added flow

http/cves/2024/CVE-2024-0881.yaml

@@ -12,24 +12,38 @@ info:
     - https://github.com/fkie-cad/nvd-json-data-feeds
   classification:
     epss-score: 0.00043
-    epss-percentile: 0.08256
+    epss-percentile: 0.08268
   metadata:
+    verified: true
     max-request: 1
-    publicwww-query: "/wp-content/plugins/post-grid/"
+    publicwww-query: "/wp-content/plugins/user-meta/"
   tags: cve,cve2023,wpscan,wordpress,wp-plugin,unauth
+flow: http(1) && http(2)
 
 http:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/user-meta/readme.txt'
+
+    matchers:
+      - type: word
+        internal: true
+        words:
+          - 'User Profile Builder'
+
   - method: GET
     path:
       - "{{BaseURL}}/wp-admin/admin-ajax.php?action=post_grid_paginate_ajax_free"
       - "{{BaseURL}}/wp-admin/admin-ajax.php?action=post_grid_ajax_search_free"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
         words:
           - '"html"'
           - '"<div class='
+          - '"pagination":'
         condition: and
 
       - type: status