Hi @joseribeiro,
Thank you for reaching out to us.
From the issue description you have provided, I suspect this could be a false positive. Sometimes, WordPress plugins or themes may exhibit behavior that resembles known attack patterns which results in the Wordfence Firewall blocking something that is not malicious. This can be resolved by switching the firewall to Learning Mode to eliminate the false positives.
From the Wordfence Dashboard, click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now proceed to make save the changes with Be Builder. This will help Wordfence learn that these actions are expected and allow them in the future. After making the changes, switch the WAF from Learning Mode back to Enabled and Protecting, then test to see that you can save changes without getting the same errors.
https://www.wordfence.com/help/firewall/learning-mode/ is an amazing resource for learning more about the WAF and learning mode.
Please get back to us in case the above doesn’t solve your issue.
Thanks,
Janet
