alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_CLIENT Attempted RCE in Wordpress Social Warfare Plugin Inbound (CVE-2019-9978)"; flow:established,to_server; content:"GET"; http_method; content:"wp-admin/admin-post.php?swp_debug=load_options&swp_url="; http_uri; fast_pattern; pcre:"/^https?:\/\//RU"; metadata: former_category WEB_CLIENT; reference:url,www.exploit-db.com/exploits/46794; classtype:attempted-admin; sid:2027315; rev:2; metadata:affected_product Wordpress_Plugins, deployment Perimeter, cve 2019_9978, signature_severity Major, created_at 2019_05_03, performance_impact Low, updated_at 2019_05_03;)

Added 2019-05-03 17:52:42 UTC


Topic revision: r1 - 2019-05-03 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats