<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">

WAF Rules v.2.98 Released

Apr 8, 2020 5:28:33 PM / by Inessa Atmachian

 

WAF-minor-release1

We are pleased to announce that new updated WAF rulesets version 2.98 were released to production.

Changelog

  • Added a rule for Remote SQL Injection Vulnerability in Lokomedia CMS
  • Added a rule for WordPress Plugin WPvivid Backup < 0.9.36 - Missing Authorization CSRF
  • Added rules for WordPress Plugin WPvivid Backup < 0.9.36 - Missing Authorization Auth Bypass
  • Added a rule for WordPress Plugin Data Tables Generator By Supsystic < 1.9.92 - Multiple Vulnerabilities
  • Added a rule for Arbitrary File Read In dompdf
  • Added rules for Wordpress Plugin IMPress for IDX Broker < 2.6.2 - Authenticated Post Creation, Modification, and Deletion
  • Added a rule for Unauthenticated RCE via Outdated PHPUnit
  • Added a rule for WordPress Plugin  RegistrationMagic - Authenticated Privilege Escalation
  • Added a rule for WordPress Plugin RegistrationMagic - CSRF vulnerability
  • Added a rule for WordPress Plugin RegistrationMagic - SQLi vulnerability
  • Added a rule for Block Joomla spam via web contact
  • Added a rule for WordPress CMS bot reconnaissance
  • Added a rule for Joomla! Component GMapFP 3.30 - Arbitrary File Upload
  • Added a rule for WordPress Plugin Templates Importer For Responsive < 2.2.6 - Unprotected AJAX Endpoints

Topics: WAF, ModSecurity, Release

Inessa Atmachian

Written by Inessa Atmachian

Inessa Atmachian is a Technical Writer. She is responsible for developing technical product documentation for CloudLinux OS, KernelCare, and Imunify360 products. She provides customers with release notes and information on product updates.