Browse code

update googlexmlsitemaps plugin for wordpress

Hanno Böck authored on24/10/2021 09:24:25
Showing1 changed files
... ...
@@ -349,8 +349,8 @@
349 349
   {
350 350
     "name": "Wordpress-GoogleXMLSitemaps",
351 351
     "url": "https://wordpress.org/plugins/google-sitemap-generator/",
352
-    "safe": "4.1.0",
353
-    "vuln": "CVE-2018-16204",
352
+    "safe": "4.1.1",
353
+    "vuln": "https://wordpress.org/plugins/google-sitemap-generator/#developers",
354 354
     "detection": [
355 355
       {
356 356
         "file": "sitemap.php",
Browse code

update wp plugins

Hanno Böck authored on23/10/2021 08:44:07
Showing1 changed files
... ...
@@ -138,8 +138,8 @@
138 138
   {
139 139
     "name": "Wordpress-Jetpack",
140 140
     "url": "https://jetpack.com/",
141
-    "safe": "7.9.1",
142
-    "vuln": "https://jetpack.com/2019/11/19/jetpack-7-9-1-maintenance-security/",
141
+    "safe": "9.8",
142
+    "vuln": "CVE-2021-24374",
143 143
     "detection": [
144 144
       {
145 145
         "file": "jetpack.php",
... ...
@@ -192,8 +192,8 @@
192 192
   {
193 193
     "name": "Wordpress-NextGEN",
194 194
     "url": "https://wordpress.org/plugins/nextgen-gallery/",
195
-    "safe": "3.2.11",
196
-    "vuln": "CVE-2019-14314",
195
+    "safe": "3.5.0",
196
+    "vuln": "CVE-2020-35942",
197 197
     "detection": [
198 198
       {
199 199
         "file": "nggallery.php",
... ...
@@ -322,8 +322,8 @@
322 322
   {
323 323
     "name": "Wordpress-ACF",
324 324
     "url": "https://www.advancedcustomfields.com/",
325
-    "safe": "5.7.12",
326
-    "vuln": "https://wpvulndb.com/vulnerabilities/9347",
325
+    "safe": "5.8.12",
326
+    "vuln": "CVE-2020-36172",
327 327
     "detection": [
328 328
       {
329 329
         "file": "acf.php",
Browse code

update w3 total cache

Hanno Böck authored on19/07/2021 08:58:53
Showing1 changed files
... ...
@@ -111,8 +111,8 @@
111 111
   {
112 112
     "name": "W3 Total Cache",
113 113
     "url": "https://wordpress.org/plugins/w3-total-cache/",
114
-    "safe": "0.9.7.4",
115
-    "vuln": "https://www.cybersecurity-help.cz/vdb/SB2019050701",
114
+    "safe": "2.1.3",
115
+    "vuln": "https://wordpress.org/plugins/w3-total-cache/#developers",
116 116
     "detection": [
117 117
       {
118 118
         "file": "w3-total-cache.php",
Browse code

wp super cache update

Hanno Böck authored on04/07/2021 08:54:31
Showing1 changed files
... ...
@@ -96,9 +96,9 @@
96 96
   {
97 97
     "name": "WP Super Cache",
98 98
     "url": "https://wordpress.org/plugins/wp-super-cache/",
99
-    "safe": "1.6.9",
100
-    "vuln": "https://odd.blog/2019/07/25/wp-super-cache-1-6-9-security-update/",
101
-    "latest": "1.7.0",
99
+    "safe": "1.7.3",
100
+    "vuln": "CVE-2021-24329",
101
+    "latest": "1.7.3",
102 102
     "detection": [
103 103
       {
104 104
         "file": "wp-cache.php",
Browse code

add roundcube carddav plugin

Hanno Böck authored on31/12/2020 17:54:36
Showing1 changed files
... ...
@@ -450,5 +450,25 @@
450 450
         "subdir": 0
451 451
       }
452 452
     ]
453
+  },
454
+  {
455
+    "name": "Roundcube-RCMCardDAV",
456
+    "url": "https://github.com/mstilkerich/rcmcarddav",
457
+    "safe": "4.0.0",
458
+    "vuln": "https://github.com/mstilkerich/rcmcarddav/releases/tag/v4.0.0-alpha1",
459
+    "detection": [
460
+      {
461
+        "file": "carddav.php",
462
+        "variable": "const PLUGIN_VERSION",
463
+        "subdir": 0,
464
+        "note": "4.0.0 and above"
465
+      },
466
+      {
467
+        "file": "carddav_common.php",
468
+        "variable": "RCM CardDAV plugin/",
469
+        "subdir": 0,
470
+        "note": "3.x"
471
+      }
472
+    ]
453 473
   }
454 474
 ]
455 475
\ No newline at end of file
Browse code

contactform7 update

Hanno Böck authored on18/12/2020 10:28:01
Showing1 changed files
... ...
@@ -309,8 +309,8 @@
309 309
   {
310 310
     "name": "Wordpress-ContactForm7",
311 311
     "url": "https://contactform7.com/",
312
-    "safe": "5.0.4",
313
-    "vuln": "CVE-2018-20152",
312
+    "safe": "5.3.2",
313
+    "vuln": "CVE-2020-35489",
314 314
     "detection": [
315 315
       {
316 316
         "file": "wp-contact-form-7.php",
Browse code

wordpress downloadmanager update

Hanno Böck authored on28/11/2020 20:06:51
Showing1 changed files
... ...
@@ -231,8 +231,8 @@
231 231
   {
232 232
     "name": "Wordpress-DownloadManager",
233 233
     "url": "https://wordpress.org/plugins/download-manager/",
234
-    "safe": "2.9.61",
235
-    "vuln": "https://www.exploit-db.com/exploits/43487",
234
+    "safe": "3.1.07",
235
+    "vuln": "https://de.wordpress.org/plugins/download-manager/#developers",
236 236
     "detection": [
237 237
       {
238 238
         "file": "download-manager.php",
Browse code

add wordpress file manager

Hanno Böck authored on03/09/2020 12:01:52
Showing1 changed files
... ...
@@ -437,5 +437,18 @@
437 437
         "subdir": 0
438 438
       }
439 439
     ]
440
+  },
441
+  {
442
+    "name": "Wordpress-File-Manager",
443
+    "url": "https://wordpress.org/plugins/wp-file-manager/",
444
+    "safe": "6.9",
445
+    "vuln": "https://seravo.com/blog/0-day-vulnerability-in-wp-file-manager/",
446
+    "detection": [
447
+      {
448
+        "file": "file_folder_manager.php",
449
+        "variable": "$ver",
450
+        "subdir": 0
451
+      }
452
+    ]
440 453
   }
441 454
 ]
442 455
\ No newline at end of file
Browse code

add bbpress

Hanno Böck authored on01/06/2020 16:44:22
Showing1 changed files
... ...
@@ -424,5 +424,18 @@
424 424
         "subdir": 0
425 425
       }
426 426
     ]
427
+  },
428
+  {
429
+    "name": "bbPress",
430
+    "url": "https://bbpress.org/",
431
+    "safe": "2.6.5",
432
+    "vuln": "CVE-2020-13693",
433
+    "detection": [
434
+      {
435
+        "file": "bbpress.php",
436
+        "variable": "$this->version",
437
+        "subdir": 0
438
+      }
439
+    ]
427 440
   }
428 441
 ]
429 442
\ No newline at end of file
Browse code

add rank math

Hanno Böck authored on02/04/2020 08:39:41
Showing1 changed files
... ...
@@ -411,5 +411,18 @@
411 411
         "subdir": 0
412 412
       }
413 413
     ]
414
+  },
415
+  {
416
+    "name": "Wordpress-SEO-by-Rank-Math",
417
+    "url": "https://rankmath.com/",
418
+    "safe": "1.0.41",
419
+    "vuln": "https://www.wordfence.com/blog/2020/03/critical-vulnerabilities-affecting-over-200000-sites-patched-in-rank-math-seo-plugin/",
420
+    "detection": [
421
+      {
422
+        "file": "rank-math.php",
423
+        "variable": "$version",
424
+        "subdir": 0
425
+      }
426
+    ]
414 427
   }
415 428
 ]
416 429
\ No newline at end of file
Browse code

add allinonewpmigration

Hanno Böck authored on25/03/2020 17:46:03
Showing1 changed files
... ...
@@ -398,5 +398,18 @@
398 398
         "subdir": 0
399 399
       }
400 400
     ]
401
+  },
402
+  {
403
+    "name": "Wordpress-AllinoneWPMigration",
404
+    "url": "https://wordpress.org/plugins/all-in-one-wp-migration/",
405
+    "safe": "7.15",
406
+    "vuln": "https://vavkamil.cz/2020/03/25/all-in-one-wp-migration/",
407
+    "detection": [
408
+      {
409
+        "file": "constants.php",
410
+        "variable": "AI1WM_VERSION",
411
+        "subdir": 0
412
+      }
413
+    ]
401 414
   }
402 415
 ]
403 416
\ No newline at end of file
Browse code

add woocommerce

Hanno Böck authored on24/03/2020 17:42:57
Showing1 changed files
... ...
@@ -385,5 +385,18 @@
385 385
         "subdir": 1
386 386
       }
387 387
     ]
388
+  },
389
+  {
390
+    "name": "Wordpress-WooCommerce",
391
+    "url": "https://woocommerce.com/",
392
+    "safe": "3.9.2",
393
+    "vuln": "https://woocommerce.wordpress.com/2020/02/13/woocommerce-3-9-2-security-release/",
394
+    "detection": [
395
+      {
396
+        "file": "woocommerce.php",
397
+        "variable": "Version:",
398
+        "subdir": 0
399
+      }
400
+    ]
388 401
   }
389 402
 ]
390 403
\ No newline at end of file
Browse code

add themegrill

Hanno Böck authored on24/02/2020 20:13:02
Showing1 changed files
... ...
@@ -372,5 +372,18 @@
372 372
         "subdir": 0
373 373
       }
374 374
     ]
375
+  },
376
+  {
377
+    "name": "Wordpress-ThemegrillDemoImporter",
378
+    "url": "https://wordpress.org/plugins/themegrill-demo-importer/",
379
+    "safe": "1.6.3",
380
+    "vuln": "https://www.openwall.com/lists/oss-security/2020/02/19/1",
381
+    "detection": [
382
+      {
383
+        "file": "class-themegrill-demo-importer.php",
384
+        "variable": "$version",
385
+        "subdir": 1
386
+      }
387
+    ]
375 388
   }
376 389
 ]
377 390
\ No newline at end of file
Browse code

don't use localized wordpress plugin page

Hanno Böck authored on19/12/2019 12:38:47
Showing1 changed files
... ...
@@ -348,7 +348,7 @@
348 348
   },
349 349
   {
350 350
     "name": "Wordpress-GoogleXMLSitemaps",
351
-    "url": "https://de.wordpress.org/plugins/google-sitemap-generator/",
351
+    "url": "https://wordpress.org/plugins/google-sitemap-generator/",
352 352
     "safe": "4.1.0",
353 353
     "vuln": "CVE-2018-16204",
354 354
     "detection": [
Browse code

add wp-duplicatepost

Hanno Böck authored on19/12/2019 12:38:13
Showing1 changed files
... ...
@@ -359,5 +359,18 @@
359 359
         "subdir": 0
360 360
       }
361 361
     ]
362
+  },
363
+  {
364
+    "name": "Wordpress-DuplicatePost",
365
+    "url": "https://wordpress.org/plugins/duplicate-post/",
366
+    "safe": "3.2.4",
367
+    "vuln": "https://packetstormsecurity.com/files/154622/Duplicate-Post-3.2.3-Cross-Site-Scripting.html",
368
+    "detection": [
369
+      {
370
+        "file": "duplicate-post.php",
371
+        "variable": "DUPLICATE_POST_CURRENT_VERSION",
372
+        "subdir": 0
373
+      }
374
+    ]
362 375
   }
363 376
 ]
364 377
\ No newline at end of file
Browse code

