Overview for rules released by Trustwave SpiderLabs in January for ModSecurity Commercial Rules package. The rules are available for versions 2.9.x and 3.x of ModSecurity.
ModSecurity Commercial Rules detect attacks or classes of attacks on web applications and their components as well as provide virtual patches for public vulnerabilities.
Release Summary
- WordPress Plugin WP E-Signature < 1.5.6.8 Unauthenticated Arbitrary File Upload to RCE
- WordPress Plugin Simple Job Board < 2.9.4 Directory Traversal CVE-2020-35749
- WordPress Plugin WP Paginate < 2.1.4 Authenticated Stored XSS
- Oracle WebLogic Server 14.1.1.0 Authenticated RCE CVE-2021-2109
- WordPress Plugin Doneren met Mollie < 2.8.5 Unauthorised CSV Export to Sensitive Data Disclosure
- WordPress Plugin Stripe Payments 2.0.39 Authenticated Stored XSS
- ZyXEL Secret Backdoor Account CVE-2020-29583
- WordPress Plugin Orbit Fox by ThemeIsle < 2.10.3 Authenticated Stored XSS
- WooCommerce Gift Cards 3.0.2 - File Upload to RCE CVE-2020-35627
- WordPress Plugin Simple Social Buttons < 3.2.1 Reflected XSS
- WordPress Plugin LiteSpeed Cache 3.6 - server_ip XSS
How to Update
All the rules released this month are available for download and can be configured using the ModSecurity Dashboard. The rules are associated with the default profile and enabled for all licensed servers. To verify the rules were successfully downloaded by ModSecurity, log in to the ModSecurity Dashboard and verify the server "Last seen" date, which indicates the last successful download for the specified server.