Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

haritan_132923's avatar
haritan_132923
Icon for Nimbostratus rankNimbostratus
Sep 03, 2013

BIG-IP false SQL injection alarm when trying to update a Wordpress page

Hi all, first of all, I am not sure if I ask this question in the right forum. Please direct me to the right one if this is not the place to ask this question.   I host my Wordpress-based website ...
security
boneyard's avatar
boneyard
Icon for MVP rankMVP
Sep 03, 2013

it might help if you ask the hosting provider the exact ASM violation, that might help a little.

 

the issue probably is that the combination of your ")" together with the rest of the query constructs something the ASM sees as a possible SQL injection. silly example: the ASM look for: select from () and your ) completes a select from ( in the wordpress code thereby triggering the signature.

 

you just disable one signature, so the effect should be limited.