We are pleased to announce that new updated WAF rulesets version 3.14 were released to production.
Changelog
- WordPress YellowPencil Visual CSS Style Editor < 7.2.0 - Privilege Escalation
- Block Combined Attack on Elementor Pro and Ultimate Addons
- Authentication Bypass in Smart Google Code Inserter before 3.5 plugin for WordPress (CVE-2018-3810)
- SQLi in Smart Google Code Inserter before 3.5 plugin for WordPress (CVE-2018-3811)
- Persistent XSS Vulnerability in DELUCKS SEO plugin for WordPress
- Privilege escalation vulnerability in WordPress ND Shortcodes For Visual Composer plugin
- iThemes Sync settigs update Vulnerability for WordPress
- WordPress Post Custom Templates Lite <= 1.6 - Persistent Cross-Site Scripting