A bypass method for Wordfence WAF has been discovered using a simple XSS payload. The payload <script>alert('Bypassed Wordfence WAF')</script> successfully bypasses Wordfence WAF protection. This vulnerability can potentially allow attackers to execute malicious scripts on websites protected by Wordfence WAF. It is recommended to update the WAF rules to mitigate this bypass vulnerability.
For more details, check out the original tweet here: https://twitter.com/0x44dt/status/1791722067894915396