Security Resources

Software Updates

Web Application Security – ModSecurity Commercial Rules, Update for November 2021

Overview for rules released by Trustwave SpiderLabs in November for ModSecurity Commercial Rules package. The rules are available for versions 2.9.x and 3.x of ModSecurity.

ModSecurity Commercial Rules detect attacks or classes of attacks on web applications and their components as well as provide virtual patches for public vulnerabilities.

Release Summary

WordPress + Microsoft Office 365 < 15.4 - Unauthenticated XSS CVE-2021-43409
WordPress Plugin Sassy Social Share 3.3.23 - CSRF
WordPress Plugin Ecommerce - Two Factor Authentication < 1.0.5 - Reflected XSS
WordPress Plugin eCommerce Product Catalog for WordPress < 3.0.39 - Reflected XSS CVE-2021-24875
WordPress Plugin Registrations for The Events Calendar < 2.7.5 - Reflected XSS CVE-2021-24876
WordPress Plugin URL Shortify < 1.5.1 - CSRF CVE-2021-24749
WordPress Plugin Event Manager for WooCommerce < 3.5.3 - CSRF
WordPress Plugin Google Fonts < 3.1.5 - Reflected XSS CVE-2021-24935
WordPress Plugin Email Log < 2.4.8 - Reflected XSS CVE-2021-24924
WordPress Plugin Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQLi CVE-2021-24931
WordPress Plugin WooCommerce Currency Switcher < - Reflected XSS CVE-2021-24938
WordPress Plugin LoginWP < - Reflected XSS CVE-2021-24939
WordPress Plugin Registrations for the Events Calendar < 2.7.6 - Unauthenticated SQLi CVE-2021-24943
WordPress Plugin Like Button Rating < 2.6.38 - CSRF CVE-2021-24945
WordPress Plugin WP Reset Pro < 5.99 - Database Reset via CSRF CVE-2021-36908
WordPress Plugin Preview E-mails for WooCommerce < 2.0.0 - Reflected XSS CVE-2021-42363

How to Update

All the rules released this month are available for download and can be configured using the ModSecurity Dashboard. The rules are associated with the default profile and enabled for all licensed servers. To verify the rules were successfully downloaded by ModSecurity, log in to the ModSecurity Dashboard and verify the server "Last seen" date, which indicates the last successful download for the specified server.