Wordpress FP on Site Editor

[pesc]

System

• Wordpress: Version 6.5 (Default installation, nothing additional)
• CRS: 4.1.0 (SecPcreMatchLimit 500000, SecPcreMatchLimitRecursion 500000)
• CRS Plugin: wordpress-rule-exclusions-plugin (master)
• Apache 2.4.58
• ModSecurity 2.9.6 (Apache)

Trigger

Just edit the "Twenty Twenty-Four" for example and add a simple "Test" and press "Save"

Screenshot

Logs

Request

curl 'https://crs.example.com/wp-json/wp/v2/templates/twentytwentyfour//home?_locale=user' \
  -H 'accept: application/json, */*;q=0.1' \
  -H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8,de;q=0.7,hr;q=0.6' \
  -H 'cache-control: no-cache' \
  -H 'content-type: application/json' \
  -H 'cookie: nothing here' \
  -H 'origin: https://crs.example.com' \
  -H 'pragma: no-cache' \
  -H 'referer: https://crs.example.com/wp-admin/site-editor.php?return=https%3A%2F%2Fcrs.example.com%2Fwp-admin%2Fthemes.php&canvas=edit' \
  -H 'sec-ch-ua: xxxxx' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'sec-ch-ua-platform: xxx' \
  -H 'sec-fetch-dest: empty' \
  -H 'sec-fetch-mode: cors' \
  -H 'sec-fetch-site: same-origin' \
  -H 'user-agent: Mozilla/5.0 xxxxxx' \
  -H 'x-http-method-override: PUT' \
  -H 'x-wp-nonce: xxxxxx' \
  --data-raw $'{"id":"twentytwentyfour//home","content":"<\u0021-- wp:template-part {\\"slug\\":\\"header\\",\\"theme\\":\\"twentytwentyfour\\",\\"tagName\\":\\"header\\",\\"area\\":\\"header\\"} /-->\\n\\n<\u0021-- wp:group {\\"tagName\\":\\"main\\",\\"style\\":{\\"spacing\\":{\\"blockGap\\":\\"0\\",\\"margin\\":{\\"top\\":\\"0\\"}}},\\"layout\\":{\\"type\\":\\"default\\"}} -->\\n<main class=\\"wp-block-group\\" style=\\"margin-top:0\\"><\u0021-- wp:group {\\"align\\":\\"full\\",\\"style\\":{\\"spacing\\":{\\"padding\\":{\\"top\\":\\"var:preset|spacing|50\\",\\"bottom\\":\\"var:preset|spacing|50\\",\\"left\\":\\"var:preset|spacing|50\\",\\"right\\":\\"var:preset|spacing|50\\"}}},\\"layout\\":{\\"type\\":\\"constrained\\",\\"contentSize\\":\\"\\",\\"wideSize\\":\\"\\"}} -->\\n<div class=\\"wp-block-group alignfull\\" style=\\"padding-top:var(--wp--preset--spacing--50);padding-right:var(--wp--preset--spacing--50);padding-bottom:var(--wp--preset--spacing--50);padding-left:var(--wp--preset--spacing--50)\\"><\u0021-- wp:group {\\"style\\":{\\"spacing\\":{\\"blockGap\\":\\"0px\\"}},\\"layout\\":{\\"type\\":\\"constrained\\",\\"contentSize\\":\\"565px\\"}} -->\\n<div class=\\"wp-block-group\\"><\u0021-- wp:heading {\\"textAlign\\":\\"center\\",\\"level\\":1,\\"fontSize\\":\\"x-large\\"} -->\\n<h1 class=\\"wp-block-heading has-text-align-center has-x-large-font-size\\">A commitment to innovation and sustainability Test</h1>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:spacer {\\"height\\":\\"1.25rem\\"} -->\\n<div style=\\"height:1.25rem\\" aria-hidden=\\"true\\" class=\\"wp-block-spacer\\"></div>\\n<\u0021-- /wp:spacer -->\\n\\n<\u0021-- wp:paragraph {\\"align\\":\\"center\\"} -->\\n<p class=\\"has-text-align-center\\">Études is a pioneering firm that seamlessly merges creativity and functionality to redefine architectural excellence.</p>\\n<\u0021-- /wp:paragraph -->\\n\\n<\u0021-- wp:spacer {\\"height\\":\\"1.25rem\\"} -->\\n<div style=\\"height:1.25rem\\" aria-hidden=\\"true\\" class=\\"wp-block-spacer\\"></div>\\n<\u0021-- /wp:spacer -->\\n\\n<\u0021-- wp:buttons {\\"layout\\":{\\"type\\":\\"flex\\",\\"justifyContent\\":\\"center\\"}} -->\\n<div class=\\"wp-block-buttons\\"><\u0021-- wp:button -->\\n<div class=\\"wp-block-button\\"><a class=\\"wp-block-button__link wp-element-button\\">About us</a></div>\\n<\u0021-- /wp:button --></div>\\n<\u0021-- /wp:buttons --></div>\\n<\u0021-- /wp:group -->\\n\\n<\u0021-- wp:spacer {\\"height\\":\\"var:preset|spacing|30\\",\\"style\\":{\\"layout\\":[]}} -->\\n<div style=\\"height:var(--wp--preset--spacing--30)\\" aria-hidden=\\"true\\" class=\\"wp-block-spacer\\"></div>\\n<\u0021-- /wp:spacer -->\\n\\n<\u0021-- wp:image {\\"sizeSlug\\":\\"full\\",\\"linkDestination\\":\\"none\\",\\"align\\":\\"wide\\",\\"className\\":\\"is-style-rounded\\"} -->\\n<figure class=\\"wp-block-image alignwide size-full is-style-rounded\\"><img src=\\"https://crs.example.com/wp-content/themes/twentytwentyfour/assets/images/building-exterior.webp\\" alt=\\"Building exterior in Toronto, Canada\\"/></figure>\\n<\u0021-- /wp:image --></div>\\n<\u0021-- /wp:group -->\\n\\n<\u0021-- wp:group {\\"align\\":\\"full\\",\\"style\\":{\\"spacing\\":{\\"margin\\":{\\"top\\":\\"0\\",\\"bottom\\":\\"0\\"},\\"padding\\":{\\"top\\":\\"var:preset|spacing|50\\",\\"bottom\\":\\"var:preset|spacing|50\\",\\"left\\":\\"var:preset|spacing|50\\",\\"right\\":\\"var:preset|spacing|50\\"}}},\\"backgroundColor\\":\\"base-2\\",\\"layout\\":{\\"type\\":\\"constrained\\"}} -->\\n<div class=\\"wp-block-group alignfull has-base-2-background-color has-background\\" style=\\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--50);padding-right:var(--wp--preset--spacing--50);padding-bottom:var(--wp--preset--spacing--50);padding-left:var(--wp--preset--spacing--50)\\"><\u0021-- wp:group {\\"style\\":{\\"spacing\\":{\\"blockGap\\":\\"0px\\"}},\\"layout\\":{\\"type\\":\\"flex\\",\\"orientation\\":\\"vertical\\",\\"justifyContent\\":\\"center\\"}} -->\\n<div class=\\"wp-block-group\\"><\u0021-- wp:heading {\\"textAlign\\":\\"center\\",\\"className\\":\\"is-style-asterisk\\"} -->\\n<h2 class=\\"wp-block-heading has-text-align-center is-style-asterisk\\">A passion for creating spaces</h2>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:spacer {\\"height\\":\\"0px\\",\\"style\\":{\\"layout\\":{\\"flexSize\\":\\"1.25rem\\",\\"selfStretch\\":\\"fixed\\"}}} -->\\n<div style=\\"height:0px\\" aria-hidden=\\"true\\" class=\\"wp-block-spacer\\"></div>\\n<\u0021-- /wp:spacer -->\\n\\n<\u0021-- wp:paragraph {\\"align\\":\\"center\\"} -->\\n<p class=\\"has-text-align-center\\">Our comprehensive suite of professional services caters to a diverse clientele, ranging from homeowners to commercial developers.</p>\\n<\u0021-- /wp:paragraph --></div>\\n<\u0021-- /wp:group -->\\n\\n<\u0021-- wp:spacer {\\"height\\":\\"var:preset|spacing|40\\",\\"style\\":{\\"spacing\\":{\\"margin\\":{\\"top\\":\\"0\\",\\"bottom\\":\\"0\\"}}}} -->\\n<div style=\\"margin-top:0;margin-bottom:0;height:var(--wp--preset--spacing--40)\\" aria-hidden=\\"true\\" class=\\"wp-block-spacer\\"></div>\\n<\u0021-- /wp:spacer -->\\n\\n<\u0021-- wp:columns {\\"align\\":\\"wide\\",\\"style\\":{\\"spacing\\":{\\"blockGap\\":{\\"top\\":\\"var:preset|spacing|30\\",\\"left\\":\\"var:preset|spacing|40\\"}}}} -->\\n<div class=\\"wp-block-columns alignwide\\"><\u0021-- wp:column {\\"style\\":{\\"spacing\\":{\\"blockGap\\":\\"var:preset|spacing|10\\"}}} -->\\n<div class=\\"wp-block-column\\"><\u0021-- wp:heading {\\"textAlign\\":\\"left\\",\\"level\\":3,\\"style\\":{\\"typography\\":{\\"fontStyle\\":\\"normal\\",\\"fontWeight\\":\\"600\\"}},\\"className\\":\\"is-style-asterisk\\",\\"fontSize\\":\\"medium\\",\\"fontFamily\\":\\"body\\"} -->\\n<h3 class=\\"wp-block-heading has-text-align-left is-style-asterisk has-body-font-family has-medium-font-size\\" style=\\"font-style:normal;font-weight:600\\">Renovation and restoration</h3>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:paragraph {\\"align\\":\\"left\\"} -->\\n<p class=\\"has-text-align-left\\">Experience the fusion of imagination and expertise with Études Architectural Solutions.</p>\\n<\u0021-- /wp:paragraph --></div>\\n<\u0021-- /wp:column -->\\n\\n<\u0021-- wp:column {\\"style\\":{\\"spacing\\":{\\"blockGap\\":\\"var:preset|spacing|10\\"}}} -->\\n<div class=\\"wp-block-column\\"><\u0021-- wp:heading {\\"textAlign\\":\\"left\\",\\"level\\":3,\\"style\\":{\\"typography\\":{\\"fontStyle\\":\\"normal\\",\\"fontWeight\\":\\"600\\"}},\\"className\\":\\"is-style-asterisk\\",\\"fontSize\\":\\"medium\\",\\"fontFamily\\":\\"body\\"} -->\\n<h3 class=\\"wp-block-heading has-text-align-left is-style-asterisk has-body-font-family has-medium-font-size\\" style=\\"font-style:normal;font-weight:600\\">Continuous Support</h3>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:paragraph {\\"align\\":\\"left\\"} -->\\n<p class=\\"has-text-align-left\\">Experience the fusion of imagination and expertise with Études Architectural Solutions.