WAF Rules v.3.15 Released

We are pleased to announce that new updated WAF rulesets version 3.15 were released to production.

Changelog

Block spam via newsletter
Unauthenticated settings update in WP Inventory Manager plugin for WordPress
CSRF Vulnerability in LiveChat plugin for WordPress
Stored XSS Vulnerability in LiveChat plugin for WordPress
Stored XSS Vulnerability in WP Quick Booking Manager plugin for WordPress
Persistent XSS Vulnerability in private content plus plugin for WordPress
Persistent XSS Vulnerability in WP Quick Booking Manager plugin for WordPress
Persistent XSS Vulnerability in Travelpayouts plugin for WordPress
Unauthenticated update arbitrary option WP Total Donations Plugin for WordPress (CVE-2019-6703)
WordPress PageLayer <= 1.1.1 - Unprotected AJAX endpoints

Jun 12, 2020 6:56:21 AM

We are pleased to announce that new updated WAF rulesets version 3.15 were released to production.

Block spam via newsletter
Unauthenticated settings update in WP Inventory Manager plugin for WordPress
CSRF Vulnerability in LiveChat plugin for WordPress
Stored XSS Vulnerability in LiveChat plugin for WordPress
Stored XSS Vulnerability in WP Quick Booking Manager plugin for WordPress
Persistent XSS Vulnerability in private content plus plugin for WordPress
Persistent XSS Vulnerability in WP Quick Booking Manager plugin for WordPress
Persistent XSS Vulnerability in Travelpayouts plugin for WordPress
Unauthenticated update arbitrary option WP Total Donations Plugin for WordPress (CVE-2019-6703)
WordPress PageLayer <= 1.1.1 - Unprotected AJAX endpoints