added missing tags

2022-02-22 19:53:43 +05:30 · 2022-02-22 19:53:43 +05:30 · 736e7427d6
parent 6411ca373f
commit 736e7427d6
8 changed files with 8 additions and 8 deletions
--- a/cves/2021/CVE-2021-25063.yaml
+++ b/cves/2021/CVE-2021-25063.yaml
@ -11,7 +11,7 @@ info:
    cvss-score: 6.10
    cve-id: CVE-2021-25063
    cwe-id: CWE-79
-  tags: wordpress,wp-plugin,xss,contactform,wp,cve,cve2021
+  tags: cve,cve2021wordpress,wp-plugin,xss,contactform,authenticated

 requests:
  - raw:
--- a/cves/2022/CVE-2022-0149.yaml
+++ b/cves/2022/CVE-2022-0149.yaml
@ -11,7 +11,7 @@ info:
    cvss-score: 6.10
    cve-id: CVE-2022-0149
    cwe-id: CWE-79
-  tags: wordpress,wp-plugin,xss,woocommerce,cve,cve2022
+  tags: cve,cve2022,wordpress,wp-plugin,xss,woocommerce,authenticated

 requests:
  - raw:
--- a/vulnerabilities/wordpress/easy-social-feed.yaml
+++ b/vulnerabilities/wordpress/easy-social-feed.yaml
@ -6,7 +6,7 @@ info:
  severity: medium
  description: The plugin does not sanitise and escape a parameter before outputting back in an admin dashboard page, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged admin or editor.
  reference: https://wpscan.com/vulnerability/6dd00198-ef9b-4913-9494-e08a95e7f9a0
-  tags: wordpress,wp-plugin,xss,wp
+  tags: wordpress,wp-plugin,xss,authenticated

 requests:
  - raw:
--- a/vulnerabilities/wordpress/elex-woocommerce-xss.yaml
+++ b/vulnerabilities/wordpress/elex-woocommerce-xss.yaml
@ -6,7 +6,7 @@ info:
  severity: medium
  description: The plugin does not sanitise or escape the search GET parameter before outputting back in the page, leading to a reflected Cross-Site Scripting issue, which will be executed in a logged in admin context.
  reference: https://wpscan.com/vulnerability/647448d6-32c0-4b38-a40a-3b54c55f4e2e
-  tags: wordpress,wp-plugin,xss,wp,woocommerce
+  tags: wordpress,wp-plugin,xss,authenticated,woocommerce

 requests:
  - raw:
--- a/vulnerabilities/wordpress/feedwordpress-xss.yaml
+++ b/vulnerabilities/wordpress/feedwordpress-xss.yaml
@ -6,7 +6,7 @@ info:
  severity: medium
  description: The plugin is affected by a Reflected Cross-Site Scripting (XSS) within the "visibility" parameter.
  reference: https://wpscan.com/vulnerability/7ed050a4-27eb-4ecb-9182-1d8fa1e71571
-  tags: wordpress,wp-plugin,xss,feedwordpress,wp
+  tags: wordpress,wp-plugin,xss,feedwordpress,authenticated

 requests:
  - raw:
--- a/vulnerabilities/wordpress/my-chatbot-xss.yaml
+++ b/vulnerabilities/wordpress/my-chatbot-xss.yaml
@ -6,7 +6,7 @@ info:
  severity: medium
  description: The plugin does not sanitise or escape its tab parameter in the Settings page before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue.
  reference: https://wpscan.com/vulnerability/c0b6f63b-95d1-4782-9554-975d6d7bbd3d
-  tags: wordpress,wp-plugin,xss,wp
+  tags: wordpress,wp-plugin,xss,authenticated

 requests:
  - raw:
--- a/vulnerabilities/wordpress/ninjaform-open-redirect.yaml
+++ b/vulnerabilities/wordpress/ninjaform-open-redirect.yaml
@ -6,7 +6,7 @@ info:
  severity: medium
  description: The wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place.
  reference: https://wpscan.com/vulnerability/6147acf5-e43f-47e6-ab56-c9c8be584818
-  tags: wordpress,redirect,wp-plugin,ninjaform,wp,authenticated
+  tags: wordpress,redirect,wp-plugin,ninjaform,authenticated

 requests:
  - raw:
--- a/vulnerabilities/wordpress/wp-whmcs-xss.yaml
+++ b/vulnerabilities/wordpress/wp-whmcs-xss.yaml
@ -6,7 +6,7 @@ info:
  severity: medium
  description: The plugin does not sanitise and escape the error parameter before outputting it back in admin dashboard, leading to a Reflected Cross-Site Scripting
  reference: https://wpscan.com/vulnerability/4aae2dd9-8d51-4633-91bc-ddb53ca3471c
-  tags: wordpress,wp-plugin,wp,whmcs,xss
+  tags: wordpress,wp-plugin,authenticated,whmcs,xss

 requests:
  - raw: