Skip to main content

Wp Gdpr Compliance

3 CVEs product

Monthly

CVE-2023-6700 HIGH PATCH Act Now

The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to arbitrary option updates due to a missing capability check on its AJAX request handler in versions up to, and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 29.2%.

Authentication Bypass WordPress Wp Gdpr Compliance
NVD VulDB
CVSS 3.1
8.8
EPSS
29.2%
CVE-2022-0147 MEDIUM POC PATCH This Month

The Cookie Information | Free GDPR Consent Solution WordPress plugin before 2.0.8 does not escape user data before outputting it back in attributes in the admin dashboard, leading to a Reflected. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS WordPress Wp Gdpr Compliance
NVD WPScan
CVSS 3.1
6.1
EPSS
1.6%
CVE-2018-19207 CRITICAL POC THREAT Act Now

The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress RCE Wp Gdpr Compliance
NVD
CVSS 3.0
9.8
EPSS
87.3%
EPSS 29% CVSS 8.8
HIGH PATCH Act Now

The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to arbitrary option updates due to a missing capability check on its AJAX request handler in versions up to, and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 29.2%.

Authentication Bypass WordPress Wp Gdpr Compliance
NVD VulDB
EPSS 2% CVSS 6.1
MEDIUM POC PATCH This Month

The Cookie Information | Free GDPR Consent Solution WordPress plugin before 2.0.8 does not escape user data before outputting it back in attributes in the admin dashboard, leading to a Reflected. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS WordPress Wp Gdpr Compliance
NVD WPScan
EPSS 87% CVSS 9.8
CRITICAL POC THREAT Act Now

The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress RCE Wp Gdpr Compliance
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy