Imunify360 Blog

WAF Rules v.3.13 Released

Written by Inessa Atmachian | Jun 5, 2020 9:04:39 AM

We are pleased to announce that new updated WAF rulesets version 3.13 were released to production.

Changelog

  • XSS Vulnerability in WPeMatico RSS Feed Fetcher plugin for WordPress
  • XSS in the WP-Piwik plugin for WordPress
  • WordPress bbPress < 2.6.5 - Privilege Escalation
  • Redirect from login page in WordPress
  • Newspaper WordPress Theme - Privilege Escalation (CVE-2016-10972)
  • WordPress Coming Soon Page & Maintenance Mode plugin - Unauthenticated stored XSS