Rule Update
25-018 (April 29, 2025)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Ivanti Endpoint Manager
1012253* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32848 and CVE-2024-13162)
1012346 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-34781)
1012345 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2025-22461)
Web Application Common
1010023* - October CMS Upload Protection Bypass Code Execution Vulnerability (CVE-2017-1000119)
1010036* - SDCMS Remote Code Execution Vulnerability (CVE-2018-19520)
1012348 - ZendTo Remote Code Execution Vulnerability (CVE-2021-47667)
Web Application PHP Based
1009720* - Drupal Core Cross-Site Scripting Vulnerability (CVE-2019-6341)
1009541* - Drupal Core Remote Code Execution Vulnerability (CVE-2019-6340)
1009157* - Joomla Component Ekrishta SQL Injection Vulnerability (CVE-2018-12254)
1009308* - Moodle PHP Unserialize Remote Code Execution Vulnerability (CVE-2018-14630)
1010338* - PHP-Fusion Administration Banner Stored Cross-Site Scripting Vulnerability (CVE-2020-12438)
1010281* - Rank Math Wordpress SEO Plugin 'updateMeta' Privilege Escalation Vulnerability (CVE-2020-11514)
1012344 - WordPress 'Beautiful Taxonomy Filters' Plugin SQL Injection Vulnerability (CVE-2024-12270)
1010705* - WordPress 'Canto' Plugin Multiple Server-Side Request Forgery Vulnerabilities
1010712* - WordPress 'Contact Form 7' Plugin Arbitrary File Upload Vulnerability (CVE-2020-35489)
1010490* - WordPress 'File Manager' Plugin Remote Code Execution Vulnerability (CVE-2020-25213)
1010194* - WordPress 'GDPR Cookie Consent Plugin' Stored Cross-Site Scripting Vulnerability
1010551* - WordPress 'SupportCandy Plugin' Arbitrary File Upload Vulnerability (CVE-2019-11223)
1010683* - WordPress 'Ultimate Member' Plugin Multiple Privilege Escalation Vulnerabilities
1010499* - WordPress 'WP EasyCart Plugin' Shell Upload Vulnerability (CVE-2014-9308)
1012347 - WordPress 'WP Load Gallery' Plugin Arbitrary File Upload Vulnerability (CVE-2025-23942)
1010359* - WordPress 'bbPress' Plugin Unauthenticated Privilege Escalation Vulnerability (CVE-2020-13693)
1010375* - WordPress 10Web Photo Gallery Plugin SQL Injection Vulnerability
1009776* - WordPress Comment Field Remote Code Execution Vulnerability (CVE-2019-9787)
1009617* - WordPress Easy SMTP Plugin Unauthenticated Arbitrary 'wp_options' Import Vulnerability
1010172* - WordPress InfiniteWP And Time Capsule Plugin Client Authentication Bypass Vulnerability (CVE-2020-8771)
1008148* - WordPress Ninja Forms Unauthenticated File Upload Vulnerability (CVE-2016-1209)
1009751* - WordPress PayPal Checkout Payment Gateway Plugin Parameter Tampering Vulnerability (CVE-2019-7441)
1010122* - WordPress Plainview Activity Monitor Plugin Remote Code Execution Vulnerability (CVE-2018-15877)
1010341* - Wordpress Drag and Drop Multi File Uploader Remote Code Execution Vulnerability (CVE-2020-12800)
1010648* - Wordpress Woody Ad Snippets Plugin Remote Code Execution Vulnerability (CVE-2019-15858)
Web Application Tomcat
1000697* - Directory Listing in Apache Tomcat 5.x.x
Web Server Adobe ColdFusion
1012011* - Adobe ColdFusion Directory Traversal Vulnerabilities (CVE-2024-20767 and CVE-2024-53961)
Web Server HTTPS
1012314 - Cacti CRLF Injection Vulnerability (CVE-2025-24367)
Web Server Miscellaneous
1012335 - CrushFTP Authentication Bypass Vulnerability (CVE-2025-2825 and CVE-2025-31161)
pgAdmin
1012349 - pgAdmin Remote Code Execution Vulnerability (CVE-2025-2945)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Ivanti Endpoint Manager
1012253* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32848 and CVE-2024-13162)
1012346 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-34781)
1012345 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2025-22461)
Web Application Common
1010023* - October CMS Upload Protection Bypass Code Execution Vulnerability (CVE-2017-1000119)
1010036* - SDCMS Remote Code Execution Vulnerability (CVE-2018-19520)
1012348 - ZendTo Remote Code Execution Vulnerability (CVE-2021-47667)
Web Application PHP Based
1009720* - Drupal Core Cross-Site Scripting Vulnerability (CVE-2019-6341)
1009541* - Drupal Core Remote Code Execution Vulnerability (CVE-2019-6340)
1009157* - Joomla Component Ekrishta SQL Injection Vulnerability (CVE-2018-12254)
1009308* - Moodle PHP Unserialize Remote Code Execution Vulnerability (CVE-2018-14630)
1010338* - PHP-Fusion Administration Banner Stored Cross-Site Scripting Vulnerability (CVE-2020-12438)
1010281* - Rank Math Wordpress SEO Plugin 'updateMeta' Privilege Escalation Vulnerability (CVE-2020-11514)
1012344 - WordPress 'Beautiful Taxonomy Filters' Plugin SQL Injection Vulnerability (CVE-2024-12270)
1010705* - WordPress 'Canto' Plugin Multiple Server-Side Request Forgery Vulnerabilities
1010712* - WordPress 'Contact Form 7' Plugin Arbitrary File Upload Vulnerability (CVE-2020-35489)
1010490* - WordPress 'File Manager' Plugin Remote Code Execution Vulnerability (CVE-2020-25213)
1010194* - WordPress 'GDPR Cookie Consent Plugin' Stored Cross-Site Scripting Vulnerability
1010551* - WordPress 'SupportCandy Plugin' Arbitrary File Upload Vulnerability (CVE-2019-11223)
1010683* - WordPress 'Ultimate Member' Plugin Multiple Privilege Escalation Vulnerabilities
1010499* - WordPress 'WP EasyCart Plugin' Shell Upload Vulnerability (CVE-2014-9308)
1012347 - WordPress 'WP Load Gallery' Plugin Arbitrary File Upload Vulnerability (CVE-2025-23942)
1010359* - WordPress 'bbPress' Plugin Unauthenticated Privilege Escalation Vulnerability (CVE-2020-13693)
1010375* - WordPress 10Web Photo Gallery Plugin SQL Injection Vulnerability
1009776* - WordPress Comment Field Remote Code Execution Vulnerability (CVE-2019-9787)
1009617* - WordPress Easy SMTP Plugin Unauthenticated Arbitrary 'wp_options' Import Vulnerability
1010172* - WordPress InfiniteWP And Time Capsule Plugin Client Authentication Bypass Vulnerability (CVE-2020-8771)
1008148* - WordPress Ninja Forms Unauthenticated File Upload Vulnerability (CVE-2016-1209)
1009751* - WordPress PayPal Checkout Payment Gateway Plugin Parameter Tampering Vulnerability (CVE-2019-7441)
1010122* - WordPress Plainview Activity Monitor Plugin Remote Code Execution Vulnerability (CVE-2018-15877)
1010341* - Wordpress Drag and Drop Multi File Uploader Remote Code Execution Vulnerability (CVE-2020-12800)
1010648* - Wordpress Woody Ad Snippets Plugin Remote Code Execution Vulnerability (CVE-2019-15858)
Web Application Tomcat
1000697* - Directory Listing in Apache Tomcat 5.x.x
Web Server Adobe ColdFusion
1012011* - Adobe ColdFusion Directory Traversal Vulnerabilities (CVE-2024-20767 and CVE-2024-53961)
Web Server HTTPS
1012314 - Cacti CRLF Injection Vulnerability (CVE-2025-24367)
Web Server Miscellaneous
1012335 - CrushFTP Authentication Bypass Vulnerability (CVE-2025-2825 and CVE-2025-31161)
pgAdmin
1012349 - pgAdmin Remote Code Execution Vulnerability (CVE-2025-2945)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.