Imunify360 Blog

WAF Rules v.3.14 Released

Written by Inessa Atmachian | Jun 10, 2020 2:36:30 PM

 

We are pleased to announce that new updated WAF rulesets version 3.14 were released to production.

Changelog

  • WordPress YellowPencil Visual CSS Style Editor < 7.2.0 - Privilege Escalation
  • Block Combined Attack on Elementor Pro and Ultimate Addons
  • Authentication Bypass in Smart Google Code Inserter before 3.5 plugin for WordPress (CVE-2018-3810)
  • SQLi in Smart Google Code Inserter before 3.5 plugin for WordPress (CVE-2018-3811)
  • Persistent XSS Vulnerability in DELUCKS SEO plugin for WordPress
  • Privilege escalation vulnerability in WordPress ND Shortcodes For Visual Composer plugin
  • iThemes Sync settigs update Vulnerability for WordPress
  • WordPress Post Custom Templates Lite <= 1.6 - Persistent Cross-Site Scripting