From cb1c230e286e16fa44d95f332d765102f1b91822 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Wed, 30 Nov 2022 14:25:47 +0530
Subject: [PATCH] Update CVE-2022-2034.yaml

---
 cves/2022/CVE-2022-2034.yaml | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/cves/2022/CVE-2022-2034.yaml b/cves/2022/CVE-2022-2034.yaml
index bf7f4fac6c..d1707985b2 100644
--- a/cves/2022/CVE-2022-2034.yaml
+++ b/cves/2022/CVE-2022-2034.yaml
@@ -13,26 +13,31 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2022-2034
   classification:
     cve-id: CVE-2022-2034
-  tags: cve,cve2022,wordpress,wp-plugin,wp
+  metadata:
+    verified: true
+  tags: cve,cve2022,wordpress,wp-plugin,wp,disclosure,sensei-lms
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-json/wp/v2/sensei-messages/"
+      - "{{BaseURL}}/wp-json/wp/v2/sensei-messages/0"
 
     matchers-condition: and
     matchers:
-      - type: regex
+      - type: word
+        part: body
+        words:
+          - 'message":"Invalid post ID.'
+          - 'guid":{"rendered":'
+        condition: or
+
+      - type: word
         part: header
-        regex:
-          - '(?i)Location: http(s|):\/\/[\w\.\-]+\/sensei-messages\/\w+'
+        words:
+          - application/json
 
       - type: status
         status:
-          - 301
-
-    extractors:
-      - type: regex
-        part: header
-        regex:
-          - 'sensei-messages\/\w+'
+          - 404
+          - 200
+        condition: or