WAF is not affected by this vulnerability. However, if your website uses WordPress, we recommend that you add protection rules to increase the security of your business.
names into the
load parameter. The
names are separated with commas (,).
For example, in this request:
We recommend that you use HTTP ACL policies and custom HTTP flood protection to protect your WordPress website.
- You can add access control rules to restrict the number of parameters passed to the load-scripts.php file. For example, you can add the following rule to restrict the length of the parameter passed to load-scripts.php to up to 50 characters.
- You can also use custom HTTP flood protection to restrict the frequency at which IP addresses can send requests to the load-scripts.php. For example, you can add the following rule to restrict the frequency at which an IP address sends requests to load-scripts.php to up to 100 times per 5 seconds.