Imunify360 Blog

WAF Rules v.3.22 Released

Written by Inessa Atmachian | Jul 24, 2020 3:47:37 PM

 

We are pleased to announce that new updated WAF rulesets version 3.22 were released to production.

New protection rules

  • WordPress plugin Adning Advertising - Unauthenticated Arbitrary File Upload leading to Remote Code Execution
  • WordPress plugin All in One SEO Pack - Authenticated Stored Cross-Site Scripting
  • Unauthenticated SQL Injection in Payment Form For Paypal Pro < 1.1.65
  • Block spam via Avia Layaut Builder generated forms

Updated rules

  • Arbitrary File Upload vulnerability in the ReFlex Gallery plugin before 3.1.4 for WordPress