CVE-2018-19207

2018-11-12T17:29:00
ID CVE-2018-19207
Type cve
Reporter cve@mitre.org
Modified 2019-10-03T00:03:00

Description

The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild in November 2018.