garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
692c8e27fa6e039be42eddce5c2f8a9aab50766f
wpscan/data/theme_vulns.xml
ethicalhack3r a4656c1837 Fixed stupid mistake where I broke the XML. >.<
2013-03-05 20:42:50 +01:00

1268 lines
40 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!--
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-->
<vulnerabilities xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="vuln.xsd">
<theme name="onepagewebsite">
<vulnerability>
<title>onepagewebsite Full Path Disclosure vulnerability</title>
<reference>http://1337day.com/exploit/20027</reference>
<type>FPD</type>
</vulnerability>
</theme>
<theme name="vithy">
<vulnerability>
<title>vithy Full Path Disclosure vulnerability</title>
<reference>http://1337day.com/exploit/20040</reference>
<type>FPD</type>
</vulnerability>
</theme>
<theme name="appius">
<vulnerability>
<title>appius Full Path Disclosure vulnerability</title>
<reference>http://1337day.com/exploit/20039</reference>
<type>FPD</type>
</vulnerability>
</theme>
<theme name="yvora">
<vulnerability>
<title>yvora Full Path Disclosure vulnerability</title>
<reference>http://1337day.com/exploit/20038</reference>
<type>FPD</type>
</vulnerability>
</theme>
<theme name="shotzz">
<vulnerability>
<title>shotzz Full Path Disclosure vulnerability</title>
<reference>http://1337day.com/exploit/20041</reference>
<type>FPD</type>
</vulnerability>
</theme>
<theme name="moneymasters">
<vulnerability>
<title>moneymasters Full Path Disclosure vulnerability</title>
<reference>http://1337day.com/exploit/20077</reference>
<type>FPD</type>
</vulnerability>
<vulnerability>
<title>moneymasters File Upload Vulnerability (metasploit)</title>
<reference>http://1337day.com/exploit/20076</reference>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="ovum">
<vulnerability>
<title>XSS vulnerability in Imediapixel premium WordPress themes</title>
<reference>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="avanix">
<vulnerability>
<title>XSS vulnerability in Imediapixel premium WordPress themes</title>
<reference>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="ebiz">
<vulnerability>
<title>XSS vulnerability in Imediapixel premium WordPress themes</title>
<reference>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="ecobiz">
<vulnerability>
<title>XSS vulnerability in Imediapixel premium WordPress themes</title>
<reference>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="traject">
<vulnerability>
<title>XSS vulnerability in Parallelus premium WordPress themes</title>
<reference>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="intersect">
<vulnerability>
<title>XSS vulnerability in Parallelus premium WordPress themes</title>
<reference>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="salutation">
<vulnerability>
<title>XSS vulnerability in Parallelus premium WordPress themes</title>
<reference>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="unite">
<vulnerability>
<title>XSS vulnerability in Parallelus premium WordPress themes</title>
<reference>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="shapeless">
<vulnerability>
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
<reference>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="brisk">
<vulnerability>
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
<reference>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="blaze">
<vulnerability>
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
<reference>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="eunice">
<vulnerability>
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
<reference>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="explicit">
<vulnerability>
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
<reference>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="essence">
<vulnerability>
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
<reference>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="paramount">
<vulnerability>
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
<reference>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="picturefactory">
<vulnerability>
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
<reference>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="sparky">
<vulnerability>
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
<reference>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="theagency">
<vulnerability>
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
<reference>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="konzept">
<vulnerability>
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
<reference>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="daisho">
<vulnerability>
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
<reference>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="wise">
<vulnerability>
<title>Site5 Wordpress Themes Email Spoofing</title>
<reference>http://packetstormsecurity.org/files/114750/</reference>
<type>UNKNOWN</type>
</vulnerability>
</theme>
<theme name="webfolio">
<vulnerability>
<title>Site5 Wordpress Themes Email Spoofing</title>
<reference>http://packetstormsecurity.org/files/114750/</reference>
<type>UNKNOWN</type>
</vulnerability>
</theme>
<theme name="colorbold">
<vulnerability>
<title>Site5 Wordpress Themes Email Spoofing</title>
<reference>http://packetstormsecurity.org/files/114750/</reference>
<type>UNKNOWN</type>
</vulnerability>
</theme>
<theme name="rockwell">
<vulnerability>
<title>Site5 Wordpress Themes Email Spoofing</title>
<reference>http://packetstormsecurity.org/files/114750/</reference>
<type>UNKNOWN</type>
</vulnerability>
</theme>
<theme name="xmas">
<vulnerability>
<title>Site5 Wordpress Themes Email Spoofing</title>
<reference>http://packetstormsecurity.org/files/114750/</reference>
<type>UNKNOWN</type>
</vulnerability>
</theme>
<theme name="designpile">
