diff --git a/http/cves/2022/CVE-2022-1595.yaml b/http/cves/2022/CVE-2022-1595.yaml
index f151784ca3..52f1cce988 100644
--- a/http/cves/2022/CVE-2022-1595.yaml
+++ b/http/cves/2022/CVE-2022-1595.yaml
@@ -29,21 +29,19 @@ http:
         Host: {{Hostname}}
         Cookie: valid_login_slug=1
 
+      - |
+        HEAD /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+
     matchers-condition: and
     matchers:
-      - type: regex
-        part: header
-        regex:
-          - "Location: ([a-zA-Z0-9_.\\/-]+)"
-          - "wordpress_"
+      - type: dsl
+        dsl:
+          - "status_code_1 == 302"
+          - "contains(header_1, 'wordpress_')"
+          - "contains(header_1, 'Location')"
         condition: and
 
-      - type: word
-        part: header
-        words:
-          - "404.php"
-        negative: true
-
-      - type: status
-        status:
-          - 302
+      - type: dsl
+        dsl:
+          - "status_code_2 != 302"