update various URLs to https and CVEs, update a few packages

Hanno Böck authored on16/12/2019 20:44:09
Showing1 changed files
... ...
@@ -166,7 +166,7 @@
166 166
     "name": "Wordpress-CustomContact",
167 167
     "url": "https://wordpress.org/plugins/custom-contact-forms/",
168 168
     "safe": "5.1.0.4",
169
-    "vuln": "http://blog.sucuri.net/2014/08/database-takeover-in-custom-contact-forms.html",
169
+    "vuln": "https://blog.sucuri.net/2014/08/database-takeover-in-custom-contact-forms.html",
170 170
     "detection": [
171 171
       {
172 172
         "file": "custom-contact-forms.php",
... ...
@@ -231,8 +231,8 @@
231 231
   {
232 232
     "name": "Wordpress-DownloadManager",
233 233
     "url": "https://wordpress.org/plugins/download-manager/",
234
-    "safe": "2.7.5",
235
-    "vuln": "http://blog.sucuri.net/2014/12/security-advisory-high-severity-wordpress-download-manager.html",
234
+    "safe": "2.9.61",
235
+    "vuln": "https://www.exploit-db.com/exploits/43487",
236 236
     "detection": [
237 237
       {
238 238
         "file": "download-manager.php",
... ...
@@ -258,7 +258,7 @@
258 258
     "name": "Joomla-Googlemaps",
259 259
     "url": "http://joomlacode.org/gf/project/mambot_google1/",
260 260
     "safe": "3.1",
261
-    "vuln": "http://joomlacode.org/gf/project/mambot_google1/news/?id=4119",
261
+    "vuln": "CVE-2013-7428",
262 262
     "detection": [
263 263
       {
264 264
         "file": "plugin_googlemap3.perm",
Browse code

make acf detect pro and free version

Hanno Böck authored on14/12/2019 10:57:21
Showing1 changed files
... ...
@@ -327,7 +327,7 @@
327 327
     "detection": [
328 328
       {
329 329
         "file": "acf.php",
330
-        "variable": "$version",
330
+        "variable": "Version:",
331 331
         "extra_match": "Advanced Custom Fields",
332 332
         "subdir": 0
333 333
       }
Browse code

update and add some wordpress plugins

Hanno Böck authored on14/12/2019 08:53:12
Showing1 changed files
... ...
@@ -283,8 +283,8 @@
283 283
   {
284 284
     "name": "Wordpress-GoogleAnalyticsbyMonsterInsights",
285 285
     "url": "https://wordpress.org/plugins/google-analytics-for-wordpress/changelog/",
286
-    "safe": "5.4.5",
287
-    "vuln": "https://wordpress.org/plugins/google-analytics-for-wordpress/changelog/",
286
+    "safe": "7.2.0",
287
+    "vuln": "https://wpvulndb.com/vulnerabilities/9157/",
288 288
     "detection": [
289 289
       {
290 290
         "file": "googleanalytics.php",
... ...
@@ -305,5 +305,59 @@
305 305
         "subdir": 0
306 306
       }
307 307
     ]
308
+  },
309
+  {
310
+    "name": "Wordpress-ContactForm7",
311
+    "url": "https://contactform7.com/",
312
+    "safe": "5.0.4",
313
+    "vuln": "CVE-2018-20152",
314
+    "detection": [
315
+      {
316
+        "file": "wp-contact-form-7.php",
317
+        "variable": "WPCF7_VERSION",
318
+        "subdir": 0
319
+      }
320
+    ]
321
+  },
322
+  {
323
+    "name": "Wordpress-ACF",
324
+    "url": "https://www.advancedcustomfields.com/",
325
+    "safe": "5.7.12",
326
+    "vuln": "https://wpvulndb.com/vulnerabilities/9347",
327
+    "detection": [
328
+      {
329
+        "file": "acf.php",
330
+        "variable": "$version",
331
+        "extra_match": "Advanced Custom Fields",
332
+        "subdir": 0
333
+      }
334
+    ]
335
+  },
336
+  {
337
+    "name": "Wordpress-Updraftplus",
338
+    "url": "https://updraftplus.com/",
339
+    "safe": "1.13.5",
340
+    "vuln": "CVE-2017-18593",
341
+    "detection": [
342
+      {
343
+        "file": "updraftplus.php",
344
+        "variable": "Version:",
345
+        "subdir": 0
346
+      }
347
+    ]
348
+  },
349
+  {
350
+    "name": "Wordpress-GoogleXMLSitemaps",
351
+    "url": "https://de.wordpress.org/plugins/google-sitemap-generator/",
352
+    "safe": "4.1.0",
353
+    "vuln": "CVE-2018-16204",
354
+    "detection": [
355
+      {
356
+        "file": "sitemap.php",
357
+        "variable": "Version:",
358
+        "extra_match": "Google XML Sitemaps Generator for WordPress",
359
+        "subdir": 0
360
+      }
361
+    ]
308 362
   }
309 363
 ]
310 364
\ No newline at end of file
Browse code

