Questions about WP vulnerability CVE-2018-12895

Question

Hi All - Do we know if F5 ASM has ability to detect and block exploits related to WP vulnerability. &nbsp;
The CVE is CVE-2018-12895 - &nbsp;

*https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/
   The folks who discovered it. Claims WP has known about this for 7 months and still hasn’t alerted the public.
Contains all technical details
2https://nvd.nist.gov/vuln/detail/CVE-2018-12895

Please let us know what we can do to protect our sites. &nbsp;
Thanks so much ! &nbsp;

samstep · Answer

ASM standard directory traversal attack signatures will provide built-in protection from CVE-2018-12895. WordPress v4.9.8 is now out with a fix for this vulnerability.&nbsp;

Forum Discussion

Questions about WP vulnerability CVE-2018-12895

Recent Discussions

Help needed with iRule (connection closed log )

AS3 Limitations

Use of SSL Decryption.

VLAN Failsafe Functionality

FTP PASV mode to Extended Passive mode

Related Content

Mitigating Apache Camel Vulnerability CVE-2025–27636 with F5 Products

Question regarding the F5 vulnerabilities page API

Windows Critical RCE Vulnerability, Malicious Solana-py, and EDRKillShifter

Coordinated Vulnerability Disclosure: A Balanced Approach

OWASP Automated Threats - OAT-014 Vulnerability Scanning

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS