[Ruleset Engine] Clarify rewrite action

src/content/docs/ruleset-engine/rules-language/actions.mdx

@@ -170,7 +170,7 @@ The available actions depend on the [phase](/ruleset-engine/about/phases/) where
       </td>
       <td>
         <p>
-          Adjusts the URI path, query string, and/or HTTP headers of requests and responses, according to the rule configuration.
+          Rewrites the request (or response) by adjusting the URI path, query string, and/or HTTP request/response headers, according to the rule configuration.
         </p>
         <p>Only available in:</p>
         <ul>

src/content/docs/waf/managed-rules/check-for-exposed-credentials/index.mdx

@@ -27,7 +27,7 @@ The username and password credentials in clear text never leave the Cloudflare n
 
 The WAF can perform one of the following actions when it detects exposed credentials:
 
-- **Exposed-Credential-Check Header**: Adds a new HTTP header to HTTP requests with exposed credentials. Your application at the origin can then force a password reset, start a two-factor authentication process, or perform any other action. The name of the added HTTP header is `Exposed-Credential-Check` and its value is `1`.
+- **Exposed-Credential-Check Header**: Adds a new HTTP header to HTTP requests with exposed credentials. Your application at the origin can then force a password reset, start a two-factor authentication process, or perform any other action. The name of the added HTTP header is `Exposed-Credential-Check` and its value is `1`. The action name is `Rewrite` in [Security Events](/waf/analytics/security-events/paid-plans/).
 
   :::caution
   While the header name is the same as when using the [**Add Leaked Credentials Checks Header** managed transform](/rules/transform/managed-transforms/reference/#add-leaked-credentials-checks-header), the header can have different values when using the managed transform (from `1` to `4`), depending on your Cloudflare plan.