diff --git a/vulnerabilities/wordpress/elementorpage-open-redirect.yaml b/vulnerabilities/wordpress/elementorpage-open-redirect.yaml
index 3e32d9e9d5..5cc57c54a3 100644
--- a/vulnerabilities/wordpress/elementorpage-open-redirect.yaml
+++ b/vulnerabilities/wordpress/elementorpage-open-redirect.yaml
@@ -9,12 +9,35 @@ info:
   tags: wordpress,redirect,wp-plugin,elementor,wp
 
 requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/wp-login.php?action=theplusrp&key=&redirecturl=http://attacker.com&forgoturl=http://attacker.com&login=john"
+  - raw:
+      - |
+        GET /?author=1 HTTP/1.1
+        Host: {{Hostname}}
 
+      - |
+        GET /wp-login.php?action=theplusrp&key=&redirecturl=http://attacker.com&forgoturl=http://attacker.com&login={{username}} HTTP/1.1
+        Host: {{Hostname}}
+
+    redirects: true
     matchers:
       - type: regex
         part: header
         regex:
           - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+
+    extractors:
+      - type: regex
+        part: body
+        name: username
+        internal: true
+        group: 1
+        regex:
+          - 'Author:(?:[A-Za-z0-9 -\_="]+)?<span(?:[A-Za-z0-9 -\_="]+)?>([A-Za-z0-9]+)<\/span>'
+
+      - type: regex
+        part: header
+        name: username
+        internal: true
+        group: 1
+        regex:
+          - 'ion: https:\/\/[a-z0-9.]+\/author\/([a-z]+)\/'