We are pleased to announce that a new updated WAF ruleset version 3.43 has been released to production.
Changelog
- Updated rule id: 77140913 - IM360 WAF: WordPress Satoshi Theme File Upload Vulnerability
- Updated rule id: 77141045 - IM360 WAF: SQLi vulnerability in com_newsfeeds component Joomla!
- Updated rule id: 77141069 - IM360 WAF: WordPress StatTraq 1.3.0 SQL Injection
- Updated rule id: 77141070 - IM360 WAF: WordPress Event-Registration Plugins 5.43 Arbitrary File Upload
- Updated rule id: 77141077 - IM360 WAF: WP Advanced Search < 3.3.4 Unauthenticated Database Access and Remote Code Execution
- Updated rule id: 77142106 - IM360 WAF: WordPress GDPR Compliance plugin - Unauthorized option update (string variant)
- Updated rule id: 77142115 - IM360 WAF: SQLi in Joomla
- Updated rule id: 77142120 - IM360 WAF: Unauthenticated Arbitrary File Upload in the WordPress Plugin Simple File List < 4.2.3
- Updated rule id: 77142121 - IM360 WAF: Unauthenticated Arbitrary File Upload in the WordPress Plugin Simple File List < 4.2.3
- Updated rule id: 77142144 - IM360 WAF: WordPress Blog Designer Persistent Cross-Site Scripting (XSS) Vulnerability
- Updated rule id: 77316726 - IM360 WAF: WordPress plugin wpStoreCart - Unauthenticated Arbitrary File Upload leading to Remote Code Execution
- Updated rule id: 77142262 - IM360 WAF: IOT unauthenticated file upload and RCE
- Updated rule id: 77142267 - IM360 WAF: Special shell symbol in request
- Updated rule id: 77316742 - IM360 WAF: Generic XSS exploitation attempt
- Updated rule id: 77316745 - IM360 WAF: Suspicious url download attempt