Filtered by vendor Appsaloon Subscriptions
Filtered by product Wp Gdpr Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-36697 1 Appsaloon 1 Wp Gdpr 2024-11-21 7.3 High
The WP GDPR plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in versions up to, and including, 2.1.1. This makes it possible for unauthenticated attackers to delete any comment and modify the plugin’s settings.