</p>\\n<\u0021-- /wp:paragraph --></div>\\n<\u0021-- /wp:column -->\\n\\n<\u0021-- wp:column {\\"style\\":{\\"spacing\\":{\\"blockGap\\":\\"var:preset|spacing|10\\"}}} -->\\n<div class=\\"wp-block-column\\"><\u0021-- wp:heading {\\"textAlign\\":\\"left\\",\\"level\\":3,\\"style\\":{\\"typography\\":{\\"fontStyle\\":\\"normal\\",\\"fontWeight\\":\\"600\\"}},\\"className\\":\\"is-style-asterisk\\",\\"fontSize\\":\\"medium\\",\\"fontFamily\\":\\"body\\"} -->\\n<h3 class=\\"wp-block-heading has-text-align-left is-style-asterisk has-body-font-family has-medium-font-size\\" style=\\"font-style:normal;font-weight:600\\">App Access</h3>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:paragraph {\\"align\\":\\"left\\"} -->\\n<p class=\\"has-text-align-left\\">Experience the fusion of imagination and expertise with Études Architectural Solutions.</p>\\n<\u0021-- /wp:paragraph --></div>\\n<\u0021-- /wp:column --></div>\\n<\u0021-- /wp:columns -->\\n\\n<\u0021-- wp:spacer {\\"height\\":\\"var:preset|spacing|20\\"} -->\\n<div style=\\"height:var(--wp--preset--spacing--20)\\" aria-hidden=\\"true\\" class=\\"wp-block-spacer\\"></div>\\n<\u0021-- /wp:spacer -->\\n\\n<\u0021-- wp:columns {\\"align\\":\\"wide\\",\\"style\\":{\\"spacing\\":{\\"blockGap\\":{\\"top\\":\\"var:preset|spacing|30\\",\\"left\\":\\"var:preset|spacing|40\\"}}}} -->\\n<div class=\\"wp-block-columns alignwide\\"><\u0021-- wp:column {\\"style\\":{\\"spacing\\":{\\"blockGap\\":\\"var:preset|spacing|10\\"}}} -->\\n<div class=\\"wp-block-column\\"><\u0021-- wp:heading {\\"textAlign\\":\\"left\\",\\"level\\":3,\\"style\\":{\\"typography\\":{\\"fontStyle\\":\\"normal\\",\\"fontWeight\\":\\"600\\"}},\\"className\\":\\"is-style-asterisk\\",\\"fontSize\\":\\"medium\\",\\"fontFamily\\":\\"body\\"} -->\\n<h3 class=\\"wp-block-heading has-text-align-left is-style-asterisk has-body-font-family has-medium-font-size\\" style=\\"font-style:normal;font-weight:600\\">Consulting</h3>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:paragraph {\\"align\\":\\"left\\"} -->\\n<p class=\\"has-text-align-left\\">Experience the fusion of imagination and expertise with Études Architectural Solutions.</p>\\n<\u0021-- /wp:paragraph --></div>\\n<\u0021-- /wp:column -->\\n\\n<\u0021-- wp:column {\\"style\\":{\\"spacing\\":{\\"blockGap\\":\\"var:preset|spacing|10\\"}}} -->\\n<div class=\\"wp-block-column\\"><\u0021-- wp:heading {\\"textAlign\\":\\"left\\",\\"level\\":3,\\"style\\":{\\"typography\\":{\\"fontStyle\\":\\"normal\\",\\"fontWeight\\":\\"600\\"}},\\"className\\":\\"is-style-asterisk\\",\\"fontSize\\":\\"medium\\",\\"fontFamily\\":\\"body\\"} -->\\n<h3 class=\\"wp-block-heading has-text-align-left is-style-asterisk has-body-font-family has-medium-font-size\\" style=\\"font-style:normal;font-weight:600\\">Project Management</h3>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:paragraph {\\"align\\":\\"left\\"} -->\\n<p class=\\"has-text-align-left\\">Experience the fusion of imagination and expertise with Études Architectural Solutions.</p>\\n<\u0021-- /wp:paragraph --></div>\\n<\u0021-- /wp:column -->\\n\\n<\u0021-- wp:column {\\"style\\":{\\"spacing\\":{\\"blockGap\\":\\"var:preset|spacing|10\\"}}} -->\\n<div class=\\"wp-block-column\\"><\u0021-- wp:heading {\\"textAlign\\":\\"left\\",\\"level\\":3,\\"style\\":{\\"typography\\":{\\"fontStyle\\":\\"normal\\",\\"fontWeight\\":\\"600\\"}},\\"className\\":\\"is-style-asterisk\\",\\"fontSize\\":\\"medium\\",\\"fontFamily\\":\\"body\\"} -->\\n<h3 class=\\"wp-block-heading has-text-align-left is-style-asterisk has-body-font-family has-medium-font-size\\" style=\\"font-style:normal;font-weight:600\\">Architectural Solutions</h3>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:paragraph {\\"align\\":\\"left\\"} -->\\n<p class=\\"has-text-align-left\\">Experience the fusion of imagination and expertise with Études Architectural Solutions.</p>\\n<\u0021-- /wp:paragraph --></div>\\n<\u0021-- /wp:column --></div>\\n<\u0021-- /wp:columns --></div>\\n<\u0021-- /wp:group -->\\n\\n<\u0021-- wp:group {\\"align\\":\\"full\\",\\"style\\":{\\"spacing\\":{\\"padding\\":{\\"top\\":\\"var:preset|spacing|50\\",\\"bottom\\":\\"var:preset|spacing|50\\",\\"left\\":\\"var:preset|spacing|50\\",\\"right\\":\\"var:preset|spacing|50\\"},\\"margin\\":{\\"top\\":\\"0\\",\\"bottom\\":\\"0\\"}}},\\"layout\\":{\\"type\\":\\"constrained\\"}} -->\\n<div class=\\"wp-block-group alignfull\\" style=\\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--50);padding-right:var(--wp--preset--spacing--50);padding-bottom:var(--wp--preset--spacing--50);padding-left:var(--wp--preset--spacing--50)\\"><\u0021-- wp:group {\\"align\\":\\"wide\\",\\"style\\":{\\"spacing\\":{\\"blockGap\\":\\"0\\"}},\\"layout\\":{\\"type\\":\\"constrained\\"}} -->\\n<div class=\\"wp-block-group alignwide\\"><\u0021-- wp:group {\\"style\\":{\\"spacing\\":{\\"blockGap\\":\\"var:preset|spacing|10\\"}},\\"layout\\":{\\"type\\":\\"flex\\",\\"orientation\\":\\"vertical\\",\\"justifyContent\\":\\"center\\"}} -->\\n<div class=\\"wp-block-group\\"><\u0021-- wp:heading {\\"textAlign\\":\\"center\\",\\"className\\":\\"is-style-asterisk\\"} -->\\n<h2 class=\\"wp-block-heading has-text-align-center is-style-asterisk\\">An array of resources</h2>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:paragraph {\\"align\\":\\"center\\",\\"style\\":{\\"layout\\":{\\"selfStretch\\":\\"fit\\",\\"flexSize\\":null}}} -->\\n<p class=\\"has-text-align-center\\">Our comprehensive suite of professional services caters to a diverse clientele, ranging from homeowners to commercial developers.</p>\\n<\u0021-- /wp:paragraph --></div>\\n<\u0021-- /wp:group -->\\n\\n<\u0021-- wp:spacer {\\"height\\":\\"var:preset|spacing|40\\"} -->\\n<div style=\\"height:var(--wp--preset--spacing--40)\\" aria-hidden=\\"true\\" class=\\"wp-block-spacer\\"></div>\\n<\u0021-- /wp:spacer -->\\n\\n<\u0021-- wp:columns {\\"align\\":\\"wide\\",\\"style\\":{\\"spacing\\":{\\"blockGap\\":{\\"top\\":\\"var:preset|spacing|50\\",\\"left\\":\\"var:preset|spacing|60\\"}}}} -->\\n<div class=\\"wp-block-columns alignwide\\"><\u0021-- wp:column {\\"verticalAlignment\\":\\"center\\",\\"width\\":\\"40%\\"} -->\\n<div class=\\"wp-block-column is-vertically-aligned-center\\" style=\\"flex-basis:40%\\"><\u0021-- wp:heading {\\"level\\":3,\\"className\\":\\"is-style-asterisk\\"} -->\\n<h3 class=\\"wp-block-heading is-style-asterisk\\">Études Architect App</h3>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:list {\\"style\\":{\\"typography\\":{\\"lineHeight\\":\\"1.75\\"}},\\"className\\":\\"is-style-checkmark-list\\"} -->\\n<ul style=\\"line-height:1.75\\" class=\\"is-style-checkmark-list\\"><\u0021-- wp:list-item -->\\n<li>Collaborate with fellow architects.</li>\\n<\u0021-- /wp:list-item -->\\n\\n<\u0021-- wp:list-item -->\\n<li>Showcase your projects.</li>\\n<\u0021-- /wp:list-item -->\\n\\n<\u0021-- wp:list-item -->\\n<li>Experience the world of architecture.</li>\\n<\u0021-- /wp:list-item --></ul>\\n<\u0021-- /wp:list --></div>\\n<\u0021-- /wp:column -->\\n\\n<\u0021-- wp:column {\\"width\\":\\"50%\\"} -->\\n<div class=\\"wp-block-column\\" style=\\"flex-basis:50%\\"><\u0021-- wp:image {\\"sizeSlug\\":\\"large\\",\\"linkDestination\\":\\"none\\",\\"className\\":\\"is-style-rounded\\"} -->\\n<figure class=\\"wp-block-image size-large is-style-rounded\\"><img src=\\"https://crs.example.com/wp-content/themes/twentytwentyfour/assets/images/tourist-and-building.webp\\" alt=\\"Tourist taking photo of a building\\"/></figure>\\n<\u0021-- /wp:image --></div>\\n<\u0021-- /wp:column --></div>\\n<\u0021-- /wp:columns -->\\n\\n<\u0021-- wp:spacer {\\"height\\":\\"var:preset|spacing|40\\"} -->\\n<div style=\\"height:var(--wp--preset--spacing--40)\\" aria-hidden=\\"true\\" class=\\"wp-block-spacer\\"></div>\\n<\u0021-- /wp:spacer -->\\n\\n<\u0021-- wp:columns {\\"align\\":\\"wide\\",\\"style\\":{\\"spacing\\":{\\"blockGap\\":{\\"top\\":\\"var:preset|spacing|50\\",\\"left\\":\\"var:preset|spacing|60\\"}}}} -->\\n<div class=\\"wp-block-columns alignwide\\"><\u0021-- wp:column {\\"width\\":\\"50%\\"} -->\\n<div class=\\"wp-block-column\\" style=\\"flex-basis:50%\\"><\u0021-- wp:image {\\"sizeSlug\\":\\"large\\",\\"linkDestination\\":\\"none\\",\\"className\\":\\"is-style-rounded\\"} -->\\n<figure class=\\"wp-block-image size-large is-style-rounded\\"><img src=\\"https://crs.example.com/wp-content/themes/twentytwentyfour/assets/images/windows.webp\\" alt=\\"Windows of a building in Nuremberg, Germany\\"/></figure>\\n<\u0021-- /wp:image --></div>\\n<\u0021-- /wp:column -->\\n\\n<\u0021-- wp:column {\\"verticalAlignment\\":\\"center\\",\\"width\\":\\"40%\\"} -->\\n<div class=\\"wp-block-column is-vertically-aligned-center\\" style=\\"flex-basis:40%\\"><\u0021-- wp:heading {\\"level\\":3,\\"className\\":\\"is-style-asterisk\\"} -->\\n<h3 class=\\"wp-block-heading is-style-asterisk\\">Études Newsletter</h3>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:list {\\"style\\":{\\"typography\\":{\\"lineHeight\\":\\"1.75\\"}},\\"className\\":\\"is-style-checkmark-list\\"} -->\\n<ul style=\\"line-height:1.75\\" class=\\"is-style-checkmark-list\\"><\u0021-- wp:list-item -->\\n<li>A world of thought-provoking articles.</li>\\n<\u0021-- /wp:list-item -->\\n\\n<\u0021-- wp:list-item -->\\n<li>Case studies that celebrate architecture.</li>\\n<\u0021-- /wp:list-item -->\\n\\n<\u0021-- wp:list-item -->\\n<li>Exclusive access to design insights.</li>\\n<\u0021-- /wp:list-item --></ul>\\n<\u0021-- /wp:list --></div>\\n<\u0021-- /wp:column --></div>\\n<\u0021-- /wp:columns --></div>\\n<\u0021-- /wp:group --></div>\\n<\u0021-- /wp:group -->\\n\\n<\u0021-- wp:group {\\"metadata\\":{\\"name\\":\\"Testimonial\\"},\\"align\\":\\"full\\",\\"style\\":{\\"spacing\\":{\\"padding\\":{\\"top\\":\\"var:preset|spacing|60\\",\\"bottom\\":\\"var:preset|spacing|60\\",\\"left\\":\\"var:preset|spacing|60\\",\\"right\\":\\"var:preset|spacing|60\\"},\\"margin\\":{\\"top\\":\\"0\\",\\"bottom\\":\\"0\\"}}},\\"backgroundColor\\":\\"contrast\\",\\"textColor\\":\\"base\\",\\"layout\\":{\\"type\\":\\"constrained\\",\\"contentSize\\":\\"\\"}} -->\\n<div class=\\"wp-block-group alignfull has-base-color has-contrast-background-color has-text-color has-background\\" style=\\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--60);padding-right:var(--wp--preset--spacing--60);padding-bottom:var(--wp--preset--spacing--60);padding-left:var(--wp--preset--spacing--60)\\"><\u0021-- wp:group {\\"layout\\":{\\"type\\":\\"constrained\\"}} -->\\n<div class=\\"wp-block-group\\"><\u0021-- wp:paragraph {\\"align\\":\\"center\\",\\"style\\":{\\"typography\\":{\\"lineHeight\\":\\"1.2\\"}},\\"textColor\\":\\"base\\",\\"fontSize\\":\\"x-large\\",\\"fontFamily\\":\\"heading\\"} -->\\n<p class=\\"has-text-align-center has-base-color has-text-color has-heading-font-family has-x-large-font-size\\" style=\\"line-height:1.2\\">\\n\\t\\t\\t<em>“Études has saved us thousands of hours of work and has unlocked insights we never thought possible.”</em>\\n\\t\\t</p>\\n<\u0021-- /wp:paragraph -->\\n\\n<\u0021-- wp:spacer {\\"height\\":\\"var:preset|spacing|10\\"} -->\\n<div style=\\"height:var(--wp--preset--spacing--10)\\" aria-hidden=\\"true\\" class=\\"wp-block-spacer\\"></div>\\n<\u0021-- /wp:spacer -->\\n\\n<\u0021-- wp:group {\\"metadata\\":{\\"name\\":\\"Testimonial source\\"},\\"style\\":{\\"spacing\\":{\\"blockGap\\":\\"0\\"}},\\"layout\\":{\\"type\\":\\"flex\\",\\"orientation\\":\\"vertical\\",\\"justifyContent\\":\\"center\\",\\"flexWrap\\":\\"nowrap\\"}} -->\\n<div class=\\"wp-block-group\\"><\u0021-- wp:image {\\"width\\":\\"60px\\",\\"aspectRatio\\":\\"1\\",\\"scale\\":\\"cover\\",\\"sizeSlug\\":\\"thumbnail\\",\\"linkDestination\\":\\"none\\",\\"align\\":\\"center\\",\\"style\\":{\\"border\\":{\\"radius\\":\\"100px\\"}}} -->\\n<figure class=\\"wp-block-image aligncenter size-thumbnail is-resized has-custom-border\\"><img alt=\\"\\" style=\\"border-radius:100px;aspect-ratio:1;object-fit:cover;width:60px\\"/></figure>\\n<\u0021-- /wp:image -->\\n\\n<\u0021-- wp:paragraph {\\"align\\":\\"center\\",\\"style\\":{\\"spacing\\":{\\"margin\\":{\\"top\\":\\"var:preset|spacing|10\\",\\"bottom\\":\\"0\\"}}}} -->\\n<p class=\\"has-text-align-center\\" style=\\"margin-top:var(--wp--preset--spacing--10);margin-bottom:0\\">Annie Steiner</p>\\n<\u0021-- /wp:paragraph -->\\n\\n<\u0021-- wp:paragraph {\\"align\\":\\"center\\",\\"style\\":{\\"typography\\":{\\"fontStyle\\":\\"normal\\",\\"fontWeight\\":\\"300\\"}},\\"textColor\\":\\"contrast-3\\",\\"fontSize\\":\\"small\\"} -->\\n<p class=\\"has-text-align-center has-contrast-3-color has-text-color has-small-font-size\\" style=\\"font-style:normal;font-weight:300\\">CEO, Greenprint</p>\\n<\u0021-- /wp:paragraph --></div>\\n<\u0021-- /wp:group --></div>\\n<\u0021-- /wp:group --></div>\\n<\u0021-- /wp:group -->\\n\\n<\u0021-- wp:group {\\"align\\":\\"full\\",\\"style\\":{\\"spacing\\":{\\"padding\\":{\\"top\\":\\"var:preset|spacing|50\\",\\"bottom\\":\\"var:preset|spacing|50\\",\\"left\\":\\"var:preset|spacing|50\\",\\"right\\":\\"var:preset|spacing|50\\"},\\"margin\\":{\\"top\\":\\"0\\",\\"bottom\\":\\"0\\"}}},\\"layout\\":{\\"type\\":\\"constrained\\"}} -->\\n<div class=\\"wp-block-group alignfull\\" style=\\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--50);padding-right:var(--wp--preset--spacing--50);padding-bottom:var(--wp--preset--spacing--50);padding-left:var(--wp--preset--spacing--50)\\"><\u0021-- wp:heading {\\"align\\":\\"wide\\",\\"style\\":{\\"typography\\":{\\"lineHeight\\":\\"1\\"},\\"spacing\\":{\\"margin\\":{\\"top\\":\\"0\\",\\"bottom\\":\\"var:preset|spacing|40\\"}}},\\"fontSize\\":\\"x-large\\"} -->\\n<h2 class=\\"wp-block-heading alignwide has-x-large-font-size\\" style=\\"margin-top:0;margin-bottom:var(--wp--preset--spacing--40);line-height:1\\">Watch, Read, Listen</h2>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:group {\\"align\\":\\"wide\\",\\"layout\\":{\\"type\\":\\"constrained\\"}} -->\\n<div class=\\"wp-block-group alignwide\\"><\u0021-- wp:query {\\"queryId\\":0,\\"query\\":{\\"perPage\\":10,\\"pages\\":0,\\"offset\\":0,\\"postType\\":\\"post\\",\\"order\\":\\"desc\\",\\"orderBy\\":\\"date\\",\\"author\\":\\"\\",\\"search\\":\\"\\",\\"exclude\\":[],\\"sticky\\":\\"\\",\\"inherit\\":true},\\"align\\":\\"wide\\",\\"layout\\":{\\"type\\":\\"default\\"}} -->\\n<div class=\\"wp-block-query alignwide\\"><\u0021-- wp:post-template -->\\n<\u0021-- wp:separator {\\"backgroundColor\\":\\"contrast-3\\",\\"className\\":\\"alignwide is-style-wide\\"} -->\\n<hr class=\\"wp-block-separator has-text-color has-contrast-3-color has-alpha-channel-opacity has-contrast-3-background-color has-background alignwide is-style-wide\\"/>\\n<\u0021-- /wp:separator -->\\n\\n<\u0021-- wp:columns {\\"verticalAlignment\\":\\"center\\",\\"align\\":\\"wide\\",\\"style\\":{\\"spacing\\":{\\"margin\\":{\\"top\\":\\"var:preset|spacing|20\\",\\"bottom\\":\\"var:preset|spacing|20\\"}}}} -->\\n<div class=\\"wp-block-columns alignwide are-vertically-aligned-center\\" style=\\"margin-top:var(--wp--preset--spacing--20);margin-bottom:var(--wp--preset--spacing--20)\\"><\u0021-- wp:column {\\"verticalAlignment\\":\\"center\\",\\"width\\":\\"72%\\"} -->\\n<div class=\\"wp-block-column is-vertically-aligned-center\\" style=\\"flex-basis:72%\\"><\u0021-- wp:post-title {\\"isLink\\":true,\\"style\\":{\\"typography\\":{\\"lineHeight\\":\\"1.1\\",\\"fontSize\\":\\"1.5rem\\"}}} /--></div>\\n<\u0021-- /wp:column -->\\n\\n<\u0021-- wp:column {\\"verticalAlignment\\":\\"center\\",\\"width\\":\\"28%\\"} -->\\n<div class=\\"wp-block-column is-vertically-aligned-center\\" style=\\"flex-basis:28%\\"><\u0021-- wp:template-part {\\"slug\\":\\"post-meta\\",\\"theme\\":\\"twentytwentyfour\\"} /--></div>\\n<\u0021-- /wp:column --></div>\\n<\u0021-- /wp:columns -->\\n<\u0021-- /wp:post-template -->\\n\\n<\u0021-- wp:spacer {\\"height\\":\\"var:preset|spacing|30\\"} -->\\n<div style=\\"height:var(--wp--preset--spacing--30)\\" aria-hidden=\\"true\\" class=\\"wp-block-spacer\\"></div>\\n<\u0021-- /wp:spacer -->\\n\\n<\u0021-- wp:query-pagination {\\"paginationArrow\\":\\"arrow\\",\\"layout\\":{\\"type\\":\\"flex\\",\\"justifyContent\\":\\"space-between\\"}} -->\\n<\u0021-- wp:query-pagination-previous /-->\\n\\n<\u0021-- wp:query-pagination-numbers /-->\\n\\n<\u0021-- wp:query-pagination-next /-->\\n<\u0021-- /wp:query-pagination -->\\n\\n<\u0021-- wp:query-no-results -->\\n<\u0021-- wp:paragraph -->\\n<p>No posts were found.</p>\\n<\u0021-- /wp:paragraph -->\\n<\u0021-- /wp:query-no-results --></div>\\n<\u0021-- /wp:query --></div>\\n<\u0021-- /wp:group --></div>\\n<\u0021-- /wp:group -->\\n\\n<\u0021-- wp:group {\\"align\\":\\"full\\",\\"style\\":{\\"spacing\\":{\\"padding\\":{\\"top\\":\\"var:preset|spacing|50\\",\\"bottom\\":\\"var:preset|spacing|50\\",\\"left\\":\\"var:preset|spacing|50\\",\\"right\\":\\"var:preset|spacing|50\\"},\\"margin\\":{\\"top\\":\\"0\\",\\"bottom\\":\\"0\\"}}},\\"layout\\":{\\"type\\":\\"constrained\\"}} -->\\n<div class=\\"wp-block-group alignfull\\" style=\\"margin-top:0;margin-bottom:0;padding-top:var(--wp--preset--spacing--50);padding-right:var(--wp--preset--spacing--50);padding-bottom:var(--wp--preset--spacing--50);padding-left:var(--wp--preset--spacing--50)\\"><\u0021-- wp:group {\\"align\\":\\"wide\\",\\"style\\":{\\"border\\":{\\"radius\\":\\"16px\\"},\\"spacing\\":{\\"padding\\":{\\"top\\":\\"var:preset|spacing|40\\",\\"bottom\\":\\"var:preset|spacing|40\\",\\"left\\":\\"var:preset|spacing|50\\",\\"right\\":\\"var:preset|spacing|50\\"}}},\\"backgroundColor\\":\\"base-2\\",\\"layout\\":{\\"type\\":\\"constrained\\"}} -->\\n<div class=\\"wp-block-group alignwide has-base-2-background-color has-background\\" style=\\"border-radius:16px;padding-top:var(--wp--preset--spacing--40);padding-right:var(--wp--preset--spacing--50);padding-bottom:var(--wp--preset--spacing--40);padding-left:var(--wp--preset--spacing--50)\\"><\u0021-- wp:spacer {\\"height\\":\\"var:preset|spacing|10\\"} -->\\n<div style=\\"height:var(--wp--preset--spacing--10)\\" aria-hidden=\\"true\\" class=\\"wp-block-spacer\\"></div>\\n<\u0021-- /wp:spacer -->\\n\\n<\u0021-- wp:heading {\\"textAlign\\":\\"center\\",\\"fontSize\\":\\"x-large\\"} -->\\n<h2 class=\\"wp-block-heading has-text-align-center has-x-large-font-size\\">Join 900+ subscribers</h2>\\n<\u0021-- /wp:heading -->\\n\\n<\u0021-- wp:paragraph {\\"align\\":\\"center\\"} -->\\n<p class=\\"has-text-align-center\\">Stay in the loop with everything you need to know.</p>\\n<\u0021-- /wp:paragraph -->\\n\\n<\u0021-- wp:buttons {\\"layout\\":{\\"type\\":\\"flex\\",\\"justifyContent\\":\\"center\\"}} -->\\n<div class=\\"wp-block-buttons\\"><\u0021-- wp:button -->\\n<div class=\\"wp-block-button\\"><a class=\\"wp-block-button__link wp-element-button\\">Sign up</a></div>\\n<\u0021-- /wp:button --></div>\\n<\u0021-- /wp:buttons -->\\n\\n<\u0021-- wp:spacer {\\"height\\":\\"var:preset|spacing|10\\"} -->\\n<div style=\\"height:var(--wp--preset--spacing--10)\\" aria-hidden=\\"true\\" class=\\"wp-block-spacer\\"></div>\\n<\u0021-- /wp:spacer --></div>\\n<\u0021-- /wp:group --></div>\\n<\u0021-- /wp:group --></main>\\n<\u0021-- /wp:group -->\\n\\n<\u0021-- wp:template-part {\\"slug\\":\\"footer\\",\\"theme\\":\\"twentytwentyfour\\",\\"tagName\\":\\"footer\\",\\"area\\":\\"footer\\"} /-->"}'

Sandbox

This payload has been tested against the OWASP ModSecurity Core Rule Set 
web application firewall. The test was executed using the apache engine and CRS version nightly.

The payload is being detected by triggering the following rules:

920450 PL1 HTTP header is restricted by policy (/x-http-method-override/)
941100 PL1 XSS Attack Detected via libinjection
941160 PL1 NoScript XSS InjectionChecker: HTML Injection
941180 PL1 Node-Validator Deny List Keywords
949110 PL1 Inbound Anomaly Score Exceeded (Total Score: 20)
980170 PL1 Anomaly Scores: (Inbound Scores: blocking=20, detection=20, per_pl=20-0-0-0, threshold=5) - (Outbound Scores: blocking=0, detection=0, per_pl=0-0-0-0, threshold=4) - (SQLI=0, XSS=15, RFI=0, LFI=0, RCE=0, PHPI=0, HTTP=0, SESS=0, COMBINED_SCORE=20)

CRS therefore detects this payload starting with paranoia level 1.

Error Logs

user crs.example.com [Thu Apr 04 09:28:53.202849 2024] [-:error] [pid 48740:tid 36095432704] [client IP:53984] [client IP] ModSecurity: Warning. String match within "/content-encoding/ /proxy/ /lock-token/ /content-range/ /if/ /x-http-method-override/ /x-http-method/ /x-method-override/" at TX:header_name_920450_x-http-method-override. [file "/etc/mod_security/crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1193"] [id "920450"] [msg "HTTP header is restricted by policy (/x-http-method-override/)"] [data "Restricted header detected: /x-http-method-override/"] [severity "CRITICAL"] [ver "OWASP_CRS/4.1.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/12.1"] [hostname "crs.example.com"] [uri "/wp-json/wp/v2/templates/twentytwentyfour//home"] [unique_id "Zg5WtX4evJSgF5JfG9U9YwAAAy4"], referer https://crs.example.com/wp-admin/site-editor.php?return=https%3A%2F%2Fcrs.example.com%2Fwp-admin%2Fthemes.php&canvas=edit
user crs.example.com [Thu Apr 04 09:28:53.418560 2024] [-:error] [pid 48740:tid 36095432704] [client IP:53984] [client IP] ModSecurity: Rule 860ee4cb8 [id "941140"][file "/etc/mod_security/crs/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf"][line "186"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "crs.example.com"] [uri "/wp-json/wp/v2/templates/twentytwentyfour/home"] [unique_id "Zg5WtX4evJSgF5JfG9U9YwAAAy4"], referer https://crs.example.com/wp-admin/site-editor.php?return=https%3A%2F%2Fcrs.example.com%2Fwp-admin%2Fthemes.php&canvas=edit
user crs.example.com [Thu Apr 04 09:28:53.446832 2024] [-:error] [pid 48740:tid 36095432704] [client IP:53984] [client IP] ModSecurity: Warning. Matched phrase "<!--" at ARGS:content. [file "/etc/mod_security/crs/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf"] [line "271"] [id "941180"] [msg "Node-Validator Deny List Keywords"] [data "Matched Data: <!-- found within ARGS:content: <!-- wp:template-part {\\x22slug\\x22:\\x22header\\x22,\\x22theme\\x22:\\x22twentytwentyfour\\x22,\\x22tagName\\x22:\\x22header\\x22,\\x22area\\x22:\\x22header\\x22} /-->\\x0a\\x0a<!-- wp:group {\\x22tagName\\x22:\\x22main\\x22,\\x22style\\x22:{\\x22spacing\\x22:{\\x22blockGap\\x22:\\x220\\x22,\\x22margin\\x22:{\\x22top\\x22:\\x220\\x22}}},\\x22layout\\x22:{\\x22type\\x22:\\x22default\\x22}} -->\\x0a<main class=\\x22wp-block-group\\x22 style=\\x22margin-top:0\\x22><!-- wp:group {\\x22align\\x22:\\x22full\\x22..."] [severity "CRITICAL"] [ver "OWASP_CRS/4.1.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-xss"] [tag "xss-perf-disable"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/242"] [hostname "crs.example.com"] [uri "/wp-json/wp/v2/templates/twentytwentyfour/home"] [unique_id "Zg5WtX4evJSgF5JfG9U9YwAAAy4"], referer https://crs.example.com/wp-admin/site-editor.php?return=https%3A%2F%2Fcrs.example.com%2Fwp-admin%2Fthemes.php&canvas=edit
user crs.example.com [Thu Apr 04 09:28:53.843670 2024] [-:error] [pid 48740:tid 36095432704] [client IP:53984] [client IP] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 7 at TX:blocking_inbound_anomaly_score. [file "/etc/mod_security/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [ver "OWASP_CRS/4.1.0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "crs.example.com"] [uri "/wp-json/wp/v2/templates/twentytwentyfour/home"] [unique_id "Zg5WtX4evJSgF5JfG9U9YwAAAy4"], referer https://crs.example.com/wp-admin/site-editor.php?return=https%3A%2F%2Fcrs.example.com%2Fwp-admin%2Fthemes.php&canvas=edit
user crs.example.com [Thu Apr 04 09:28:53.844526 2024] [-:error] [pid 48740:tid 36909733120] [client IP:53984] [client IP] ModSecurity: Warning. Unconditional match in SecAction. [file "/etc/mod_security/crs/rules/RESPONSE-980-CORRELATION.conf"] [line "98"] [id "980170"] [msg "Anomaly Scores: (Inbound Scores: blocking=10, detection=10, per_pl=10-0-0-0, threshold=7) - (Outbound Scores: blocking=0, detection=0, per_pl=0-0-0-0, threshold=7) - (SQLI=0, XSS=5, RFI=0, LFI=0, RCE=0, PHPI=0, HTTP=0, SESS=0, COMBINED_SCORE=10)"] [ver "OWASP_CRS/4.1.0"] [tag "reporting"] [tag "OWASP_CRS"] [hostname "crs.example.com"] [uri "/wp-json/wp/v2/templates/twentytwentyfour/home"] [unique_id "Zg5WtX4evJSgF5JfG9U9YwAAAy4"], referer https://crs.example.com/wp-admin/site-editor.php?return=https%3A%2F%2Fcrs.example.com%2Fwp-admin%2Fthemes.php&canvas=edit

Triggered Rules:

• 920450: Restricted header detected
• 941140: XSS Filter - Category 4: Javascript URI Vector (PCRE limits exceeded (-8)) - Even if high Limit is set. Maybe my fault?
• 941180: Node-Validator Deny List Keywords

Expected Result

Using the Site Editor in a default environment should not be blocked

[azurit]

Hi @pesc, thank for reporting this. You are talknig about PCRE limits exceeded but i can't see this in your logs or sandbox output. Can you provide more info about this?

[pesc]

Hi @pesc, thank for reporting this. You are talknig about PCRE limits exceeded but i can't see this in your logs or sandbox output. Can you provide more info about this?

Hi @azurit

It's hidden in the "Error Logs" - 2nd line of my report: [pid 48740:tid 36095432704] [client IP:53984] [client IP] ModSecurity: Rule 860ee4cb8 [id "941140"][file "/etc/mod_security/crs/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf"][line "186"] - Execution error - PCRE limits exceeded (-8): (null).

[azurit]

@pesc Sorry, see it now. Can you try newest plugin with this PR included?

[pesc]

Yes perfect! No more errors!

[EsadCetiner]

@pesc Good to hear your issue was resolved. Feel free to open another issue if you need help!

[pesc]

That was fast! Thank you very much!