Overview for rules released by Trustwave SpiderLabs in March for ModSecurity Commercial Rules package. The rules are available for versions 2.9.x and 3.x of ModSecurity.
ModSecurity Commercial Rules detect attacks or classes of attacks on web applications and their components as well as provide virtual patches for public vulnerabilities.
WordPress Plugin WPvivid Backup and Migration Plugin < 0.9.70 - Reflected XSS CVE-2022-0531
WordPress Plugin Favicon by RealFaviconGenerator < 1.3.23 - Reflected XSS CVE-2022-0471
Tiny File Manager <=2.4.6 - Directory Traversal to RCE CVE-2021-40964
WordPress Plugin Google Pagespeed Insights < 4.0.4 - Reflected XSS CVE-2022-0431
WordPress Plugin Block and Stop Bad Bots < 6.930 - Unauthenticated SQLi CVE-2022-0949
WordPress Plugin Popup Builder < 4.1.1 - SQLi CVE-2022-0479
Cipi Control Panel 3.1.15 - Authenticated Stored XSS
aaPanel <= 6.8.21 - Authenticated Directory Traversal
WordPress Plugin Post Grid < 2.1.16 - Reflected XSS via post_types CVE-2022-0447
WordPress Plugin LearnPress < 4.1.6 - Reflected XSS CVE-2022-0271
WordPress Plugin Drag and Drop Multiple File Upload - Contact Form 7 < 184.108.40.206 - Unauthenticated Stored XSS CVE-2022-0595
WordPress Plugin Akismet Privacy Policies <= 2.0.1 - Reflected XSS CVE-2021-25071
WordPress Plugin Super Socializer < 7.13.30 - Reflected XSS CVE-2021-24987
How to Update
All the rules released this month are available for download and can be configured using the ModSecurity Dashboard. The rules are associated with the default profile and enabled for all licensed servers. To verify the rules were successfully downloaded by ModSecurity, log in to the ModSecurity Dashboard and verify the server "Last seen" date, which indicates the last successful download for the specified server.