Why Isn’t Wordfence Blocking a Simple XSS Payload?

[ad_1]

Hello everyone,

I decided to test the XSS protection of Wordfence by creating a simple page to fuzz it: [http://localhost/wordpress/11-2/?search=%3Cscript%3Ealert(1)%3C/script%3E](http://localhost/wordpress/11-2/?search=%3Cscript%3Ealert(1)%3C/script%3E). However, it seems that it did not block me, even though the WAF (Web Application Firewall) is enabled and supposedly protecting. Is there a possibility that I haven’t configured it correctly? Here’s the status I’m seeing:

**Web Application Firewall Status: Enabled and Protecting**

Any insights or suggestions would be greatly appreciated!”

[ad_2]

 

This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer