Imunify360 Blog

WAF Rules v.4.03 Released

Written by Inessa Atmachian | Aug 12, 2021 3:07:38 PM

We are pleased to announce that a new updated WAF ruleset version 4.03 has been released.

Changelog

  • Updated rule id: 77140975 - IM360 WAF: WordPress theme DesignFolio Plus Arbitrary File Upload vulnerability
  • Updated rule id: 77140977 - IM360 WAF: WordPress theme Evo Arbitrary File Upload vulnerability
  • Updated rule id: 77140979 - IM360 WAF: WordPress theme Gallery Pro Arbitrary File Upload vulnerability
  • Updated rule id: 77140990 - IM360 WAF: WordPress Plugin InfiniteWP Auth Bypass vulnerability
  • Updated rule id: 77222770 - IM360 WAF: Directory traversal vulnerability in K2 component 2.8.0 for Joomla (CVE-2018-7482)
  • Updated rule id: 77140993 - IM360 WAF: WordPress Plugin InfiniteWP Auth Bypass vulnerability (local)
  • Updated rule id: 77141047 - IM360 WAF: WordPress WPML < 4.3.7 - Authenticated CSRF leading to RCE
  • Updated rule id: 77210801 - IM360 WAF: Request Indicates a Security Scanner Scanned the Site
  • Updated rule id: 77316859 - IM360 WAF: HTTP/1.1 POST request missing Content-Length Header
  • Updated rule id: 77316875 - IM360 WAF: Missing input validation within the template manager in Joomla! v3.2.0-v3.9.24 (CVE-2021-23131)