24-026 (May 28, 2024)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Advanced Message Queuing Protocol (AMQP)
1012050 - SolarWinds Access Rights Manager Remote Code Execution Vulnerability (CVE-2024-28075)


Web Application PHP Based
1011870* - WordPress 'Media Library Assistant' Plugin Remote Code Execution Vulnerability (CVE-2023-4634)
1011695* - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2023-23488)
1011325* - WordPress 'Perfect Survey' Plugin SQL Injection Vulnerability (CVE-2021-24762)
1011925* - WordPress 'Royal Elementor Addons and Templates' Plugin Unrestricted File Upload Vulnerability (CVE-2023-5360)
1011621* - WordPress 'Snap Creek Duplicator' Plugin Directory Traversal Vulnerability (CVE-2020-11738)
1011168* - WordPress 'Supsystic Ultimate Maps' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24274)


Web Server Adobe ColdFusion
1011558* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2022-38418)


Web Server HTTPS
1012051 - WordPress Core Cross-Site Scripting Vulnerability (CVE-2024-4439)


Web Server Miscellaneous
1012048 - GitLab Cross-Site Scripting Vulnerability (CVE-2024-1451)


Integrity Monitoring Rules:

1003385* - Application - Xorg-x / XFree86 / Xfree86 / Xorg-x11


Log Inspection Rules:

1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)