Release Notes

ModSecurity Rules Update

Malware Experts – ModSecurity Rules

Read our FAQ how we updating our rules.

2024.03.05 – 1.0.86
– Unauthenticated Remote Code Execution – WordPress Plugin – Bricks <= 1.9.6 2024.02.15 – 1.0.85
– Core rules update
2024.02.08 – 1.0.84
– Unauthenticated Stored XSS – Popup Builder (WordPress)
2024.01.09 – 1.0.83
– New Core rules (Prevent WordPress FAKE Plugins install and execution)
2023.11.15 – 1.0.82
– 0-Day: Unauthenticated SQL Injection Vulnerability Addressed in WP Fastest Cache 1.2.2
2023.07.04 – 1.0.81
– Core rules update
2022.05.01 – 1.0.80
– New Core rules (Prevent PHP scripts from running in the media folders)
2023.03.31 – 1.0.79
– 0-Day: WordPress Elementor Pro plugin
2023.01.20 – 1.0.78
– Core rules update (Optimization)
2022.04.05 – 1.0.77
– New Core rules (Block Malwares)
2022.03.12 – 1.0.76
– Block malicious plugins for WordPress
2021.12.30 – 1.0.75
– New Core rules (Older browser detection)
Removed, cause too many false’s. Reload http daemon to get new rules!
2021.12.24 – 1.0.74
– Unauthenticated Privilege Escalation – All in One SEO Plugin (WordPress)
2021.12.12 – 1.0.73
– 0-Day: Apache – Remote Command Execution: Log4j CVE-2021-44228
2021.11.02 – 1.0.72
– New Core rules (File upload protection)
2021.10.07 – 1.0.71
– 0-Day: Apache 2.4.49 – Path Travelsal CVE-2021-41773
2021.07.01 – 1.0.70
– Core rules update (New WordPress protections)
2021.05.18 – 1.0.69
– Core rules update (Malware rules)
2021.03.11 – 1.0.68
– 0-Day: Privilege Escalation (WordPress Plugin – The Plus Addons for Elementor)
2021.02.01 – 1.0.67
– Core rules update (New wordpress rules & Malware rules)
2020.12.08 – 1.0.66
– 0-Day: Easy WP SMTP (Reset Admin password)
2020.11.26 – 1.0.65
– Core rules optimisation
2020.10.14 – 1.0.64
– 0-Day: Remote Code Execution (Nette Application – CVE-2020-15227)
2020.10.11 – 1.0.63
– New Core rules (Protocol Attacks)
2020.09.25 – 1.0.62
– Core rules update – Prevent PHP scripts from running in the CSS folders
2020.09.02 – 1.0.61
– 0-Day: Arbitrary File Upload Vulnerability (WordPress Plugin – File Manager Plugin)
2020.08.05 – 1.0.60
Cross-Site Scripting (XSS) & a PHP Object Injection – Newsletter Plugin (WordPress)
2020.07.27 – 1.0.59
– Core rules update – Prevent PHP scripts from running in the image folders
2020.07.04 – 1.0.0 (extra rules)
– Released new rules ReCaptcha (Protection to WordPress & Joomla login page).
2020.06.10 – 1.0.58
– Unauthenticated Privilege Escalation – bbPress Plugin (WordPress)
2020.02.18 – 1.0.57
– 0-Day: Resets the site’s content to zero – ThemeGrill Demo Importer Plugin (WordPress)
2020.01.29 – 1.0.56
– Core rules update – Prevent upload php.ini & .htaccess files
2019.09.26 – 1.0.55
– 0-Day: Remote Code Execution – vBulletin 5.x pre-auth
2019.07.30 – 1.0.54
– Remode Code Execution – (CVE-2017-9841)
2019.05.04 – 1.0.53
– SQL Core rules optimisation
2019.04.03 – 1.0.52
– New Core rules (and WordPress optimisation)
2019.03.22 – 1.0.51
– 0-Day: Full Disclosure of Settings – Social Warfare plugin (WordPress)
2019.03.20 – 1.0.50
– 0-Day: Remote Code Execution – Easy WP SMTP plugin (WordPress)
2019.03.06 – 1.0.49
– Remode Code Execution – (Drupal – SA-CORE-2019-003 / CVE-2019-6340)
2019.03.02 – 1.0.48
– Core rules optimisation (WordPress optimisation)
2019.02.25 – 1.0.47
– Denial Of Service (DOS) attack – (Joomla contact component)
2018.11.09 – 1.0.46
– 0-Day – WP GDPR Compliance (WordPress)
2018.10.26 – 1.0.45
