From 4cc6b3bdb099dce0f94caa14db65a32a7572c043 Mon Sep 17 00:00:00 2001
From: Noam Rathaus <noamr@beyondsecurity.com>
Date: Tue, 27 Apr 2021 09:42:41 +0300
Subject: [PATCH 1/2] Reduce FP due to not actually execution of the PHP but
 rather it being returned as is (the content)

---
 vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml b/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
index 9484adff46..4224ce939d 100644
--- a/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
+++ b/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
@@ -63,6 +63,8 @@ requests:
       - type: word
         words:
           - 'Nuclei - Open source project (github.com/projectdiscovery/nuclei)'
+          - "PHP Version"
+          - "Configuration Command"
         part: body
       - type: word
         words:

From 427f99b0c1b6a073718a5eacfff6a6117c971069 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <cyberbossprince@gmail.com>
Date: Tue, 27 Apr 2021 15:25:28 +0530
Subject: [PATCH 2/2] Update wordpress-rce-simplefilelist.yaml

---
 vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml b/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
index 4224ce939d..5215139461 100644
--- a/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
+++ b/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
@@ -66,6 +66,7 @@ requests:
           - "PHP Version"
           - "Configuration Command"
         part: body
+        condition: and
       - type: word
         words:
           - 'text/html'