Imunify360 Blog

Beta: WAF Rules Updated

Written by Inessa Atmachian | Mar 11, 2020 5:35:02 AM

 

We are pleased to announce that the new updated WAF rulesets version 2.96 were released to our updates-testing repository.

Changelog

  • Develop rules for WordPress Plugin Participants Database < 1.9.5.6 Authenticated Time Based SQL Injection
  • Develop a rule for WordPress Plugin Registration Magic < 4.6.0.3 Authenticated SQL Injection
  • Develop a rule for WordPress Plugin Huge IT Slider 2.6.8 SQL Injection (CVE-2015-2062)
  • Develop a rule for WordPress Plugin Adminer <= 1.4.5 Security Bypass
  • Develop a rule for WordPress Plugin Htaccess by BestWebSoft <= 1.8.1 CSRF to edit .htaccess
  • Develop rules for WordPress Plugin Ultimate Membership Pro < 8.6.1 Multiple Critical Vulnerabilities
  • Develop a rule for WordPress Plugin contact-form-7 5.1.6 Remote File Upload
  • Develop a rule for Arbitrary file upload in class.upload.php (CVE-2019-19634)