diff --git a/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml b/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
index eec6c6f958..60be402e20 100644
--- a/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
+++ b/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
@@ -7,7 +7,7 @@ info:
   reference: https://wpscan.com/vulnerability/10192
   description: |
     The Simple File List WordPress plugin was found to be vulnerable to an unauthenticated arbitrary file upload leading to remote code execution. The Python exploit first uploads a file containing PHP code but with a png image file extension. A second request is sent to move (rename) the png file to a PHP file.
-  tags: wordpress,wp-plugin,rce
+  tags: wordpress,wp-plugin,rce,intrusive
 
 requests:
   - raw:
@@ -43,6 +43,7 @@ requests:
       - |
         POST /wp-content/plugins/simple-file-list/ee-file-engine.php HTTP/1.1
         Host: {{Hostname}}
+        X-Requested-With: XMLHttpRequest
         Accept: */*
         Content-Type: application/x-www-form-urlencoded