Signature update version 33

New signatures rules are generated for the vulnerabilities identified in version 33. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 33 is compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.

Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.


Enabling Post body and Response body signature rules may affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Rule CVE Description Vulnerability Reference
999860   WordPress plug-in Yuzo Related Posts cross-site scripting Vulnerability
999861 CVE-2019-12099   cve,2019-12099
999862   WordPress plug-in Database Backup <= 5.2 - Remote Code Execution
999863   WordPress plug-in Slick Popup - Privilege Escalation
999864 CVE-2019-10866 WordPress plug-in Form Maker 1.13.3 - SQL Injection cve,2019-10866
999865   WordPress plug-in Give – Stored cross-site scripting for Donors
999866   WordPress plug-in My Calendar <= 3.1.9 - Unauthenticated cross-site scripting Vulnerability
999867   WordPress plug-in Slimstat <= 4.8 - Unauthenticated Stored cross-site scripting
999868 CVE-2019-2618 WebLogic Arbitrary Upload Vulnerability cve,2019-2618
999869 CVE-2019-11871 WEB-WORDPRESS WordPress plug-in Custom Field Suite Prior To 2.5.15 - Cross-Site Scripting Vulnerability cve,2019-11871
999870   WEB-WORDPRESS WordPress Live Chat Support plug-in Persistent cross-site scripting Vulnerability prior 8.0.27 via wplc_custom_js parameter
999871   WEB-WORDPRESS WordPress plug-in W3 Total Cache Prior To - PHAR Remote Code Execution Vulnerability
999872   WEB-WORDPRESS WordPress plug-in W3 Total Cache Prior To - PHAR Remote Code Execution Vulnerability
999873 CVE-2019-0604 WEB-MISC Microsoft Windows Sharepoint Server - Remote Code Execution Vulnerability cve,2019-0604
999874   WEB-WORDPRESS Yuzo Related Posts Unauthenticated Stored cross-site scripting Vulnerability in 5.12.91
Signature update version 33