– Core rules fixes (Fix false positives)
2018.10.10 – 1.0.44
– Core rules optimisation
2018.09.28 – 1.0.43
– Core rules optimisation (WordPress optimisation)
2018.08.27 – 1.0.42
– Core rules optimisation
2018.07.20 – 1.0.41
– Remote Code Execution – (Modx Revolution < 2.6.4)
2018.05.02 – 1.0.40
– Remode Code Execution – (Drupal – SA-CORE-2018-004 / CVE-2018-7602)
2018.04.16 – 1.0.39
– Remode Code Execution – (Drupal – SA-CORE-2018-002 / CVE-2018-7600)
2018.04.09 – 1.0.38
– Arbitrary File Upload Vulnerability (Joomla plugin – B2j Contact)
2018.03.09 – 1.0.37
– Denial Of Service (DOS) attack – (WordPress – CVE-2018-6389)
2018.01.31 – 1.0.36
– Core rules optimisation
2017.12.19 – 1.0.35
– Remote File Download – (WordPress Creation Kit Api – unserialize)
2017.11.20 – 1.0.34
– Remote Code Execution – (WordPress Plugin – Formidable Forms / Shortcodes Ultimate)
2017.11.07 – 1.0.33
– Arbitrary File Upload Vulnerability (WordPress Plugin – Facebook Like Box)
2017.10.15 – 1.0.32
– Remote File Download – (WordPress Plugin – Ultimate Form Builder Lite)
2017.10.05 – 1.0.31
– Empty User-Agent – WordPress protection
2017.08.26 – 1.0.30
– Core rules optimisation
2017.07.29 – 1.0.29
– User Agent – Visbot
2017.07.10 – 1.0.28
– Core rules optimisation
2017.06.20 – 1.0.27
– Remote Code Execution – Hidden wp_cookie Cookie (WordPress)
2017.05.18 – 1.0.26
– SQL Injection Vulnerability – Joomla 3.7 (core)
2017.03.13 – 1.0.25
– Remote File Download (WordPress Plugin – WP Power Stats)
2017.02.28 – 1.0.24
– SQL Injection Vulnerability – WordPress NextGEN Gallery
2017.02.21 – 1.0.23
– Magento ShopLift
2017.02.05 – 1.0.22
– Content Injection Vulnerability – WordPress 4.7.x (API)
2017.01.14 – 1.0.21
– Arbitrary File Upload Vulnerability – WordPress in Google Forms Plugin
2017.01.10 – 1.0.20
– Arbitrary File Upload Vulnerability – PageLines (WordPress theme)
2016.12.26 – 1.0.19
– Cookie – Remote File Download (WordPress Plugin – Backup & Restore Dropbox)
2016.12.24 – 1.0.18
– Remote Code Execution – WordPress Plugin Marketplace
2016.12.23 – 1.0.17
– Generic fixes
2016.12.22 – 1.0.16
– Arbitrary File Upload Vulnerability – WordPress in Cherry Plugin
2016.12.02 – 1.0.15
– PHP Command Shell (WSO) – Block WP.php prevent Execute
2016.11.29 – 1.0.14
– Arbitrary File Upload Vulnerability – Wpshop
– Arbitrary File Upload Vulnerability – Ultimate Product Catalogue
– Arbitrary File Upload Vulnerability – dzs-zoomsounds
2016.11.24 – 1.0.13
– ModX – ajaxSearchPopup.php Vulnerability
2016.11.06 – 1.0.12
– Arbitrary File Upload Vulnerability – WooCommerce Extra Fields
– Arbitrary File Upload Vulnerability – N-Media Post Front-end Form
– Arbitrary File Upload Vulnerability – WP Marketplace
2016.10.25 – 1.0.11
– 0-Day: Joomla Account Creation (CVE-2016-8870) / Elevated Privileges write-up (CVE-2016-8869)
2016.09.16 – 1.0.10
– 0-Day: cache-db.php
2016.09.16 – 1.0.9
– User Agent pattern Added
2016.08.22 – 1.0.8
– Path traversal vulnerability in WordPress Core Ajax handlers (OVE-20160712-0036)
2016.08.17 – 1.0.7
– PHP__SESSION__PHP
2016.08.09 – 1.0.6
– Cookie – PHP eval
2016.08.06 – 1.0.5
– Generic fixes
2016.07.30 – 1.0.4
PhpMyAdmin Insufficient output sanitizing when generating configuration file.
2016.07.29 – 1.0.3
– Struts 2 Remote command execution (CVE-2013-2251)
2016.07.27 – 1.0.2
– OS command injection attack
2016.07.20 – 1.0.1
httpoxy vulnerable protection

Public release

2016.07.01 – 1.0.0
– First public release (Malware ExpertModSecurity Rules)