Update CVE-2024-27954.yaml

http/cves/2024/CVE-2024-27954.yaml

@@ -1,14 +1,19 @@
 id: CVE-2024-27954
 
 info:
-  name: WordPress Automatic plugin - Arbitrary File Download and SSRF
+  name: WordPress Automatic Plugin <3.92.1 - Arbitrary File Download and SSRF
   author: iamnoooob,rootxharsh,pdresearch
   severity: critical
   description: |
-    Unauthenticated Arbitrary File Download and SSRF. Located in the downloader.php file, this vulnerability also discovered by Rafie Muhammad, could permit attackers to download any file from a site. Sensitive data, including login credentials and backup files, could fall into the wrong hands. Thankfully, this vulnerability too has been patched in version 3.92.1.
+    WordPress Automatic plugin <3.92.1 is vulnerable to unauthenticated Arbitrary File Download and SSRF Located in the downloader.php file, could permit attackers to download any file from a site. Sensitive data, including login credentials and backup files, could fall into the wrong hands. This vulnerability has been patched in version 3.92.1.
   reference:
     - https://securityonline.info/40000-sites-exposed-wordpress-plugin-update-critical-cve-2024-27956-cve-2024-27954/#google_vignette
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27954
+  classification:
+    cve-id: CVE-2024-27954
+  metadata:
+    max-request: 1
+    verified: true
   tags: cve,cve2024,wp,wordpress,wp-plugin,lfi,ssrf
 
 http: