Lucene search
Ace Candelario (@0xspade)PATCHSTACK:53714CCB1A100C80D41C28F2F38D0437HistoryJan 26, 2022 - 12:00 a.m.
WordPress WordPress GDPR & CCPA premium plugin <= 1.9.26 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
2022-01-2600:00:00
Ace Candelario (@0xspade)
patchstack.com
4
0.001 Low
EPSS
Percentile
47.3%
Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability discovered by Ace Candelario (@0xspade) and Victor Paynat-Sautivet (3DS Outscale SOC) in WordPress WordPress GDPR & CCPA premium plugin (versions <= 1.9.26).
Solution
Update the WordPress WordPress GDPR & CCPA premium plugin to the latest available version (at least 1.9.27).
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress gdpr & ccpa | le | 1.9.26 |
Related
cvelist
cvelist
nvd
nvd
CVE-2022-0220
2022-02-01 13:15:09
wpvulndb
wpvulndb
cve
cve
CVE-2022-0220
2022-02-01 13:15:09
nuclei
nuclei
WordPress GDPR & CCPA <1.9.27 - Cross-Site Scripting
2022-07-18 13:40:25
prion
prion
Type confusion
2022-02-01 13:15:00
wpexploit
wpexploit