vpatch-CVE-2024-6205 AppSec Rule

« vpatch-CVE-2024-6205 »
v0.2 by crowdsecurity
AppSec rule

PayPlus Payment Gateway WordPress plugin - SQL Injection (CVE-2024-6205)

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2024-6205

YAML Configuration

1
2name: crowdsecurity/vpatch-CVE-2024-6205
3description: "PayPlus Payment Gateway WordPress plugin - SQL Injection (CVE-2024-6205)"
4rules:
5  - and:
6    - zones:
7      - ARGS
8      variables:
9      - wc-api
10      transform:
11      - lowercase
12      match:
13        type: "contains"
14        value: "payplus_gateway"
15    - zones:
16      - ARGS
17      variables:
18      - more_info
19      transform:
20      - lowercase
21      match:
22        type: libinjectionSQL
23labels:
24  type: exploit
25  service: http
26  confidence: 3
27  spoofable: 0
28  behavior: "http:exploit"
29  label: "PayPlus Payment Gateway WordPress plugin - SQL Injection"
30  classification:
31   - cve.CVE-2024-6205
32   - attack.T1595
33   - attack.T1190
34   - cwe.CWE-89

Hub Appsec rule

« vpatch-CVE-2024-6205 »v0.2 by crowdsecurityAppSec rule

« vpatch-CVE-2024-6205 »
v0.2 by crowdsecurity
AppSec rule