<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">

WAF Rules v.3.12 Released

WAF-major-release

We are pleased to announce that new updated WAF rulesets version 3.12 were released to production.

Changelog

  • Switched to block-stored XSS vulnerability in Live Chat with Facebook Messenger plugin for WordPress
  • SQLi vulnerability in the Ajax Load More 5.3.1 plugin for WordPress
  • Stored XSS vulnerability in the Visualizer plugin for WordPress (CVE-2019-16931)
  • SSRF vulnerability in the Visualizer plugin for WordPress (CVE-2019-16932)
  • Unauthorized reset settings in the LiveChat <= 3.7.2 plugin for WordPress
  • Unauthorized update settings in the LiveChat <= 3.7.2 plugin for WordPress
  • XSS in the LiveChat <= 3.7.2 plugin for WordPress
  • WordPress GDPR Compliance plugin - Unauthorized option update
  • WordPress Blog Designer Persistent Cross-Site Scripting (XSS) Vulnerability
  • WordPress WP Private Content Plus plugin - unauthenticated options change (CVE-2019-15816)

WAF Rules v.3.12 Released

WAF-major-release

We are pleased to announce that new updated WAF rulesets version 3.12 were released to production.

Changelog

  • Switched to block-stored XSS vulnerability in Live Chat with Facebook Messenger plugin for WordPress
  • SQLi vulnerability in the Ajax Load More 5.3.1 plugin for WordPress
  • Stored XSS vulnerability in the Visualizer plugin for WordPress (CVE-2019-16931)
  • SSRF vulnerability in the Visualizer plugin for WordPress (CVE-2019-16932)
  • Unauthorized reset settings in the LiveChat <= 3.7.2 plugin for WordPress
  • Unauthorized update settings in the LiveChat <= 3.7.2 plugin for WordPress
  • XSS in the LiveChat <= 3.7.2 plugin for WordPress
  • WordPress GDPR Compliance plugin - Unauthorized option update
  • WordPress Blog Designer Persistent Cross-Site Scripting (XSS) Vulnerability
  • WordPress WP Private Content Plus plugin - unauthenticated options change (CVE-2019-15816)
Subscribe to Imunify security Newsletter