diff --git a/http/cves/2017/CVE-2017-18487.yaml b/http/cves/2017/CVE-2017-18487.yaml index 926024fd2c..4964940189 100644 --- a/http/cves/2017/CVE-2017-18487.yaml +++ b/http/cves/2017/CVE-2017-18487.yaml @@ -16,7 +16,8 @@ info: metadata: max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/adsense-plugin/" + tags: cve,cve2017,wordpress,wpscan,wp-plugin,xss,bws-adpush,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18490.yaml b/http/cves/2017/CVE-2017-18490.yaml index f8b1fa792f..8c4a45b6b9 100644 --- a/http/cves/2017/CVE-2017-18490.yaml +++ b/http/cves/2017/CVE-2017-18490.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18490 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/contact-form-multi/" + tags: cve,cve2017,wordpress,bws-contact-form,wpscan,wp-plugin,xss,authenticated,contact-form-multi http: - raw: diff --git a/http/cves/2017/CVE-2017-18491.yaml b/http/cves/2017/CVE-2017-18491.yaml index 819704a17b..a1aa844c0a 100644 --- a/http/cves/2017/CVE-2017-18491.yaml +++ b/http/cves/2017/CVE-2017-18491.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18491 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/contact-form-plugin/" + tags: cve,cve2017,wordpress,bws,contact-form,wpscan,wp-plugin,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18492.yaml b/http/cves/2017/CVE-2017-18492.yaml index 9df72e932d..aef401a1bc 100644 --- a/http/cves/2017/CVE-2017-18492.yaml +++ b/http/cves/2017/CVE-2017-18492.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18492 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/contact-form-to-db/" + tags: cve,cve2017,wordpress,wpscan,bws-contact-form,wp-plugin,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18493.yaml b/http/cves/2017/CVE-2017-18493.yaml index 6aca67c678..b42e47bdc6 100644 --- a/http/cves/2017/CVE-2017-18493.yaml +++ b/http/cves/2017/CVE-2017-18493.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18493 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/custom-admin-page/" + tags: cve,cve2017,wordpress,bws-adminpage,wpscan,wp-plugin,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18494.yaml b/http/cves/2017/CVE-2017-18494.yaml index a380cc08ff..441aac6870 100644 --- a/http/cves/2017/CVE-2017-18494.yaml +++ b/http/cves/2017/CVE-2017-18494.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18494 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/custom-search-plugin/" + tags: cve,cve2017,wordpress,bws-custom-search,wpscan,wp-plugin,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18496.yaml b/http/cves/2017/CVE-2017-18496.yaml index ffdcda91ae..e45b9748ad 100644 --- a/http/cves/2017/CVE-2017-18496.yaml +++ b/http/cves/2017/CVE-2017-18496.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18496 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/htaccess/" + tags: cve,cve2017,wordpress,wpscan,bws-htaccess,wp-plugin,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18500.yaml b/http/cves/2017/CVE-2017-18500.yaml index 037c0d7601..0a9dddee28 100644 --- a/http/cves/2017/CVE-2017-18500.yaml +++ b/http/cves/2017/CVE-2017-18500.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18500 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/social-buttons-pack/" + tags: cve,cve2017,wordpress,wpscan,bws-social-buttons,wp-plugin,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18501.yaml b/http/cves/2017/CVE-2017-18501.yaml index e00eced354..7529366476 100644 --- a/http/cves/2017/CVE-2017-18501.yaml +++ b/http/cves/2017/CVE-2017-18501.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18501 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwwww-query: "/wp-content/plugins/social-login-bws/" + tags: cve,cve2017,wordpress,wpscan,bws-social-login,wp-plugin,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18502.yaml b/http/cves/2017/CVE-2017-18502.yaml index 518b564bbf..01b78766a8 100644 --- a/http/cves/2017/CVE-2017-18502.yaml +++ b/http/cves/2017/CVE-2017-18502.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18502 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/subscriber/" + tags: cve,cve2017,wordpress,wpscan,bws-subscribers,wp-plugin,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18505.yaml b/http/cves/2017/CVE-2017-18505.yaml index 20382b7d5b..04d217abdc 100644 --- a/http/cves/2017/CVE-2017-18505.yaml +++ b/http/cves/2017/CVE-2017-18505.