A zero-day vBulletin vulnerability and exploit was publicly disclosed and is being used by bad actors to attack forums. Cloudflare has created a special rule for their Web Application Firewall that will detect and block this exploit. This means that v Bulletin sites using CloudFlare and who have their firewall enabled will not be affected by the exploit. Any blocked attempts will show up under the WAF service category to see the full details of what the attacker was trying to do.
Source: https://www.bleepingcomputer.com/news/security/cloudflare-now-blocks-the-vbulletin-rce-cve-2019-16759-exploit/