored XSS @@ -427,6 +483,7 @@ ryandewhurst at gmail XSS + Postie 1.4.3 Stored XSS @@ -434,6 +491,7 @@ ryandewhurst at gmail XSS + RSVPMaker v2.5.4 Persistent XSS @@ -441,6 +499,7 @@ ryandewhurst at gmail XSS + Mz-jajak <= 2.1 SQL Injection Vulnerability @@ -448,6 +507,7 @@ ryandewhurst at gmail SQLI + Resume Submissions Job Posting v2.5.1 Unrestricted File Upload @@ -455,6 +515,7 @@ ryandewhurst at gmail UPLOAD + WP-Predict v1.0 Blind SQL Injection @@ -462,6 +523,7 @@ ryandewhurst at gmail SQLI + Backup Plugin 2.0.1 Information Disclosure @@ -469,6 +531,7 @@ ryandewhurst at gmail UNKNOWN + MoodThingy Widget v0.8.7 Blind SQL Injection @@ -476,6 +539,7 @@ ryandewhurst at gmail SQLI + Paid Business Listings v1.0.2 Blind SQL Injection @@ -483,6 +547,7 @@ ryandewhurst at gmail SQLI + Website FAQ Plugin v1.0 SQL Injection @@ -490,6 +555,7 @@ ryandewhurst at gmail SQLI + Fancy Gallery 1.2.4 Shell Upload @@ -497,6 +563,7 @@ ryandewhurst at gmail UPLOAD + Flip Book 1.0 Shell Upload @@ -504,6 +571,7 @@ ryandewhurst at gmail UPLOAD + Ajax Multi Upload 1.1 Shell Upload @@ -511,6 +579,7 @@ ryandewhurst at gmail UPLOAD + Schreikasten 0.14.13 XSS @@ -518,6 +587,7 @@ ryandewhurst at gmail XSS + Wordpress Automatic 2.0.3 CSRF @@ -525,6 +595,7 @@ ryandewhurst at gmail CSRF + VideoWhisper Video Conference @@ -533,6 +604,7 @@ ryandewhurst at gmail <type>UPLOAD</type> </vulnerability> </plugin> + <plugin name="auctionplugin"> <vulnerability> <title>Auctions Plugin 2.0.1.3 Arbitrary @@ -541,6 +613,7 @@ File Upload Vulnerability UPLOAD + LB Mixed Slideshow 1.0 Arbitrary File Upload Vulnerability @@ -548,6 +621,7 @@ File Upload Vulnerability UPLOAD + Lim4wp 1.1.1 Arbitrary File Upload Vulnerability @@ -555,6 +629,7 @@ File Upload Vulnerability UPLOAD + Wp-ImageZoom 1.0.3 Remote File Disclosure @@ -562,6 +637,7 @@ File Upload Vulnerability UNKNOWN + Invit0r 0.22 Shell Upload @@ -569,6 +645,7 @@ File Upload Vulnerability UPLOAD + Annonces 1.2.0.1 Shell Upload @@ -576,6 +653,7 @@ File Upload Vulnerability UPLOAD + Contus Video Gallery 1.3 Arbitrary @@ -584,6 +662,7 @@ File Upload Vulnerability UPLOAD + Contus HD FLV Player 1.7 Arbitrary @@ -592,6 +671,7 @@ File Upload Vulnerability UPLOAD + User Meta Version 1.1.1 Arbitrary File Upload Vulnerability @@ -599,6 +679,7 @@ File Upload Vulnerability UPLOAD + Top Quark Architecture Version 2.10 Arbitrary File Upload Vulnerability @@ -606,6 +687,7 @@ File Upload Vulnerability UPLOAD + SfBrowser Version 1.4.5 Arbitrary File Upload Vulnerability @@ -613,6 +695,7 @@ File Upload Vulnerability UPLOAD + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -625,6 +708,7 @@ File Upload Vulnerability UPLOAD + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -637,6 +721,7 @@ File Upload Vulnerability UPLOAD + drag and drop file upload 0.1 Arbitrary File Upload Vulnerability @@ -644,6 +729,7 @@ File Upload Vulnerability UPLOAD + Custom Content Type Manager 0.9.5.13-pl Arbitrary File Upload Vulnerability @@ -651,6 +737,7 @@ File Upload Vulnerability UPLOAD + wp-gpx-max version 1.1.21 Arbitrary File Upload @@ -658,6 +745,7 @@ File Upload Vulnerability UPLOAD + Front File Manager Plugin 0.1 Arbitrary File Upload @@ -665,6 +753,7 @@ File Upload Vulnerability UPLOAD + Front End Upload 0.5.3 Arbitrary File Upload @@ -677,6 +766,7 @@ File Upload Vulnerability UPLOAD + Omni Secure Files 0.1.13 Arbitrary File Upload @@ -684,6 +774,7 @@ File Upload Vulnerability UPLOAD + Easy Contact Forms Export 1.1.0 Information Disclosure Vulnerability @@ -691,6 +782,7 @@ File Upload Vulnerability UNKNOWN + PICA Photo Gallery 1.0 Remote File Disclosure @@ -698,6 +790,7 @@ File Upload