Rule False Positive? - WP All Import plugin

This is more of just a general question.

I have a user that seems to be hitting rule 230550 - COMODO WAF: XSS vulnerability in Import any XML or CSV File (WP All Import) plugin 3.4.9 for WordPress - while doing legitimate imports.

The user is using version 3.4.9 of the WP All Import plugin.

Is this particular rule saying that version 3.4.9 of WP All Import is vulnerable to this XSS vulnerability? 3.4.9 appears to be the latest version of WP All Import - but it hasn’t been updated in 5 months. I’m not finding any security alerts that indicate that WP All Import version 3.4.9 is vulnerable to anything although that doesn’t mean it’s not.

I’m fine with exempting this rule for this particular user. I’m just trying to get a better understanding of what specifically this description is saying.

Hello amsscott.
You should report about False Positives here:
When you report abou FP you should provide information described:;msg869520#msg869520

This rule contain protection from 0day vulnerabilities. CVE IDs for these vulnerabilities are waiting for approval.
Please provide modsec_audit.log for this event.

I just exempted the rule for this VirtualHost, all appears to be good now.

Although my initial question still remains. Is this an issue with version 3.4.9 of the WP All Import plugin?

I’m not seeing any disclosed issues with version 3.4.9 of WP All Import - but that doesn’t necessarily mean there isn’t one or that I’m just not finding it.

Hi amsscott,

Yes, For security purpose, the details will be disclosed on after fixed.