Enhancement: cves/2021/CVE-2021-24499.yaml by mp

cves/2021/CVE-2021-24499.yaml

@@ -1,10 +1,10 @@
 id: CVE-2021-24499
 
 info:
-  name: WordPress Workeap - Remote Code Execution
+  name: WordPress Workreap - Remote Code Execution
   author: daffainfo
   severity: critical
-  description: WordPress Workeap theme is susceptible to remote code execution. The AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts.
+  description: WordPress Workreap theme is susceptible to remote code execution. The AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts.
   reference:
     - https://github.com/RyouYoo/CVE-2021-24499
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24499
@@ -49,4 +49,5 @@ requests:
         words:
           - "71abe5077dae2754c36d731cc1534d4d"
 
+
 # Enhanced by mp on 2022/05/16