Vulnerability UNKNOWN + Plugin: Newsletter 1.5 Remote File Disclosure Vulnerability @@ -705,6 +798,7 @@ File Upload Vulnerability UNKNOWN + RBX Gallery 2.1 Arbitrary File Upload @@ -712,6 +806,7 @@ File Upload Vulnerability UPLOAD + Simple Download Button Shortcode 1.0 Remote File Disclosure @@ -719,6 +814,7 @@ File Upload Vulnerability UNKNOWN + Thinkun Remind 1.1.3 Remote File Disclosure @@ -726,6 +822,7 @@ File Upload Vulnerability UNKNOWN + Tinymce Thumbnail Gallery 1.0.7 Remote File Disclosure @@ -733,6 +830,7 @@ File Upload Vulnerability UNKNOWN + wpStoreCart Plugin 2.5.27-2.5.29 Arbitrary File Upload @@ -740,6 +838,7 @@ File Upload Vulnerability UPLOAD + Gallery 3.06 Arbitrary File Upload @@ -747,6 +846,7 @@ File Upload Vulnerability UPLOAD + Font Uploader 1.2.4 Arbitrary File Upload @@ -754,6 +854,7 @@ File Upload Vulnerability UPLOAD + WP-Property 1.35.0 Arbitrary File Upload @@ -761,6 +862,7 @@ File Upload Vulnerability UPLOAD + WP Marketplace 1.5.0 - 1.6.1 Arbitrary File Upload @@ -768,6 +870,7 @@ File Upload Vulnerability UPLOAD + Google Maps via Store Locator Multiple Vulnerabilities @@ -775,6 +878,7 @@ File Upload Vulnerability MULTI + HTML5 AV Manager 0.2.7 Arbitrary File Upload @@ -782,6 +886,7 @@ File Upload Vulnerability UPLOAD + Foxypress 0.4.1.1 - 0.4.2.1 Arbitrary File Upload @@ -794,6 +899,7 @@ File Upload Vulnerability MULTI + Asset Manager 0.2 Arbitrary File Upload @@ -801,6 +907,7 @@ File Upload Vulnerability UPLOAD + Track That Stat <= 1.0.8 Cross Site Scripting @@ -808,6 +915,7 @@ File Upload Vulnerability XSS + WP-Facethumb Gallery <= 0.1 Reflected Cross Site Scripting @@ -815,6 +923,7 @@ File Upload Vulnerability XSS + Survey And Quiz Tool <= 2.9.2 Cross Site Scripting @@ -822,6 +931,7 @@ File Upload Vulnerability XSS + WP Statistics <= 2.2.4 Cross Site Scripting @@ -829,6 +939,7 @@ File Upload Vulnerability XSS + WP Easy Gallery <= 1.7 Cross Site Scripting @@ -836,6 +947,7 @@ File Upload Vulnerability XSS + Subscribe2 <= 8.0 Cross Site Scripting @@ -843,6 +955,7 @@ File Upload Vulnerability XSS + Soundcloud Is Gold <= 2.1 Cross Site Scripting @@ -850,6 +963,7 @@ File Upload Vulnerability XSS + Sharebar <= 1.2.1 SQL Injection / Cross Site Scripting @@ -857,6 +971,7 @@ File Upload Vulnerability MULTI + Share And Follow <= 1.80.3 Cross Site Scripting @@ -864,6 +979,7 @@ File Upload Vulnerability XSS + SABRE <= 1.2.0 Cross Site Scripting @@ -871,6 +987,7 @@ File Upload Vulnerability XSS + Pretty Link Lite <= 1.5.2 Cross Site Scripting @@ -878,6 +995,7 @@ File Upload Vulnerability XSS + Newsletter Manager <= 1.0 Cross Site Scripting @@ -885,6 +1003,7 @@ File Upload Vulnerability XSS + Network Publisher <= 5.0.1 Cross Site Scripting @@ -892,6 +1011,7 @@ File Upload Vulnerability XSS + LeagueManager <= 3.7 Cross Site Scripting @@ -899,6 +1019,7 @@ File Upload Vulnerability XSS + Leaflet <= 0.0.1 Cross Site Scripting @@ -906,6 +1027,7 @@ File Upload Vulnerability XSS + PDF And Print Button Joliprint <= 1.3.0 Cross Site Scripting @@ -913,6 +1035,7 @@ File Upload Vulnerability XSS + IFrame Admin Pages <= 0.1 Cross Site Scripting @@ -920,6 +1043,7 @@ File Upload Vulnerability XSS + EZPZ One Click Backup <= 12.03.10 Cross Site Scripting @@ -927,6 +1051,7 @@ File Upload Vulnerability XSS + Dynamic Widgets <= 1.5.1 Cross Site Scripting @@ -934,6 +1059,7 @@ File Upload Vulnerability XSS + Download Monitor <= 3.3.5.7 Cross Site Scripting @@ -946,6 +1072,7 @@ File Upload Vulnerability XSS + Download Manager <= 2.2 Cross Site Scripting @@ -953,6 +1080,7 @@ File Upload Vulnerability XSS + Code Styling Localization <= 1.99.16 Cross Site Scripting @@ -960,6 +1088,7 @@ File Upload Vulnerability XSS + Catablog <= 1.6 Cross Site Scripting @@ -967,6 +1096,7 @@ File Upload Vulnerability XSS + Bad Behavior <= 2.24 Cross Site Scripting @@ -974,6 +1104,7 @@ File Upload Vulnerability XSS + BulletProof Security <= 0.47 Cross Site Scripting @@ -981,6 +1112,7 @@ File Upload Vulnerability XSS + Better WP Security v3.4.3 @@ -993,6 +1125,7 @@ File Upload Vulnerability XSS + Custom Contact Forms <= 5.0.0.1 Cross Site Scripting @@ -1000,6 +1133,7 @@ File Upload Vulnerability XSS + 2-Click-Socialmedia-Buttons <= 0.34 Cross Site Scripting @@ -1012,6 +1146,7 @@ File Upload Vulnerability XSS + Login With Ajax plugin < 3.0.4.1 Cross Site Scripting @@ -1019,6 +1154,7 @@ File Upload Vulnerability XSS + Media Library Categories plugin <= 1.0.6 SQL Injection Vulnerability @@ -1031,6 +1167,7 @@ File Upload Vulnerability SQLI + FCKeditor Deans With Pwwangs Code <= 1.0.0 Remote Shell Upload @@ -1038,6 +1175,7 @@ File Upload Vulnerability RFI + Zingiri Web Shop <= 2.4.0 Multiple XSS Vulnerabilities @@ -1055,6 +1193,7 @@ File Upload Vulnerability UPLOAD + Organizer 1.2.1 Cross Site Scripting / Path Disclosure @@ -1062,6 +1201,7 @@ File Upload Vulnerability MULTI + Zingiri Tickets plugin File Disclosure @@ -1069,6 +1209,7 @@ File Upload Vulnerability UNKNOWN + XSS vulnerability in CMS Tree Page View Plugin @@ -1076,6 +1217,7 @@ File Upload Vulnerability XSS + Multiple XSS vulnerabilities in All-in-One Event Calendar for WordPress @@ -1083,6 +1225,7 @@ File Upload Vulnerability XSS + Buddypress <= 1.5.5 SQL Injection @@ -1090,6 +1233,7 @@ File Upload Vulnerability SQLI + Register Plus Redux <= 3.8.3 Cross Site Scripting @@ -1097,6 +1241,7 @@ File Upload Vulnerability XSS + Magn WP Drag and Drop <= 1.1.4 Upload Shell Upload Vulnerability @@ -1104,6 +1249,7 @@ File Upload Vulnerability UPLOAD + Kish Guest Posting 1.0 Arbitrary File Upload @@ -1111,6 +1257,7 @@ File Upload Vulnerability RFI + AllWebMenus Shell Upload <= 1.1.9 Shell Upload @@ -1125,6 +1272,7 @@ File Upload Vulnerability abspath=XXpathXX + Shortcode Redirect <= 1.0.01 Stored Cross Site Scripting @@ -1132,6 +1280,7 @@ File Upload Vulnerability XSS + uCan Post plugin <= 1.0.09 Stored XSS @@ -1139,6 +1288,7 @@ File Upload Vulnerability XSS + WP Cycle Playlist plugin Multiple Vulnerabilities @@ -1146,6 +1296,7 @@ File Upload Vulnerability MULTI + myEASYbackup 1.0.8.1 Directory Traversal @@ -1153,6 +1304,7 @@ File Upload Vulnerability UNKNOWN + Count Per Day 3.2.3 Cross Site Scripting @@ -1175,6 +1327,7 @@ File Upload Vulnerability SQLI + WP-AutoYoutube plugin <= 0.1 Blind SQL Injection Vulnerability @@ -1182,6 +1335,7 @@ File Upload Vulnerability SQLI + Age Verification plugin <= 0.4 Open Redirect @@ -1189,6 +1343,7 @@ File Upload Vulnerability REDIRECT + Yousaytoo Auto Publishing <= 1.0 Cross Site Scripting @@ -1196,6 +1351,7 @@ File Upload Vulnerability XSS + Pay With Tweet plugin <= 1.1 Multiple Vulnerabilities @@ -1203,6 +1359,7 @@ File Upload Vulnerability MULTI + Whois Search <= 1.4.2 Cross Site Scripting @@ -1210,6 +1367,7 @@ File Upload Vulnerability XSS + BLIND SQL injection UPM-POLLS plugin 1.0.4 @@ -1217,6 +1375,7 @@ File Upload Vulnerability SQLI + Disqus Comment System <= 2.68 Reflected Cross-Site Scripting (XSS) @@ -1224,6 +1383,7 @@ File Upload Vulnerability XSS + Google reCAPTCHA <= 3.1.3 Reflected XSS Vulnerability @@ -1231,6 +1391,7 @@ File Upload Vulnerability XSS + Link Library plugin <= 5.2.1 SQL Injection @@ -1238,6 +1399,7 @@ File Upload Vulnerability SQLI + CevherShare 2.0 plugin SQL Injection Vulnerability @@ -1245,6 +1407,7 @@ File Upload Vulnerability SQLI + WP