<vulnerability>
<title>Site5 Wordpress Themes Email Spoofing</title>
<reference>http://packetstormsecurity.org/files/114750/</reference>
<type>UNKNOWN</type>
</vulnerability>
</theme>
<theme name="alltuts">
<vulnerability>
<title>Site5 Wordpress Themes Email Spoofing</title>
<reference>http://packetstormsecurity.org/files/114750/</reference>
<type>UNKNOWN</type>
</vulnerability>
</theme>
<theme name="boldy">
<vulnerability>
<title>Site5 Wordpress Themes Email Spoofing</title>
<reference>http://packetstormsecurity.org/files/114750/</reference>
<type>UNKNOWN</type>
</vulnerability>
</theme>
<theme name="simplo">
<vulnerability>
<title>Site5 Wordpress Themes Email Spoofing</title>
<reference>http://packetstormsecurity.org/files/114750/</reference>
<type>UNKNOWN</type>
</vulnerability>
</theme>
<theme name="diary">
<vulnerability>
<title>Site5 Wordpress Themes Email Spoofing</title>
<reference>http://packetstormsecurity.org/files/114750/</reference>
<type>UNKNOWN</type>
</vulnerability>
</theme>
<theme name="journalcrunch">
<vulnerability>
<title>Site5 Wordpress Themes Email Spoofing</title>
<reference>http://packetstormsecurity.org/files/114750/</reference>
<type>UNKNOWN</type>
</vulnerability>
</theme>
<theme name="prosume">
<vulnerability>
<title>Site5 Wordpress Themes Email Spoofing</title>
<reference>http://packetstormsecurity.org/files/114750/</reference>
<type>UNKNOWN</type>
</vulnerability>
</theme>
<theme name="famous">
<vulnerability>
<title>WordPress Famous Theme 2.0.5 Shell Upload</title>
<reference>http://packetstormsecurity.org/files/113842/</reference>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="deep-blue">
<vulnerability>
<title>WordPress Deep-Blue Theme 1.9.2 Arbitrary File Upload Vulnerability</title>
<reference>http://packetstormsecurity.org/files/113843/</reference>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="classipress">
<vulnerability>
<title>WordPress Classipress Theme &lt;= 3.1.4 Stored XSS</title>
<reference>http://www.exploit-db.com/exploits/18053/</reference>
<reference>http://cxsecurity.com/issue/WLB-2011110001</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="merchant">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="smpl">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="drawar">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="sentient">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="whitelight">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="unsigned">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="shelflife">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="olya">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="sliding">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="beveled">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="empire-commerce">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="buro-commerce">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="briefed-commerce">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="wikeasi">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="currents">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="emporium">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="biznizz-commerce">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="kaboodle-commerce">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="inspire-commerce">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="teamster">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="argentum">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="statua-commerce">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="simplicity-commerce">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="canvas-commerce">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="wootique">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="woostore">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="coquette">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="buro">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="swatch">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="announcement">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="empire">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="supportpress">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="editorial">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="statua">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="briefed">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="faultpress">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="kaboodle">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="savinggrace">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="premiere">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="simplicity">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="deliciousmagazine">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="bookclub">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="boldnews">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="placeholder">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="biznizz">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="auld">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="listings">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="elefolio">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="chapters">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="continuum">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="diner">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="skeptical">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="caffeinated">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="crisp">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="sealight">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="estate">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="tma">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="coda">