WAF Rules v.3.12 Released

We are pleased to announce that new updated WAF rulesets version 3.12 were released to production.

Changelog

Switched to block-stored XSS vulnerability in Live Chat with Facebook Messenger plugin for WordPress
SQLi vulnerability in the Ajax Load More 5.3.1 plugin for WordPress
Stored XSS vulnerability in the Visualizer plugin for WordPress (CVE-2019-16931)
SSRF vulnerability in the Visualizer plugin for WordPress (CVE-2019-16932)
Unauthorized reset settings in the LiveChat <= 3.7.2 plugin for WordPress
Unauthorized update settings in the LiveChat <= 3.7.2 plugin for WordPress
XSS in the LiveChat <= 3.7.2 plugin for WordPress
WordPress GDPR Compliance plugin - Unauthorized option update
WordPress Blog Designer Persistent Cross-Site Scripting (XSS) Vulnerability
WordPress WP Private Content Plus plugin - unauthenticated options change (CVE-2019-15816)

Jun 3, 2020 1:36:53 PM

We are pleased to announce that new updated WAF rulesets version 3.12 were released to production.

Switched to block-stored XSS vulnerability in Live Chat with Facebook Messenger plugin for WordPress
SQLi vulnerability in the Ajax Load More 5.3.1 plugin for WordPress
Stored XSS vulnerability in the Visualizer plugin for WordPress (CVE-2019-16931)
SSRF vulnerability in the Visualizer plugin for WordPress (CVE-2019-16932)
Unauthorized reset settings in the LiveChat <= 3.7.2 plugin for WordPress
Unauthorized update settings in the LiveChat <= 3.7.2 plugin for WordPress
XSS in the LiveChat <= 3.7.2 plugin for WordPress
WordPress GDPR Compliance plugin - Unauthorized option update
WordPress Blog Designer Persistent Cross-Site Scripting (XSS) Vulnerability
WordPress WP Private Content Plus plugin - unauthenticated options change (CVE-2019-15816)