Glossary plugin SQL Injection Vulnerability @@ -1252,6 +1415,7 @@ File Upload Vulnerability SQLI + meenews 5.1 plugin Cross-Site Scripting Vulnerabilities @@ -1259,6 +1423,7 @@ File Upload Vulnerability XSS + Click Desk Live Support Chat < 2.0 Cross Site Scripting Vulnerability @@ -1266,6 +1431,7 @@ File Upload Vulnerability XSS + adminimize 1.7.21 Cross-Site Scripting Vulnerabilities @@ -1273,6 +1439,7 @@ File Upload Vulnerability XSS + Advanced Text Widget <= 2.0.0 Cross Site Scripting Vulnerability @@ -1280,6 +1447,7 @@ File Upload Vulnerability XSS + MM Duplicate plugin <= 1.2 SQL Injection Vulnerability @@ -1287,6 +1455,7 @@ File Upload Vulnerability SQLI + UnGallery plugin <= 1.5.8 Local File Disclosure Vulnerability @@ -1294,6 +1463,7 @@ File Upload Vulnerability LFI + Menu Creator plugin <= 1.1.7 SQL Injection Vulnerability @@ -1301,6 +1471,7 @@ File Upload Vulnerability SQLI + Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 SQL Injection Vulnerability @@ -1308,6 +1479,7 @@ File Upload Vulnerability SQLI + Global Content Blocks plugin <= 1.2 SQL Injection Vulnerability @@ -1315,6 +1487,7 @@ File Upload Vulnerability SQLI + Ajax Gallery plugin <= 3.0 SQL Injection Vulnerability @@ -1322,6 +1495,7 @@ File Upload Vulnerability SQLI + WP DS FAQ plugin <= 1.3.2 SQL Injection Vulnerability @@ -1329,6 +1503,7 @@ File Upload Vulnerability SQLI + OdiHost Newsletter plugin <= 1.0 SQL Injection Vulnerability @@ -1336,6 +1511,7 @@ File Upload Vulnerability SQLI + Easy Contact Form Lite plugin <= 1.0.7 SQL Injection Vulnerability @@ -1343,6 +1519,7 @@ File Upload Vulnerability SQLI + WP Symposium plugin <= 0.64 SQL Injection Vulnerability @@ -1350,6 +1527,7 @@ File Upload Vulnerability SQLI + Contus HD FLV Player plugin <= 1.3 SQL Injection Vulnerability @@ -1357,6 +1535,7 @@ File Upload Vulnerability SQLI + File Groups plugin <= 1.1.2 SQL Injection Vulnerability @@ -1364,6 +1543,7 @@ File Upload Vulnerability SQLI + IP-Logger plugin <= 3.0 SQL Injection Vulnerability @@ -1371,6 +1551,7 @@ File Upload Vulnerability SQLI + Beer Recipes v.1.0 XSS @@ -1378,6 +1559,7 @@ File Upload Vulnerability SQLI + Is-human <=1.4.2 Remote Command Execution Vulnerability @@ -1385,6 +1567,7 @@ File Upload Vulnerability RCE + EditorMonkey plugin (FCKeditor) Arbitrary File Upload @@ -1392,6 +1575,7 @@ File Upload Vulnerability UPLOAD + SermonBrowser 0.43 SQL Injection @@ -1399,6 +1583,7 @@ File Upload Vulnerability SQLI + Ajax Category Dropdown 0.1.5 Multiple Vulnerabilities @@ -1406,6 +1591,7 @@ File Upload Vulnerability MULTI + WP Custom Pages 0.5.0.1 LFI Vulnerability @@ -1413,6 +1599,7 @@ File Upload Vulnerability LFI + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -1440,6 +1627,7 @@ File Upload Vulnerability XSS + PHP Speedy <= 0.5.2 (admin_container.php) Remote Code Exec Exploit @@ -1447,6 +1635,7 @@ File Upload Vulnerability RCE + OPS Old Post Spinner 2.2.1 LFI Vulnerability @@ -1454,6 +1643,7 @@ File Upload Vulnerability LFI + jQuery Mega Menu 1.0 Local File Inclusion @@ -1461,6 +1651,7 @@ File Upload Vulnerability LFI + IWantOneButton 3.0.1 Multiple Vulnerabilities @@ -1468,6 +1659,7 @@ File Upload Vulnerability MULTI + WP Forum Server 1.6.5 SQL Injection Vulnerability @@ -1485,6 +1677,7 @@ File Upload Vulnerability MULTI + Relevanssi 2.7.2 Stored XSS Vulnerability @@ -1492,6 +1685,7 @@ File Upload Vulnerability XSS + GigPress 2.1.10 Stored XSS Vulnerability @@ -1499,6 +1693,7 @@ File Upload Vulnerability XSS + Comment Rating 2.9.23 Multiple Vulnerabilities @@ -1506,6 +1701,7 @@ File Upload Vulnerability MULTI + Z-Vote 1.1 SQL Injection Vulnerability @@ -1513,6 +1709,7 @@ File Upload Vulnerability SQLI + User Photo Component Remote File Upload Vulnerability @@ -1520,6 +1717,7 @@ File Upload Vulnerability UPLOAD + Enable Media Replace Multiple Vulnerabilities @@ -1527,6 +1725,7 @@ File Upload Vulnerability MULTI + Mingle Forum <= 1.0.32.1 Cross Site Scripting / SQL Injection @@ -1549,6 +1748,7 @@ File Upload Vulnerability MULTI + Accept Signups 0.1 XSS @@ -1556,6 +1756,7 @@ File Upload Vulnerability XSS + Events Manager Extended Persistent XSS Vulnerability @@ -1563,6 +1764,7 @@ File Upload Vulnerability XSS + NextGEN Smooth Gallery Blind SQL Injection Vulnerability @@ -1570,6 +1772,7 @@ File Upload Vulnerability SQLI + myLDlinker SQL Injection Vulnerability @@ -1577,6 +1780,7 @@ File Upload Vulnerability SQLI + Firestats Remote Configuration File Download @@ -1584,6 +1788,7 @@ File Upload Vulnerability UNKNOWN + Simple:Press SQL Injection Vulnerability @@ -1591,6 +1796,7 @@ File Upload Vulnerability SQLI + Vulnerabilities in Cimy Counter for WordPress @@ -1598,6 +1804,7 @@ File Upload Vulnerability MULTI + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -1610,6 +1817,7 @@ File Upload Vulnerability XSS + Copperleaf Photolog SQL injection @@ -1617,6 +1825,7 @@ File Upload Vulnerability SQLI + Events SQL Injection Vulnerability @@ -1624,6 +1833,7 @@ File Upload Vulnerability SQLI + Image Manager Plugins Shell Upload Vulnerability @@ -1631,6 +1841,7 @@ File Upload Vulnerability UPLOAD + Vulnerabilities in WP-Cumulus <= 1.20 for WordPress @@ -1643,6 +1854,7 @@ File Upload Vulnerability XSS + WP-Syntax <= 0.9.1 Remote Command Execution @@ -1650,6 +1862,7 @@ File Upload Vulnerability RCE + My Category Order <= 2.8 SQL Injection Vulnerability @@ -1657,6 +1870,7 @@ File Upload Vulnerability SQLI + Related Sites 2.1 Blind SQL Injection Vulnerability @@ -1664,6 +1878,7 @@ File Upload Vulnerability SQLI + SWF Vulnerable to XSS Bundled in Many Wordpress Plugins @@ -1682,6 +1897,7 @@ File Upload Vulnerability /wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=XXpathXX + Photoracer 1.0 (id) SQL Injection Vulnerability @@ -1699,6 +1915,7 @@ File Upload Vulnerability MULTI + Lytebox (wp-lytebox) Local File Inclusion Vulnerability @@ -1706,6 +1923,7 @@ File Upload Vulnerability LFI + fMoblog 2.1 (id) SQL Injection Vulnerability @@ -1713,6 +1931,7 @@ File Upload Vulnerability SQLI + Page Flip Image Gallery <= 0.2.2 Remote FD Vuln @@ -1720,6 +1939,7 @@ File Upload Vulnerability LFI + e-Commerce <= 3.4 Arbitrary File Upload Exploit @@ -1727,6 +1947,7 @@ File Upload Vulnerability UPLOAD + Download Manager 0.2 Arbitrary File Upload Exploit @@ -1734,6 +1955,7 @@ File Upload Vulnerability UPLOAD + Spreadsheet <= 0.6 SQL Injection Vulnerability @@ -1741,6 +1963,7 @@ File Upload Vulnerability SQLI + Download (dl_id) SQL Injection Vulnerability @@ -1748,6 +1971,7 @@ File Upload Vulnerability SQLI + Sniplets 1.1.2 (RFI/XSS/RCE) Multiple Vulnerabilities @@ -1755,6 +1979,7 @@ File Upload Vulnerability MULTI + Photo album Remote SQL Injection Vulnerability @@ -1762,6 +1987,7 @@ File Upload Vulnerability SQLI + Simple Forum 2.0-2.1 SQL Injection Vulnerability @@ -1774,6 +2000,7 @@ File Upload Vulnerability SQLI + st_newsletter Remote SQL Injection Vulnerability @@ -1786,6 +2013,7 @@ File Upload Vulnerability SQLI + Wordspew Remote SQL Injection Vulnerability @@ -1793,6 +2021,7 @@ File Upload Vulnerability SQLI + dmsguestbook 1.7.0 Multiple Remote Vulnerabilities @@ -1800,6 +2029,7 @@ File Upload Vulnerability MULTI + WassUp 1.4.3 (spy.php to_date) SQL Injection Exploit @@ -1807,6 +2037,7 @@ File Upload Vulnerability SQLI + Adserve 0.2 adclick.php SQL Injection Exploit @@ -1814,6 +2045,7 @@ File Upload Vulnerability SQLI + plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability @@ -1821,6 +2053,7 @@ File Upload Vulnerability SQLI + WP-Cal 0.3 editevent.php SQL Injection Vulnerability @@ -1828,6 +2061,7 @@ File Upload Vulnerability SQLI + plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability @@ -1840,6 +2074,7 @@ File Upload Vulnerability SQLI + Wp-FileManager 1.2 Remote Upload Vulnerability @@ -1847,6 +2082,7 @@ File Upload Vulnerability UPLOAD + PictPress <= 0.91 Remote File Disclosure Vulnerability @@ -1854,6 +2090,7 @@ File Upload Vulnerability LFI + BackUp<= 0.4.2b RFI Vulnerability @@ -1862,6 +2099,7 @@ File Upload Vulnerability /wp-content/plugins/BackUp/Archive.php?bkpwp_plugin_path=XXpathXX + plugin myflash <= 1.00 (wppath) RFI Vulnerability @@ -1870,6 +2108,7 @@ File Upload Vulnerability /wp-content/plugins/myflash/myflash-button.php?wpPATH=XXpathXX + plugin wordTube <= 1.43 (wpPATH) RFI Vulnerability @@ -1878,6 +2117,7 @@ File Upload Vulnerability /wp-content/plugins/wordtube/wordtube-button.php?wpPATH=XXpathXX + plugin wp-Table <= 1.43 (inc_dir) RFI Vulnerability @@ -1886,6 +2126,7 @@ File Upload Vulnerability /wp-content/plugins/wp-table/js/wptable-button.phpp?wpPATH=XXpathXX + myGallery <= 1.4b4 Remote File Inclusion Vulnerability @@ -1894,6 +2135,7 @@ File Upload Vulnerability /mygallery/myfunctions/mygallerybrowser.php?myPath=XXpathXX + SendIt plugin <= 1.5.9 Blind SQL Injection Vulnerability @@ -1901,6 +2143,7 @@ File Upload Vulnerability SQLI + Js-appointment plugin <= 1.5 SQL Injection Vulnerability @@ -1908,6 +2151,7 @@ File Upload Vulnerability SQLI + MM Forms Community <= 1.2.3 SQL Injection Vulnerability @@ -1920,6 +2164,7 @@ File Upload Vulnerability UPLOAD + Super CAPTCHA plugin <= 2.2.4 SQL Injection Vulnerability @@ -1927,6 +2172,7 @@ File Upload Vulnerability SQLI + Collision Testimonials plugin <= 3.0 SQL Injection Vulnerability @@ -1934,6 +2180,7 @@ File Upload Vulnerability SQLI + Oqey Headers plugin <= 0.3 SQL Injection Vulnerability @@ -1941,6 +2188,7 @@ File Upload Vulnerability SQLI + Facebook Promotions plugin <= 1.3.3 SQL Injection Vulnerability @@ -1948,6 +2196,7 @@ File Upload Vulnerability SQLI + Evarisk plugin <= 5.1.3.6 SQL Injection Vulnerability @@ -1960,6 +2209,7 @@ File Upload Vulnerability UPLOAD + Profiles plugin <= 2.0 RC1 SQL Injection Vulnerability @@ -1967,6 +2217,7 @@ File Upload Vulnerability SQLI + mySTAT plugin <= 2.6 SQL Injection Vulnerability @@ -1974,6 +2225,7 @@ File Upload Vulnerability SQLI + SH Slideshow plugin <= 3.1.4 SQL Injection Vulnerability @@ -1981,6 +2233,7 @@ File Upload Vulnerability SQLI + iCopyright(R) Article Tools plugin <= 1.1.4 SQL Injection Vulnerability @@ -1988,6 +2241,7 @@ File Upload Vulnerability SQLI + Advertizer plugin <= 1.0 SQL Injection Vulnerability @@ -1995,6 +2249,7 @@ File Upload Vulnerability SQLI + Event Registration plugin <= 5.44 SQL Injection Vulnerability @@ -2012,6 +2267,7 @@ File Upload Vulnerability SQLI + Craw Rate Tracker plugin <= 2.0.2 SQL Injection Vulnerability @@ -2019,6 +2275,7 @@ File Upload Vulnerability SQLI + wp audio gallery playlist plugin <= 0.12 SQL Injection Vulnerability @@ -2026,6 +2283,7 @@ File Upload Vulnerability SQLI + yolink Search plugin <= 1.1.4 SQL Injection Vulnerability @@ -2033,6 +2291,7 @@ File Upload Vulnerability SQLI + PureHTML plugin <= 1.0.0 SQL Injection Vulnerability @@ -2040,6 +2299,7 @@ File Upload Vulnerability SQLI + Couponer plugin <= 1.2 SQL Injection Vulnerability @@ -2047,6 +2307,7 @@ File Upload Vulnerability SQLI + grapefile plugin <= 1.1 Arbitrary