diff --git a/cves/2019/CVE-2019-15889.yaml b/cves/2019/CVE-2019-15889.yaml
index 0f46219cb3..c3835a62a8 100644
--- a/cves/2019/CVE-2019-15889.yaml
+++ b/cves/2019/CVE-2019-15889.yaml
@@ -4,7 +4,10 @@ info:
   name: WordPress Plugin Download Manager 2.9.93 - Reflected Cross-Site Scripting (XSS)
   author: daffainfo
   severity: medium
-  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15889
+  description: The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter.
+  reference: 
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15889
+    - https://www.cybersecurity-help.cz/vdb/SB2019041819
   tags: cve,cve2019,wordpress,xss,wp-plugin
 
 requests: