Merge branch 'master' into patch-3

Author: blotus

.appsec-tests/generic-wordpress-uploads-listing/generic-wordpress-uploads-listing.yaml

@@ -22,6 +22,12 @@ http:
       - |
         GET /wp-content/uploads/2024/10/fp-check.jpg HTTP/1.1
         Host: {{Hostname}}
+      - |
+        OPTIONS /wp-content/uploads/ HTTP/1.1
+        Host: {{Hostname}}
+      - |
+        OPTIONS /wp-content/uploads/2024/10/ HTTP/1.1
+        Host: {{Hostname}}
     matchers:
       - type: dsl
         condition: and
@@ -31,4 +37,6 @@ http:
           - "status_code_3 == 403"
           - "status_code_4 == 403"
           - "status_code_5 == 404"
+          - "status_code_6 == 405"
+          - "status_code_7 == 405"
 

.appsec-tests/vpatch-CVE-2024-8911/CVE-2024-8911.yaml

@@ -0,0 +1,21 @@
+## autogenerated on 2026-02-18 14:28:33
+id: CVE-2024-8911
+info:
+  name: CVE-2024-8911
+  author: crowdsec
+  severity: info
+  description: CVE-2024-8911 testing
+  tags: appsec-testing
+http:
+  - raw:
+      - |
+        POST /wp-admin/admin-ajax.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        action=latepoint_route_call&route_name=customer_cabinet__change_password&params=password_reset_token%5bOR%5d%5b%20IS%20NULL%20or%20not%20(select%20sleep(8)))%20limit%201%3b--%20-%5d%3d{{randstr}}%26password%3d{{randstr}}&return_format=json
+    cookie-reuse: true
+    matchers:
+    - type: status
+      status:
+       - 403

.appsec-tests/vpatch-CVE-2024-8911/config.yaml

@@ -0,0 +1,5 @@
+## autogenerated on 2026-02-18 14:28:33
+appsec-rules:
+  - ./appsec-rules/crowdsecurity/base-config.yaml
+  - ./appsec-rules/crowdsecurity/vpatch-CVE-2024-8911.yaml
+nuclei_template: CVE-2024-8911.yaml

.appsec-tests/vpatch-CVE-2024-8943/CVE-2024-8943.yaml

@@ -0,0 +1,21 @@
+## autogenerated on 2026-02-18 14:29:25
+id: CVE-2024-8943
+info:
+  name: CVE-2024-8943
+  author: crowdsec
+  severity: info
+  description: CVE-2024-8943 testing
+  tags: appsec-testing
+http:
+  - raw:
+      - |
+        POST /wp-admin/admin-ajax.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        action=latepoint_route_call&route_name=steps__load_step&params=current_step_code%3dcustomer%26step_direction%3dnext%26customer%5bid%5d%3d1%26customer%5bemail%5d%3dtest%40example.com%26customer%5bpassword%5d%3dpassword123%26customer%5bpassword_confirmation%5d%3dpassword123%26customer%5bfirst_name%5d%3dtest%26customer%5blast_name%5d%3duser&layout=none&return_format=json
+    cookie-reuse: true
+    matchers:
+    - type: status
+      status:
+       - 403

.appsec-tests/vpatch-CVE-2024-8943/config.yaml

@@ -0,0 +1,5 @@
+## autogenerated on 2026-02-18 14:29:25
+appsec-rules:
+  - ./appsec-rules/crowdsecurity/base-config.yaml
+  - ./appsec-rules/crowdsecurity/vpatch-CVE-2024-8943.yaml
+nuclei_template: CVE-2024-8943.yaml

.appsec-tests/vpatch-CVE-2025-37164/CVE-2025-37164.yaml

@@ -0,0 +1,26 @@
+## autogenerated on 2025-12-29 15:17:08
+id: CVE-2025-37164
+info:
+  name: CVE-2025-37164
+  author: crowdsec
+  severity: info
+  description: CVE-2025-37164 testing
+  tags: appsec-testing
+http:
+  - raw:
+      - |
+        PUT /rest/id-pools/executeCommand HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+        X-API-Version: 3800
+        Accept-Encoding: gzip
+
+        {
+        "cmd":"nc foobar.com",
+        "result":0
+        }
+    cookie-reuse: true
+    matchers:
+    - type: status
+      status:
+       - 403

.appsec-tests/vpatch-CVE-2025-37164/config.yaml

@@ -0,0 +1,5 @@
+## autogenerated on 2025-12-29 15:17:08
+appsec-rules:
+  - ./appsec-rules/crowdsecurity/base-config.yaml
+  - ./appsec-rules/crowdsecurity/vpatch-CVE-2025-37164.yaml
+nuclei_template: CVE-2025-37164.yaml

.appsec-tests/vpatch-CVE-2025-56520/CVE-2025-56520.yaml

@@ -0,0 +1,18 @@
+## autogenerated on 2026-02-16 09:44:57
+id: CVE-2025-56520
+info:
+  name: CVE-2025-56520
+  author: crowdsec
+  severity: info
+  description: CVE-2025-56520 testing
+  tags: appsec-testing
+http:
+  - raw:
+      - |
+        GET /console/api/remote-files/http%3A%2F%2Fexample.com%2Ftest HTTP/1.1
+        Host: {{Hostname}}
+    cookie-reuse: true
+    matchers:
+    - type: status
+      status:
+       - 403

.appsec-tests/vpatch-CVE-2025-56520/config.yaml

@@ -0,0 +1,5 @@
+## autogenerated on 2026-02-16 09:44:57
+appsec-rules:
+  - ./appsec-rules/crowdsecurity/base-config.yaml
+  - ./appsec-rules/crowdsecurity/vpatch-CVE-2025-56520.yaml
+nuclei_template: CVE-2025-56520.yaml

.appsec-tests/vpatch-CVE-2026-23744/CVE-2026-23744.yaml

@@ -0,0 +1,21 @@
+## autogenerated on 2026-02-18 14:26:13
+id: CVE-2026-23744
+info:
+  name: CVE-2026-23744
+  author: crowdsec
+  severity: info
+  description: CVE-2026-23744 testing
+  tags: appsec-testing
+http:
+  - raw:
+      - |
+        POST /api/mcp/connect HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+
+        {"serverConfig":{"timeout":10000,"command":"curl","args":["https://foobar.com"],"env":{}},"serverId":"mymcp"}
+    cookie-reuse: true
+    matchers:
+    - type: status
+      status:
+       - 403