Overview for rules released by Trustwave SpiderLabs in May for ModSecurity Commercial Rules package. The rules are available for versions 2.9.x and 3.x of ModSecurity.
ModSecurity Commercial Rules detect attacks or classes of attacks on web applications and their components as well as provide virtual patches for public vulnerabilities.
Release Summary
- WordPress Plugin Bulk Page Creator < 1.1.4 CSRF CVE-2022-1611
- WordPress Plugin WP 2FA < 2.2.1 XSS CVE-2022-1527
- WordPress Plugin StaffList < 3.1.6 CSRF
- WordPress Plugin WP-Invoice <= 4.3.1 XSS CVE-2022-1617
- WordPress Plugin Donate Extra <= 2.02 XSS CVE-2022-1268
- WordPress Plugin Call Now Button < 1.1.2 XSS CVE-2022-1455
- WordPress Plugin Tracked Tweets <= 0.2.9 XSS
- WordPress Plugin ARPrice Lite < 3.6.1 - Unauthenticated SQLi CVE-2022-0867
- WordPress Plugin WPC Smart Wishlist for WooCommerce < 2.9.9 XSS CVE-2022-1465
- WordPress Plugin Ubigeo de Peru < 3.6.4 - Unauthenticated SQLi CVE-2022-0814
- WordPress Plugin Personal Dictionary < 1.3.4 - Unauthenticated SQLi CVE-2022-1013
- WordPress Plugin Metform Elementor Contact Form Builder < 2.1.4 Information Disclosure CVE-2022-1442
- WordPress Plugin MapSVG < 6.2.20 - Unauthenticated SQLi CVE-2022-0592
- WordPress Plugin VikBooking Hotel Booking Engine & PMS < 1.5.8 PHP File Upload CVE-2022-1409
- WordPress Plugin VikBooking Hotel Booking Engine & PMS < 1.5.7 - Stored XSS CVE-2022-1407
- WordPress Plugin Personal Dictionary < 1.3.4 - Unauthenticated SQLi CVE-2022-1013
- WordPress Plugin Popup by Supsystic < 1.10.9 - Unauthenticated Subscriber Information Disclosure CVE-2022-0424
- WordPress Plugin Tatsu builder <=3.3.11 Unauthenticated File Upload CVE-2021-25094
- WordPress Plugin Tatsu builder <=3.3.11 Unauthenticated RCE CVE-2021-25094
How to Update
All the rules released this month are available for download and can be configured using the ModSecurity Dashboard. The rules are associated with the default profile and enabled for all licensed servers. To verify the rules were successfully downloaded by ModSecurity, log in to the ModSecurity Dashboard and verify the server "Last seen" date, which indicates the last successful download for the specified server.