Enhancement: cves/2022/CVE-2022-0594.yaml by md

cves/2022/CVE-2022-0594.yaml

@@ -1,14 +1,15 @@
 id: CVE-2022-0594
 
 info:
-  name: Shareaholic < 9.7.6 - Information Disclosure
+  name: WordPress Shareaholic <9.7.6 - Information Disclosure
   author: atomiczsec
   severity: medium
-  description: The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v < 9.7.5) and author+ (in v9.7.5) users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc.
+  description: WordPress Shareaholic plugin prior to 9.7.6 is susceptible to information disclosure. The plugin does not have proper authorization check in one of the AJAX actions, available to both unauthenticated (before 9.7.5) and authenticated (in 9.7.5) users, allowing them to possibly obtain sensitive information such as active plugins and different versions (PHP, cURL, WP, etc.).
   reference:
     - https://wpscan.com/vulnerability/4de9451e-2c8d-4d99-a255-b027466d29b1
     - https://wordpress.org/plugins/shareaholic/
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0594
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0594
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -40,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2023/02/01