add json db

Hanno Böck authored on11/12/2019 18:39:41
Showing1 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,309 @@
1
+[
2
+  {
3
+    "name": "Serendipity-mycalendar",
4
+    "url": "https://s9y.org",
5
+    "safe": "0.13",
6
+    "vuln": "CVE-2007-6390",
7
+    "detection": [
8
+      {
9
+        "file": "serendipity_event_mycalendar.php",
10
+        "variable": "$propbag->add('version'",
11
+        "subdir": 0
12
+      }
13
+    ]
14
+  },
15
+  {
16
+    "name": "Serendipity-freetag",
17
+    "url": "https://s9y.org",
18
+    "safe": "3.69",
19
+    "vuln": "https://github.com/s9y/additional_plugins/commit/3edecdb7eccc24e0d5c63a3d5702dba54599bda3",
20
+    "detection": [
21
+      {
22
+        "file": "serendipity_event_freetag.php",
23
+        "variable": "$propbag->add('version'",
24
+        "subdir": 0
25
+      }
26
+    ]
27
+  },
28
+  {
29
+    "name": "SquirrelMail-gpg",
30
+    "url": "https://squirrelmail.org/plugin_view.php?id=153",
31
+    "safe": "2.1",
32
+    "vuln": "CVE-2007-3779",
33
+    "detection": [
34
+      {
35
+        "file": "gpg_pref_functions.php",
36
+        "variable": "$GPG_VERSION",
37
+        "subdir": 0
38
+      }
39
+    ]
40
+  },
41
+  {
42
+    "name": "Drupal-Views",
43
+    "url": "https://www.drupal.org/project/views",
44
+    "safe": "2.13",
45
+    "vuln": "CVE-2011-4113",
46
+    "detection": [
47
+      {
48
+        "file": "views.info",
49
+        "variable": "version = \"6.x",
50
+        "subdir": 0
51
+      }
52
+    ]
53
+  },
54
+  {
55
+    "name": "Wordpress-timthumb",
56
+    "url": "https://github.com/GabrielGil/TimThumb",
57
+    "safe": "2.8.14",
58
+    "vuln": "CVE-2014-4663",
59
+    "detection": [
60
+      {
61
+        "file": "timthumb.php",
62
+        "variable": "('VERSION',",
63
+        "subdir": 0,
64
+        "extra_match": "TimThumb"
65
+      }
66
+    ]
67
+  },
68
+  {
69
+    "name": "Wordpress-timthumb-renamed",
70
+    "url": "https://github.com/GabrielGil/TimThumb",
71
+    "safe": "2.8.14",
72
+    "vuln": "CVE-2014-4663",
73
+    "detection": [
74
+      {
75
+        "file": "thumb.php",
76
+        "variable": "('VERSION',",
77
+        "subdir": 0,
78
+        "extra_match": "TimThumb"
79
+      }
80
+    ]
81
+  },
82
+  {
83
+    "name": "Joomla-JCE",
84
+    "url": "https://www.joomlacontenteditor.net/",
85
+    "safe": "2.1",
86
+    "vuln": "CVE-2012-2902",
87
+    "detection": [
88
+      {
89
+        "file": "editor.php",
90
+        "variable": "$_version",
91
+        "subdir": 3,
92
+        "extra_match": "JCE class"
93
+      }
94
+    ]
95
+  },
96
+  {
97
+    "name": "WP Super Cache",
98
+    "url": "https://wordpress.org/plugins/wp-super-cache/",
99
+    "safe": "1.6.9",
100
+    "vuln": "https://odd.blog/2019/07/25/wp-super-cache-1-6-9-security-update/",
101
+    "latest": "1.7.0",
102
+    "detection": [
103
+      {
104
+        "file": "wp-cache.php",
105
+        "variable": "Version:",
106
+        "subdir": 0,
107
+        "extra_match": "Plugin Name: WP Super Cache"
108
+      }
109
+    ]
110
+  },
111
+  {
112
+    "name": "W3 Total Cache",
113
+    "url": "https://wordpress.org/plugins/w3-total-cache/",
114
+    "safe": "0.9.7.4",
115
+    "vuln": "https://www.cybersecurity-help.cz/vdb/SB2019050701",
116
+    "detection": [
117
+      {
118
+        "file": "w3-total-cache.php",
119
+        "variable": "Version:",
120
+        "subdir": 0,
121
+        "extra_match": "Plugin Name: W3 Total Cache"
122
+      }
123
+    ]
124
+  },
125
+  {
126
+    "name": "phpThumb",
127
+    "url": "http://phpthumb.sourceforge.net/",
128
+    "safe": "1.7.10",
129
+    "vuln": "CVE-2010-1598",
130
+    "detection": [
131
+      {
132
+        "file": "phpthumb.class.php",
133
+        "variable": "$phpthumb_version",
134
+        "subdir": 0
135
+      }
136
+    ]
137
+  },
138
+  {
139
+    "name": "Wordpress-Jetpack",
140
+    "url": "https://jetpack.com/",
141
+    "safe": "7.9.1",
142
+    "vuln": "https://jetpack.com/2019/11/19/jetpack-7-9-1-maintenance-security/",
143
+    "detection": [
144
+      {
145
+        "file": "jetpack.php",
146
+        "variable": "JETPACK__VERSION",
147
+        "subdir": 0
148
+      }
149
+    ]
150
+  },
151
+  {
152
+    "name": "Wordpress-MailPoet",
153
+    "url": "https://www.mailpoet.com/",
154
+    "safe": "2.6.8",
155
+    "vuln": "CVE-2014-4726",
156
+    "detection": [
157
+      {
158
+        "file": "base.php",
159
+        "variable": "static $version",
160
+        "subdir": 0,
161
+        "extra_match": "WYSIJA_object"
162
+      }
163
+    ]
164
+  },
165
+  {
166
+    "name": "Wordpress-CustomContact",
167
+    "url": "https://wordpress.org/plugins/custom-contact-forms/",
168
+    "safe": "5.1.0.4",
169
+    "vuln": "http://blog.sucuri.net/2014/08/database-takeover-in-custom-contact-forms.html",
170
+    "detection": [
171
+      {
172
+        "file": "custom-contact-forms.php",
173
+        "variable": "Version",
174
+        "subdir": 0
175
+      }
176
+    ]
177
+  },
178
+  {
179
+    "name": "Wordpress-SliderRevolution",
180
+    "url": "https://revolution.themepunch.com/",
181
+    "safe": "4.2.3",
182
+    "vuln": "CVE-2015-5151",
183
+    "note": "unclear about exact version",
184
+    "detection": [
185
+      {
186
+        "file": "revslider.php",
187
+        "variable": "$revSliderVersion",
188
+        "subdir": 0
189
+      }
190
+    ]
191
+  },
192
+  {
193
+    "name": "Wordpress-NextGEN",
194
+    "url": "https://wordpress.org/plugins/nextgen-gallery/",
195
+    "safe": "3.2.11",
196
+    "vuln": "CVE-2019-14314",
197
+    "detection": [
198
+      {
199
+        "file": "nggallery.php",
200
+        "variable": "NGG_PLUGIN_VERSION",
201
+        "subdir": 0
202
+      }
203
+    ]
204
+  },
205
+  {
206
+    "name": "Wordpress-Akismet",
207
+    "url": "https://wordpress.org/plugins/akismet/",
208
+    "safe": "3.1.5",
209
+    "vuln": "CVE-2015-9357",
210
+    "detection": [
