Cloudflare has deployed two WAF rules in response to high-severity vulnerabilities disclosed to us by the WordPress security team. The new rules protect all Cloudflare customers using affected WordPress versions, but customers should still update immediately to a patched release.
Source: [Cloudflare Blog](https://blog.cloudflare.com/wordpress-vulnerabilities/)