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18505 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/twitter-plugin/" + tags: cve,cve2017,wordpress,wpscan,bws-twitter,wp-plugin,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18516.yaml b/http/cves/2017/CVE-2017-18516.yaml index 23459db81e..027079fe30 100644 --- a/http/cves/2017/CVE-2017-18516.yaml +++ b/http/cves/2017/CVE-2017-18516.yaml @@ -6,6 +6,7 @@ info: severity: medium description: | The bws-linkedin plugin before 1.0.5 for WordPress has multiple XSS issues. + remediation: Fixed in version 1.0.5 reference: - https://wpscan.com/vulnerability/efd816c3-90d4-40bf-850a-0e4c1a756694 - https://nvd.nist.gov/vuln/detail/CVE-2017-18516 @@ -14,9 +15,10 @@ info: classification: cve-id: CVE-2017-18516 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/bws-linkedin/" + tags: cve,cve2017,wordpress,wp-plugin,wpscan,bws-linkedin,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18517.yaml b/http/cves/2017/CVE-2017-18517.yaml index 7d59099181..79707666f2 100644 --- a/http/cves/2017/CVE-2017-18517.yaml +++ b/http/cves/2017/CVE-2017-18517.yaml @@ -6,6 +6,7 @@ info: severity: medium description: | The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS issues. + remediation: Fixed in version 1.0.5 reference: - https://wpscan.com/vulnerability/efd816c3-90d4-40bf-850a-0e4c1a756694 - https://nvd.nist.gov/vuln/detail/CVE-2017-18517 @@ -16,7 +17,8 @@ info: metadata: max-request: 2 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/bws-pinterest/" + tags: cve,cve2017,wordpress,wpscan,bws-pinterest,wp-plugin,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18518.yaml b/http/cves/2017/CVE-2017-18518.yaml index 322f4e8980..16061960d0 100644 --- a/http/cves/2017/CVE-2017-18518.yaml +++ b/http/cves/2017/CVE-2017-18518.yaml @@ -6,6 +6,7 @@ info: severity: medium description: | The bws-smtp plugin before 1.1.0 for WordPress has multiple XSS issues. + remediation: Fixed in version 1.1.0 reference: - https://wpscan.com/vulnerability/efd816c3-90d4-40bf-850a-0e4c1a756694 - https://nvd.nist.gov/vuln/detail/CVE-2017-18518 @@ -16,7 +17,8 @@ info: metadata: max-request: 2 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwwww-query: "/wp-content/plugins/bws-smtp/" + tags: cve,cve2017,wordpress,wp-plugin,wpscan,bws-smtp,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18527.yaml b/http/cves/2017/CVE-2017-18527.yaml index b60c659231..96f2a0f5ba 100644 --- a/http/cves/2017/CVE-2017-18527.yaml +++ b/http/cves/2017/CVE-2017-18527.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18527 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/pagination/" + tags: cve,cve2017,wordpress,wp-plugin,wpscan,bws-pagination,bws-xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18528.yaml b/http/cves/2017/CVE-2017-18528.yaml index 3a3937b7c6..5788222238 100644 --- a/http/cves/2017/CVE-2017-18528.yaml +++ b/http/cves/2017/CVE-2017-18528.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18528 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicewww-query: "/wp-content/plugins/pdf-print/" + tags: cve,cve2017,wordpress,wp-plugin,bws-pdf-print,wpscan,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18529.yaml b/http/cves/2017/CVE-2017-18529.yaml index 6cfff8fa25..a268b8fb94 100644 --- a/http/cves/2017/CVE-2017-18529.yaml +++ b/http/cves/2017/CVE-2017-18529.yaml @@ -16,7 +16,8 @@ info: metadata: max-request: 2 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/promobar/" + tags: cve,cve2017,wordpress,wp-plugin,bws-promobar,wpscan,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18530.yaml b/http/cves/2017/CVE-2017-18530.yaml index 3683aa6df5..accafcf41c 100644 --- a/http/cves/2017/CVE-2017-18530.yaml +++ b/http/cves/2017/CVE-2017-18530.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18530 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/rating-bws/" + tags: cve,cve2017,wordpress,wp-plugin,bws-rating,wpscan,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18532.yaml b/http/cves/2017/CVE-2017-18532.yaml index 9ee8789dcb..07dbfedb62 100644 --- a/http/cves/2017/CVE-2017-18532.yaml +++ b/http/cves/2017/CVE-2017-18532.yaml @@ -16,7 +16,8 @@ info: metadata: max-request: 2 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/realty/" + tags: cve,cve2017,wordpress,wp-plugin,bws-realty,wpscan,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18537.yaml b/http/cves/2017/CVE-2017-18537.yaml index b1baf92a2f..14f103632b 100644 --- a/http/cves/2017/CVE-2017-18537.yaml +++ b/http/cves/2017/CVE-2017-18537.