211
+      {
212
+        "file": "akismet.php",
213
+        "variable": "AKISMET_VERSION",
214
+        "subdir": 0
215
+      }
216
+    ]
217
+  },
218
+  {
219
+    "name": "Wordpress-AllInOneSEO",
220
+    "url": "https://semperplugins.com/all-in-one-seo-pack-changelog/",
221
+    "safe": "3.2.7",
222
+    "vuln": "CVE-2019-16520",
223
+    "detection": [
224
+      {
225
+        "file": "all_in_one_seo_pack.php",
226
+        "variable": "define( 'AIOSEOP_VERSION'",
227
+        "subdir": 0
228
+      }
229
+    ]
230
+  },
231
+  {
232
+    "name": "Wordpress-DownloadManager",
233
+    "url": "https://wordpress.org/plugins/download-manager/",
234
+    "safe": "2.7.5",
235
+    "vuln": "http://blog.sucuri.net/2014/12/security-advisory-high-severity-wordpress-download-manager.html",
236
+    "detection": [
237
+      {
238
+        "file": "download-manager.php",
239
+        "variable": "define('WPDM_Version'",
240
+        "subdir": 0
241
+      }
242
+    ]
243
+  },
244
+  {
245
+    "name": "Wordpress-Fancybox",
246
+    "url": "https://wordpress.org/plugins/fancybox-for-wordpress/",
247
+    "safe": "3.0.4",
248
+    "vuln": "CVE-2015-1494",
249
+    "detection": [
250
+      {
251
+        "file": "fancybox.php",
252
+        "variable": "FBFW_VERSION",
253
+        "subdir": 0
254
+      }
255
+    ]
256
+  },
257
+  {
258
+    "name": "Joomla-Googlemaps",
259
+    "url": "http://joomlacode.org/gf/project/mambot_google1/",
260
+    "safe": "3.1",
261
+    "vuln": "http://joomlacode.org/gf/project/mambot_google1/news/?id=4119",
262
+    "detection": [
263
+      {
264
+        "file": "plugin_googlemap3.perm",
265
+        "variable": "<version>",
266
+        "subdir": 0
267
+      }
268
+    ]
269
+  },
270
+  {
271
+    "name": "Wordpress-SEObyYoast",
272
+    "url": "https://wordpress.org/plugins/wordpress-seo/",
273
+    "safe": "11.6.0",
274
+    "vuln": "CVE-2019-13478",
275
+    "detection": [
276
+      {
277
+        "file": "wp-seo-main.php",
278
+        "variable": "WPSEO_VERSION",
279
+        "subdir": 0
280
+      }
281
+    ]
282
+  },
283
+  {
284
+    "name": "Wordpress-GoogleAnalyticsbyMonsterInsights",
285
+    "url": "https://wordpress.org/plugins/google-analytics-for-wordpress/changelog/",
286
+    "safe": "5.4.5",
287
+    "vuln": "https://wordpress.org/plugins/google-analytics-for-wordpress/changelog/",
288
+    "detection": [
289
+      {
290
+        "file": "googleanalytics.php",
291
+        "variable": "GAWP_VERSION",
292
+        "subdir": 0
293
+      }
294
+    ]
295
+  },
296
+  {
297
+    "name": "Wordpress-Captcha",
298
+    "url": "https://wordpress.org/plugins/captcha/",
299
+    "safe": "4.4.5",
300
+    "vuln": "https://www.wordfence.com/blog/2017/12/backdoor-captcha-plugin/",
301
+    "detection": [
302
+      {
303
+        "file": "captcha.php",
304
+        "variable": "Version:",
305
+        "subdir": 0
306
+      }
307
+    ]
308
+  }
309
+]
0 310
\ No newline at end of file