Filtered by vendor Appsaloon Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-36697 1 Appsaloon 1 Wp Gdpr 2024-11-21 7.3 High
The WP GDPR plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in versions up to, and including, 2.1.1. This makes it possible for unauthenticated attackers to delete any comment and modify the plugin’s settings.
CVE-2020-20628 1 Appsaloon 1 Wp-gdpr 2024-11-21 6.1 Medium
controller/controller-comments.php in WP GDPR plugin through 2.1.1 has unauthenticated stored XSS.