Fixups and manual enhancements

cves/2022/CVE-2022-1329.yaml

@@ -1,16 +1,16 @@
 id: CVE-2022-1329
 
 info:
-  name: Elementor Website Builder - Remote Code Execution Vulnerability
+  name: Elementor Website Builder - Remote Code Execution 
   author: theamanrawat
   severity: high
   description: |
-    The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to obtain remote code execution, in versions 3.6.0 to 3.6.2.
+    The Elementor Website Builder plugin for WordPress versions 3.6.0 to 3.6.2 are vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file. This makes it possible for attackers to modify site data and upload malicious files which can be used to obtain remote code execution.
   reference:
     - https://www.wordfence.com/blog/2022/04/elementor-critical-remote-code-execution-vulnerability/
     - https://wordpress.org/plugins/elementor/
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-1329
     - https://plugins.trac.wordpress.org/changeset/2708766/elementor/trunk/core/app/modules/onboarding/module.php
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1329
   remediation: Fixed in version 3.6.3
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
@@ -72,3 +72,5 @@ requests:
         part: body_4
         words:
           - '5f9bc5edd71c78284dabe630df8cd71d'
+
+# Enhanced by cs 03/31/2023

cves/2022/CVE-2022-3908.yaml

@@ -5,7 +5,7 @@ info:
   author: theamanrawat
   severity: medium
   description: |
-    WordPress Helloprint plugin before 1.4.7 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. 
+    WordPress Helloprint plugin before 1.4.7 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   remediation: Fixed in version 1.4.7.
   reference:
     - https://wpscan.com/vulnerability/c44802a0-8cbe-4386-9523-3b6cb44c6505

osint/flipboard.yaml

@@ -29,5 +29,3 @@ requests:
           - ") on Flipboard"
 
 # Enhanced by md on 2023/03/15
-
-# Enhanced by cs 03/17/2023

osint/mod-db.yaml

@@ -29,5 +29,3 @@ requests:
           - "joined <time"
 
 # Enhanced by md on 2023/03/15
-
-# Enhanced by cs 03/17/2023

osint/poweredbygaysocial-mastodon-instance.yaml

@@ -29,5 +29,3 @@ requests:
           - "display_name"
 
 # Enhanced by md on 2023/03/15
-
-# Enhanced by cs 03/17/2023

osint/redbubble.yaml

@@ -29,5 +29,3 @@ requests:
           - "Shop | Redbubble"
 
 # Enhanced by md on 2023/03/15
-
-# Enhanced by cs 03/17/2023

osint/tmdb.yaml

@@ -31,5 +31,3 @@ requests:
           - 200
 
 # Enhanced by md on 2023/03/15
-
-# Enhanced by cs 03/17/2023