diff --git a/cves/2022/CVE-2022-4117.yaml b/cves/2022/CVE-2022-4117.yaml
index aec8045015..77b3c18ad6 100644
--- a/cves/2022/CVE-2022-4117.yaml
+++ b/cves/2022/CVE-2022-4117.yaml
@@ -1,11 +1,11 @@
 id: CVE-2022-4117
 
 info:
-  name: IWS Geo Form Fields <= 1.0 - Unauthenticated SQL Injection
+  name: WordPress IWS Geo Form Fields <=1.0 - SQL Injection
   author: theamanrawat
   severity: critical
   description: |
-    The IWS WordPress plugin through 1.0 does not properly escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection.
+    WordPress IWS Geo Form Fields plugin through 1.0 contains a SQL injection vulnerability. The plugin does not properly escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://wpscan.com/vulnerability/1fac3eb4-13c0-442d-b27c-7b7736208193
     - https://wordpress.org/plugins/iws-geo-form-fields/
@@ -36,3 +36,5 @@ requests:
           - 'status_code == 200'
           - 'contains(body, "\"status\":200") && contains(body, "{\"html\":")'
         condition: and
+
+# Enhanced by md on 2023/03/28