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18537 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicewww-query: "/wp-content/plugins/visitors-online/" + tags: cve,cve2017,wordpress,wp-plugin,bws-visitors-online,wpscan,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18542.yaml b/http/cves/2017/CVE-2017-18542.yaml index 05ba3de250..0456d05884 100644 --- a/http/cves/2017/CVE-2017-18542.yaml +++ b/http/cves/2017/CVE-2017-18542.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18542 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/zendesk-help-center/" + tags: cve,cve2017,wordpress,wp-plugin,bws-zendesk,wpscan,xss,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18556.yaml b/http/cves/2017/CVE-2017-18556.yaml index b1b332dc95..659f966158 100644 --- a/http/cves/2017/CVE-2017-18556.yaml +++ b/http/cves/2017/CVE-2017-18556.yaml @@ -6,6 +6,7 @@ info: severity: medium description: | The bws-google-analytics plugin before 1.7.1 for WordPress has multiple XSS issues. + remediation: Fixed in version 1.7.1 reference: - https://wpscan.com/vulnerability/efd816c3-90d4-40bf-850a-0e4c1a756694 - https://nvd.nist.gov/vuln/detail/CVE-2017-18556 @@ -14,9 +15,10 @@ info: classification: cve-id: CVE-2017-18556 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/bws-google-analytics/" + tags: cve,cve2017,wordpress,wp-plugin,xss,bws-google-analytics,wpscan,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18557.yaml b/http/cves/2017/CVE-2017-18557.yaml index f7a0c93936..ea52383c76 100644 --- a/http/cves/2017/CVE-2017-18557.yaml +++ b/http/cves/2017/CVE-2017-18557.yaml @@ -6,6 +6,7 @@ info: severity: medium description: | The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS issues. + remediation: Fixed in version 1.3.6 reference: - https://wpscan.com/vulnerability/efd816c3-90d4-40bf-850a-0e4c1a756694 - https://nvd.nist.gov/vuln/detail/CVE-2017-18557 @@ -14,9 +15,10 @@ info: classification: cve-id: CVE-2017-18557 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/bws-google-maps/" + tags: cve,cve2017,wordpress,wp-plugin,xss,bws-google-maps,wpscan,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18558.yaml b/http/cves/2017/CVE-2017-18558.yaml index 08a6b03652..feda07f8b8 100644 --- a/http/cves/2017/CVE-2017-18558.yaml +++ b/http/cves/2017/CVE-2017-18558.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18558 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/bws-testimonials/" + tags: cve,cve2017,wordpress,wp-plugin,xss,bws-testimonials,wpscan,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18562.yaml b/http/cves/2017/CVE-2017-18562.yaml index 9aa1f4fafc..b3fce36459 100644 --- a/http/cves/2017/CVE-2017-18562.yaml +++ b/http/cves/2017/CVE-2017-18562.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18562 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/error-log-viewer/" + tags: cve,cve2017,wordpress,wp-plugin,xss,bws-error-log,wpscan,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18564.yaml b/http/cves/2017/CVE-2017-18564.yaml index 0fdb8095a6..cb6b208120 100644 --- a/http/cves/2017/CVE-2017-18564.yaml +++ b/http/cves/2017/CVE-2017-18564.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18564 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/sender/" + tags: cve,cve2017,wordpress,wp-plugin,xss,bws-sender,wpscan,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18565.yaml b/http/cves/2017/CVE-2017-18565.yaml index a6e3e0d670..c7e7d1bf94 100644 --- a/http/cves/2017/CVE-2017-18565.yaml +++ b/http/cves/2017/CVE-2017-18565.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18565 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/updater/" + tags: cve,cve2017,wordpress,wp-plugin,xss,bws-updater,wpscan,authenticated http: - raw: diff --git a/http/cves/2017/CVE-2017-18566.yaml b/http/cves/2017/CVE-2017-18566.yaml index d81fc9dd69..66a23116b0 100644 --- a/http/cves/2017/CVE-2017-18566.yaml +++ b/http/cves/2017/CVE-2017-18566.yaml @@ -14,9 +14,10 @@ info: classification: cve-id: CVE-2017-18566 metadata: - max-request: 2 + max-request: 3 verified: true - tags: cve,cve2017,wordpress,wp-plugin,xss,authenticated + publicwww-query: "/wp-content/plugins/user-role/" + tags: cve,cve2017,wordpress,wp-plugin,xss,bws-user-role,wpscan,authenticated http: - raw: