Hub WAF rule

More info

vpatch-CVE-2023-24000 WAF Rule

« GamiPress - SQLI »
v0.1 by crowdsecurity
WAF rule

Detects SQL injection attempts in WordPress GamiPress plugin via trigger_type[] parameter.

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2023-24000

YAML Configuration

1## autogenerated on 2026-03-30 12:50:01
2name: crowdsecurity/vpatch-CVE-2023-24000
3description: 'Detects SQL injection attempts in WordPress GamiPress plugin via trigger_type[] parameter.'
4rules:
5  - and:
6      - zones:
7          - URI
8        transform:
9          - lowercase
10          - urldecode
11        match:
12          type: contains
13          value: /wp-json/wp/v2/gamipress-logs
14      - zones:
15          - ARGS
16        variables:
17          - trigger_type[]
18        transform:
19          - lowercase
20          - urldecode
21        match:
22          type: regex
23          value: "[^a-z0-9_-]"
24
25labels:
26  type: exploit
27  service: http
28  confidence: 3
29  spoofable: 0
30  behavior: 'http:exploit'
31  label: 'GamiPress - SQLI'
32  classification:
33    - cve.CVE-2023-24000
34    - attack.T1190
35    - cwe.CWE-89
36

Hub WAF rule

« GamiPress - SQLI »v0.1 by crowdsecurityWAF rule

« GamiPress - SQLI »
v0.1 by crowdsecurity
WAF rule