From 1a9004fe7a1ae5f49ca1d2d0f3bf3bd015523a60 Mon Sep 17 00:00:00 2001
From: MostInterestingBotInTheWorld
 <98333686+MostInterestingBotInTheWorld@users.noreply.github.com>
Date: Tue, 4 Apr 2023 16:24:16 -0400
Subject: [PATCH] Enhancement: cves/2020/CVE-2020-9043.yaml by md

---
 cves/2020/CVE-2020-9043.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cves/2020/CVE-2020-9043.yaml b/cves/2020/CVE-2020-9043.yaml
index d5ce7f65b4..36db674907 100644
--- a/cves/2020/CVE-2020-9043.yaml
+++ b/cves/2020/CVE-2020-9043.yaml
@@ -1,16 +1,17 @@
 id: CVE-2020-9043
 
 info:
-  name: WordPress wpCentral < 1.5.1 - Improper Access Control to Privilege Escalation
+  name: WordPress wpCentral <1.5.1 - Information Disclosure
   author: scent2d
   severity: high
   description: |
-    The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key for Wordpress Admin Account.
+    WordPress wpCentral plugin before 1.5.1 is susceptible to information disclosure. An attacker can access the  connection key for WordPress Admin account and thus potentially obtain sensitive information, modify data, and/or execute unauthorized operations.
   reference:
     - https://wpscan.com/vulnerability/10074
     - https://www.wordfence.com/blog/2020/02/vulnerability-in-wpcentral-plugin-leads-to-privilege-escalation/
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9043
     - https://wordpress.org/plugins/wp-central/#developers
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-9043
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -70,3 +71,5 @@ requests:
         regex:
           - '_wpnonce=([0-9a-z]+)'
         internal: true
+
+# Enhanced by md on 2023/04/04