Skip to main content

Wordpress Gdpr

2 CVEs product

Monthly

CVE-2024-11069 CRITICAL Act Now

The WordPress GDPR plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'WordPress_GDPR_Data_Delete::check_action' function in all versions up to,. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Wordpress Gdpr
NVD
CVSS 3.1
9.1
EPSS
0.4%
CVE-2024-10388 MEDIUM This Month

The WordPress GDPR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gdpr_firstname' and 'gdpr_lastname' parameters in all versions up to, and including, 2.0.2 due to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Gdpr
NVD
CVSS 3.1
6.1
EPSS
0.3%
EPSS 0% CVSS 9.1
CRITICAL Act Now

The WordPress GDPR plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'WordPress_GDPR_Data_Delete::check_action' function in all versions up to,. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Wordpress Gdpr
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The WordPress GDPR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gdpr_firstname' and 'gdpr_lastname' parameters in all versions up to, and including, 2.0.2 due to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Gdpr
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy