Versions (2)
Version DetailsCurrent
Rev: 2 • Nov 13, 2018, 12:00 PMET WEB_CLIENT Attempted WordPress GDPR Plugin Privilege Escalation M2 (Set as Administrator)
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_CLIENT Attempted WordPress GDPR Plugin Privilege Escalation M2 (Set as Administrator)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/admin-ajax.php"; http.request_body; content:"action=wpgdprc_"; fast_pattern; content:"default_role|22|,|22|value|22 3a 22|administrator"; distance:0; reference:url,www.wordfence.com/blog/2018/11/trends-following-vulnerability-in-wp-gdpr-compliance-plugin/; classtype:attempted-admin; sid:2026606; rev:2; metadata:affected_product Wordpress_Plugins, attack_target Web_Server, created_at 2018_11_13, deployment Perimeter, performance_impact Low, signature_severity Major, tag PrivilegeEsc, updated_at 2020_08_27;)
Nov 13, 2018, 12:00 PM
Aug 27, 2020, 12:00 PM
Nov 13, 2018, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-web_client.rules