diff --git a/cves/2021/CVE-2021-24875.yaml b/cves/2021/CVE-2021-24875.yaml
index 28e53177ba..dfcad339d8 100644
--- a/cves/2021/CVE-2021-24875.yaml
+++ b/cves/2021/CVE-2021-24875.yaml
@@ -1,12 +1,12 @@
 id: CVE-2021-24875
 
 info:
-  name: eCommerce Product Catalog for WordPress < 3.0.39 - Reflected Cross-Site Scripting
+  name: WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting
   author: r3Y3r53
   severity: medium
   description: |
-    The plugin does not escape the ic-settings-search parameter before outputting it back in the page in an attribute, leading to a Reflected Cross-Site Scripting issue.
-  remediation: Fixed in version 3.0.39
+    WordPress eCommerce Product Catalog plugin before 3.0.39 contains a cross-site scripting vulnerability. The plugin does not escape the ic-settings-search parameter before outputting it back in the page in an attribute. This can allow an attacker to steal cookie-based authentication credentials and launch other attacks.
+  remediation: Fixed in version 3.0.39.
   reference:
     - https://wpscan.com/vulnerability/652efc4a-f931-4668-ae74-a58b288a5715
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24875
@@ -40,3 +40,5 @@ requests:
           - 'contains(body_2, "alert(document.domain)")'
           - 'contains(body_2, "eCommerce Product Catalog")'
         condition: and
+
+# Enhanced by md on 2023/03/13