EUVD-2025-203884

The Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker for GDPR, CCPA & ePrivacy : WP Cookie Consent plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the gdprdeletepolicydata function in all versions up to, and...

PT-2025-51817

The Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker for GDPR, CCPA & ePrivacy : WP Cookie Consent plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the gdpr delete policy data function in all versions up to, and...

EUVD-2024-33637

Malicious code in bioql PyPI...

EUVD-2024-22199

Malicious code in bioql PyPI...

CVE-2024-24836

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Audrasjb GDPR Data Request Form allows Stored XSS.This issue affects GDPR Data Request Form: from n/a through 1.6...

CVE-2024-21667

pimcore/customer-data-framework is the Customer Management Framework for management of customer data within Pimcore. An authenticated and unauthorized user can access the GDPR data extraction feature and query over the information returned, leading to customer data exposure. Permissions are not...

How to Sue a Company Under GDPR for Data Misuse and Privacy Violations

Learn how to sue companies under GDPR for data misuse. Understand your rights, file complaints, and claim compensation…...

CVE-2024-1592

The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.6. This is due to missing or incorrect nonce validation on the processdelete function in class-DNSMPD.php. This makes it possible for unauthenticated...

Cross site request forgery (csrf)

The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.6. This is due to missing or incorrect nonce validation on the processdelete function in class-DNSMPD.php. This makes it possible for unauthenticated...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Audrasjb GDPR Data Request Form allows Stored XSS.This issue affects GDPR Data Request Form: from n/a through 1.6...

CVE-2024-21667 Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access GDPR extracts

pimcore/customer-data-framework is the Customer Management Framework for management of customer data within Pimcore. An authenticated and unauthorized user can access the GDPR data extraction feature and query over the information returned, leading to customer data exposure. Permissions are not...

Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access GDPR extracts

Summary An authenticated and unauthorized user can access the GDPR data extraction feature and query over the information returned, leading to customer data exposure. Details Permissions do not seem to be enforced when reaching the /admin/customermanagementframework/gdpr-data/search-data-objects...