Fixes CVE data

2021/24xxx/CVE-2021-24153.json

@@ -3,7 +3,7 @@
     "ID": "CVE-2021-24153",
     "ASSIGNER": "contact@wpscan.com",
     "STATE": "PUBLIC",
-    "TITLE": "Yoast SEO <= 3.4.0 - Authenticated Stored Cross-Site Scripting (XSS)"
+    "TITLE": "Yoast SEO < 3.4.1 - Authenticated Stored Cross-Site Scripting (XSS)"
   },
   "data_format": "MITRE",
   "data_type": "CVE",
@@ -38,7 +38,7 @@
     "description_data": [
       {
         "lang": "eng",
-        "value": "The changelog reads: \"Fixes a stored XSS issue in the Yoast SEO metabox. Thanks Hammad Shamsi for reporting and responsibly disclosing this issue.\""
+        "value": "A Stored Cross-Site Scripting vulnerability was discovered in the Yoast SEO WordPress plugin before 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several functions such as alert but bypasses were found."
       }
     ]
   },

2021/24xxx/CVE-2021-24160.json

@@ -13,7 +13,7 @@
     "vendor": {
       "vendor_data": [
         {
-          "vendor_name": "TODO",
+          "vendor_name": "ExpressTech",
           "product": {
             "product_data": [
               {
@@ -29,7 +29,7 @@
                 }
               },
               {
-                "product_name": "",
+                "product_name": "Responsive Menu Pro",
                 "version": {
                   "version_data": [
                     {
@@ -50,7 +50,7 @@
     "description_data": [
       {
         "lang": "eng",
-        "value": "\"A subscriber could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu// directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site.\""
+        "value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site."
       }
     ]
   },

2021/24xxx/CVE-2021-24161.json

@@ -13,7 +13,7 @@
     "vendor": {
       "vendor_data": [
         {
-          "vendor_name": "TODO",
+          "vendor_name": "ExpressTech",
           "product": {
             "product_data": [
               {
@@ -29,7 +29,7 @@
                 }
               },
               {
-                "product_name": "",
+                "product_name": "Responsive Menu Pro",
                 "version": {
                   "version_data": [
                     {
@@ -50,7 +50,7 @@
     "description_data": [
       {
         "lang": "eng",
-        "value": "\"Attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site.\""
+        "value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site."
       }
     ]
   },

2021/24xxx/CVE-2021-24162.json

@@ -13,7 +13,7 @@
     "vendor": {
       "vendor_data": [
         {
-          "vendor_name": "TODO",
+          "vendor_name": "ExpressTech",
           "product": {
             "product_data": [
               {
@@ -29,7 +29,7 @@
                 }
               },
               {
-                "product_name": "",
+                "product_name": "Responsive Menu Pro",
                 "version": {
                   "version_data": [
                     {
@@ -50,7 +50,7 @@
     "description_data": [
       {
         "lang": "eng",
-        "value": "\"Attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an attacker to inject payloads that could aid in further infection of the site.\""
+        "value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an attacker to inject payloads that could aid in further infection of the site."
       }
     ]
   },

2021/24xxx/CVE-2021-24164.json

@@ -38,7 +38,7 @@
     "description_data": [
       {
         "lang": "eng",
-        "value": "Low-level users, such as subscribers, were able to trigger the action, wp_ajax_nf_oauth, and retrieve the connection url needed to establish a connection. They could also retrieve the client_id for an already established OAuth connection."
+        "value": "In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wp_ajax_nf_oauth, and retrieve the connection url needed to establish a connection. They could also retrieve the client_id for an already established OAuth connection."
       }
     ]
   },

2021/24xxx/CVE-2021-24165.json

@@ -38,7 +38,7 @@
     "description_data": [
       {
         "lang": "eng",
-        "value": "The wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place."
+        "value": "In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place."
       }
     ]
   },