File Upload @@ -2054,6 +2315,7 @@ File Upload Vulnerability UPLOAD + image-gallery-with-slideshow plugin <= 1.5 Arbitrary File Upload / SQL Injection @@ -2061,6 +2323,7 @@ File Upload Vulnerability MULTI + Donation plugin <= 1.0 SQL Injection Vulnerability @@ -2068,6 +2331,7 @@ File Upload Vulnerability SQLI + WP Bannerize plugin <= 2.8.6 SQL Injection Vulnerability @@ -2080,6 +2344,7 @@ File Upload Vulnerability SQLI + SearchAutocomplete plugin <= 1.0.8 SQL Injection Vulnerability @@ -2087,6 +2352,7 @@ File Upload Vulnerability SQLI + VideoWhisper Video Presentation plugin <= 1.1 SQL Injection Vulnerability @@ -2094,6 +2360,7 @@ File Upload Vulnerability SQLI + Facebook Opengraph Meta plugin <= 1.0 SQL Injection Vulnerability @@ -2101,6 +2368,7 @@ File Upload Vulnerability SQLI + Zotpress plugin <= 4.4 SQL Injection Vulnerability @@ -2108,6 +2376,7 @@ File Upload Vulnerability SQLI + oQey Gallery plugin <= 0.4.8 SQL Injection Vulnerability @@ -2115,6 +2384,7 @@ File Upload Vulnerability SQLI + Tweet Old Post plugin <= 3.2.5 SQL Injection Vulnerability @@ -2122,6 +2392,7 @@ File Upload Vulnerability SQLI + post highlights plugin <= 2.2 SQL Injection Vulnerability @@ -2129,6 +2400,7 @@ File Upload Vulnerability SQLI + KNR Author List Widget plugin <= 2.0.0 SQL Injection Vulnerability @@ -2136,6 +2408,7 @@ File Upload Vulnerability SQLI + SCORM Cloud plugin <= 1.0.6.6 SQL Injection Vulnerability @@ -2143,6 +2416,7 @@ File Upload Vulnerability SQLI + Eventify - Simple Events plugin <= 1.7.f SQL Injection Vulnerability @@ -2150,6 +2424,7 @@ File Upload Vulnerability SQLI + Paid Downloads plugin <= 2.01 SQL Injection Vulnerability @@ -2157,6 +2432,7 @@ File Upload Vulnerability SQLI + Community Events plugin <= 1.2.1 SQL Injection Vulnerability @@ -2164,6 +2440,7 @@ File Upload Vulnerability SQLI + 1 Flash Gallery Arbiraty File Upload Exploit (MSF) @@ -2171,6 +2448,7 @@ File Upload Vulnerability UPLOAD + WP-Filebase Download Manager plugin <= 0.2.9 SQL Injection Vulnerability @@ -2178,6 +2456,7 @@ File Upload Vulnerability SQLI + A to Z Category Listing plugin <= 1.3 SQL Injection Vulnerability @@ -2185,6 +2464,7 @@ File Upload Vulnerability SQLI + WP e-Commerce plugin <= 3.8.6 SQL Injection Vulnerability @@ -2192,6 +2472,7 @@ File Upload Vulnerability SQLI + Filedownload 0.1 (download.php) Remote File Disclosure Vulnerability @@ -2199,6 +2480,7 @@ File Upload Vulnerability LFI + TheCartPress <= 1.6 Cross Site Sripting @@ -2212,6 +2494,7 @@ File Upload Vulnerability /wp-content/plugins/thecartpress/checkout/CheckoutEditor.php?tcp_save_fields=true&tcp_class_name=asdf&tcp_class_path=XXpathXX + WPEasyStats 1.8 Remote File Inclusion @@ -2220,6 +2503,7 @@ File Upload Vulnerability /wp-content/plugins/wpeasystats/export.php?homep=XXpathXX + Annonces 1.2.0.0 Remote File Inclusion @@ -2228,6 +2512,7 @@ File Upload Vulnerability /wp-content/plugins/annonces/includes/lib/photo/uploadPhoto.php?abspath=XXpathXX + Livesig 0.4 Remote File Inclusion @@ -2237,6 +2522,7 @@ File Upload Vulnerability wp-root=XXpathXX&action=asdf + Disclosure Policy 1.0 Remote File Inclusion @@ -2245,6 +2531,7 @@ File Upload Vulnerability /wp-content/plugins/disclosure-policy-plugin/functions/action.php?delete=asdf&blogUrl=asdf&abspath=XXpathXX + Mailing List 1.3.2 Remote File Inclusion @@ -2258,6 +2545,7 @@ File Upload Vulnerability UNKNOWN + Zingiri Web Shop 2.2.0 Remote File Inclusion @@ -2271,6 +2559,7 @@ File Upload Vulnerability RCE + Mini Mail Dashboard Widget 1.36 Remote File Inclusion @@ -2283,6 +2572,7 @@ File Upload Vulnerability XSS + Relocate Upload 0.14 Remote File Inclusion @@ -2291,6 +2581,7 @@ File Upload Vulnerability /wp-content/plugins/relocate-upload/relocate-upload.php?ru_folder=asdf&abspath=XXpathXX + Category Grid View Gallery plugin 0.1.1 Shell Upload vulnerability @@ -2298,6 +2589,7 @@ File Upload Vulnerability UPLOAD + Auto Attachments plugin 0.2.9 Shell Upload vulnerability @@ -2305,6 +2597,7 @@ File Upload Vulnerability UPLOAD + WP Marketplace plugin 1.1.0 Shell Upload vulnerability @@ -2312,6 +2605,7 @@ File Upload Vulnerability UPLOAD + DP Thumbnail plugin 1.0 Shell Upload vulnerability @@ -2319,6 +2613,7 @@ File Upload Vulnerability UPLOAD + Vk Gallery plugin 1.1.0 Shell Upload vulnerability @@ -2326,6 +2621,7 @@ File Upload Vulnerability UPLOAD + Rekt Slideshow plugin 1.0.5 Shell Upload vulnerability @@ -2333,6 +2629,7 @@ File Upload Vulnerability UPLOAD + CAC Featured Content plugin 0.8 Shell Upload vulnerability @@ -2340,6 +2637,7 @@ File Upload Vulnerability UPLOAD + Rent A Car plugin 1.0 Shell Upload vulnerability @@ -2347,6 +2645,7 @@ File Upload Vulnerability UPLOAD + LISL Last Image Slider plugin 1.0 Shell Upload vulnerability @@ -2354,6 +2653,7 @@ File Upload Vulnerability UPLOAD + Islidex plugin 2.7 Shell Upload vulnerability @@ -2361,6 +2661,7 @@ File Upload Vulnerability UPLOAD + Kino Gallery plugin 1.0 Shell Upload vulnerability @@ -2368,6 +2669,7 @@ File Upload Vulnerability UPLOAD + Cms Pack plugin 1.3 Shell Upload vulnerability @@ -2375,6 +2677,7 @@ File Upload Vulnerability UPLOAD + A Gallery plugin 0.9 Shell Upload vulnerability @@ -2382,6 +2685,7 @@ File Upload Vulnerability UPLOAD + Category List Portfolio Page plugin 0.9 Shell Upload vulnerability @@ -2389,6 +2693,7 @@ File Upload Vulnerability UPLOAD + Really Easy Slider plugin 0.1 Shell Upload vulnerability @@ -2396,6 +2701,7 @@ File Upload Vulnerability UPLOAD + Verve Meta Boxes plugin 1.2.8 Shell Upload vulnerability @@ -2403,6 +2709,7 @@ File Upload Vulnerability UPLOAD + User Avatar plugin 1.3.7 shell upload vulnerability @@ -2410,6 +2717,7 @@ File Upload Vulnerability UPLOAD + Extend plugin 1.3.7 Shell Upload vulnerability @@ -2417,6 +2725,7 @@ File Upload Vulnerability UPLOAD + AdRotate plugin <= 3.6.5 SQL Injection Vulnerability @@ -2429,6 +2738,7 @@ File Upload Vulnerability SQLI + WP-SpamFree 3.2.1 Spam SQL Injection Vulnerability @@ -2436,6 +2746,7 @@ File Upload Vulnerability SQLI + GD Star Rating plugin <= 1.9.10 SQL Injection @@ -2448,6 +2759,7 @@ File Upload Vulnerability SQLI + Contact Form plugin <= 2.7.5 SQL Injection @@ -2455,6 +2767,7 @@ File Upload Vulnerability SQLI + WP Photo Album Plus <= 4.1.1 SQL Injection @@ -2462,6 +2775,7 @@ File Upload Vulnerability SQLI + BackWPUp 2.1.4 Code Execution @@ -2474,6 +2788,7 @@ File Upload Vulnerability RCE + portable-phpMyAdmin < 1.3.1 Authentication Bypass @@ -2481,5 +2796,6 @@ File Upload Vulnerability AUTHBYPASS + diff --git a/data/wp_theme_vulns.xml b/data/wp_theme_vulns.xml index 84f4f1c0..90c9f987 100644 --- a/data/wp_theme_vulns.xml +++ b/data/wp_theme_vulns.xml @@ -18,10 +18,24 @@ You should have received a copy of the GNU General Public License along with this program. If not, see . This file contains vulnerabilities associated with WordPress themes. - TYPE = ["SQLI", "MULTI", "REDIRECT", "RCE", "RFI", "LFI", "UPLOAD", "UNKNOWN", "XSS"] + TYPE = ["SQLI", "MULTI", "REDIRECT", "RCE", "RFI", "LFI", "UPLOAD", "UNKNOWN", "XSS", "FPD"] --> + + + + moneymasters Full Path Disclosure vulnerability + http://1337day.com/exploit/20077 + FPD + + + moneymasters File Upload Vulnerability (metasploit) + http://1337day.com/exploit/20076 + UPLOAD + + + XSS vulnerability in Imediapixel premium WordPress themes