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="inspire">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="apz">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="spectrum">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="diarise">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="boast">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="retreat">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="cityguide">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="canvas">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="postcard">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="delegate">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="mystream">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="optimize">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="backstage">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="bueno">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="digitalfarm">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="headlines">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="therapy">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="rockstar">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="dailyedition">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="object">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="coffeebreak">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="mainstream">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="featurepitch">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="thejournal">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="aperture">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="metamorphosis">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="bloggingstream">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="thestation">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="groovyvideo">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="irresistible">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="cushy">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="wootube">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="abstract">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="busybee">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="blogtheme">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="typebased">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="overeasy">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="snapshot">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="openair">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="freshnews">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="livewire">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="flashnews">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
<vulnerability>
<title>Multiple vulnerabilities in Flash News theme for WordPress</title>
<reference>http://seclists.org/fulldisclosure/2013/Feb/8</reference>
<reference>http://cxsecurity.com/issue/WLB-2013020010</reference>
<type>MULTI</type>
</vulnerability>
</theme>
<theme name="gazette">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="premiumnews">
<vulnerability>
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
<reference>https://gist.github.com/2523147</reference>
<type>RCE</type>
</vulnerability>
</theme>
<theme name="dt-chocolate">
<vulnerability>
<title>Wordpress dt-chocolate Theme Image Open redirect</title>
<reference>http://cxsecurity.com/issue/WLB-2013020011</reference>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Multiple vulnerabilities in Chocolate WP theme for WordPress</title>
<reference>http://seclists.org/fulldisclosure/2013/Jan/215</reference>
<type>MULTI</type>
</vulnerability>
</theme>
<theme name="sandbox">
<vulnerability>
<title>Wordpress theme sandbox Arbitrary File Upload/FD Vulnerability</title>
<reference>http://1337day.com/exploit/20228</reference>
<type>MULTI</type>
</vulnerability>
</theme>
<theme name="clockstone">
<vulnerability>
<title>WordPress Clockstone Theme upload.php Arbitrary File Upload Vulnerability</title>
<reference>http://secunia.com/advisories/51619/</reference>
<type>UPLOAD</type>
</vulnerability>
</theme>
<theme name="archin">
<vulnerability>
<title>WordPress Archin Theme Cross-Site Scripting and Arbitrary File Upload Vulnerabilities</title>
<reference>http://secunia.com/advisories/50711/</reference>
<type>MULTI</type>
</vulnerability>
</theme>
<theme name="purity">
<vulnerability>
<title>WordPress Purity Theme Multiple Cross-Site Scripting Vulnerabilities</title>
<reference>http://secunia.com/advisories/50627/</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="pinboard">
<vulnerability>
<title>Wordpress theme pinboard 1.0.6 XSS</title>
<reference>http://secunia.com/advisories/52079/</reference>
<reference>http://seclists.org/oss-sec/2013/q1/274</reference>
<reference>http://cxsecurity.com/issue/WLB-2013020062</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="montezuma">
<vulnerability>
<title>montezuma &lt;= 1.1.3 XSS in ZeroClipboard.swf</title>
<reference>http://1337day.com/exploit/20396</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="scarlet">
<vulnerability>
<title>scarlet &lt;= 1.1.3 XSS in ZeroClipboard.swf</title>
<reference>http://1337day.com/exploit/20396</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="allure-real-estate-theme-for-placester">
<vulnerability>
<title>allure-real-estate-theme-for-placester &lt;= 0.1.1 XSS in ZeroClipboard.swf</title>
<reference>http://1337day.com/exploit/20396</reference>
<type>XSS</type>
</vulnerability>
</theme>
<theme name="allure-real-estate-theme-for-real-estate">
<vulnerability>
<title>allure-real-estate-theme-for-real-estate &lt;= 0.1.1 XSS in ZeroClipboard.swf</title>
<reference>http://1337day.com/exploit/20396</reference>
<type>XSS</type>
</vulnerability>
</theme>
</vulnerabilities>
Reference in New Issue View Git Blame Copy Permalink