Home » GDPR Cookie Compliance <= 4.0.2 – Authenticated Settings Reset

GDPR Cookie Compliance <= 4.0.2 – Authenticated Settings Reset

Dec 27, 2019 | WordPress Vulnerabilities

Description

The gdpr_cookie_compliance_reset_settings AJAX action registered for authenticated users lacks authorisation and CSRF checks, allowing unauthorised authenticated users to call it, which would result in the settings being reset.

Plugin Development

Integrations

GDPR Cookie Compliance <= 4.0.2 – Authenticated Settings Reset

Related Pages