updated info

http/cves/2019/CVE-2019-17574.yaml

@@ -1,24 +1,25 @@
 id: CVE-2019-17574
 
 info:
-  name: Popup-Maker < 1.8.12 - Webserver Configuration Disclosure
+  name: Popup-Maker < 1.8.12 - Broken Authentication
   author: DhiyaneshDK
   severity: critical
   description: |
     An issue was discovered in the Popup Maker plugin before 1.8.13 for WordPress. An unauthenticated attacker can partially control the arguments of the do_action function to invoke certain popmake_ or pum_ methods, as demonstrated by controlling content and delivery of popmake-system-info.txt (aka the "support debug text file").
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-17574
     - https://wpscan.com/vulnerability/9907
     - https://web.archive.org/web/20191128065954/https://blog.redyops.com/wordpress-plugin-popup-maker/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-17574
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
+    cve-id: CVE-2019-17574
     cvss-score: 9.1
     cwe-id: CWE-639
   metadata:
-    max-request: 1
-    publicwww-query: "/wp-content/plugins/popup-maker/"
+    max-request: 2
     verified: true
-  tags: cve,cve2019,wp,wordpress,wp-plugin,disclosure,popup-maker
+    publicwww-query: "/wp-content/plugins/popup-maker/"
+  tags: cve,cve2019,wp,wordpress,wp-plugin,disclosure,popup-maker,auth-bypass
 
 http:
   - raw: