96 matches found
Noyb Threatens Meta with Lawsuit for Violating GDPR to Train AI on E.U. User Data From May 27
Austrian privacy non-profit noyb none of your business has sent Meta's Irish headquarters a cease-and-desist letter, threatening the company with a class action lawsuit if it proceeds with its plans to train users' data for training its artificial intelligence AI models without an explicit opt-in...
WordPress plugin GDPR Framework By Data443 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...
Privacy-Preserving Transformers: SwiftKey'S Differential Privacy Implementation
In this paper we train a transformer using differential privacy DP for language modeling in SwiftKey. We run multiple experiments to balance the trade-off between the model size, run-time speed and accuracy. We show that we get small and consistent gains in the next-word-prediction and accuracy...
CVE-2025-31689
Cross-Site Request Forgery CSRF vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery.This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2...
GHSA-JV6R-MJ9P-9XFF Drupal General Data Protection Regulation Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery. This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2...
Drupal General Data Protection Regulation Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery. This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2...
WordPress plugin GDPR Cookie Notice 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2025-31689
Cross-Site Request Forgery CSRF vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery.This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2...
CVE-2025-31689 General Data Protection Regulation - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-018
Cross-Site Request Forgery CSRF vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery.This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2...
CVE-2025-31689 General Data Protection Regulation - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-018
Cross-Site Request Forgery CSRF vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery.This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2...
CVE-2025-31689 General Data Protection Regulation - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-018
Cross-Site Request Forgery CSRF vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery.This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2...
CVE-2025-31689
The CVE-2025-31689 entry concerns the Drupal General Data Protection Regulation (GDPR) module. A CSRF vulnerability affects versions 0.0.0 through 3.0.1 and 3.1.0 through 3.1.2. The issue is mitigated by upgrading to 3.0.1+ or 3.1.2+ (per connected sources). No exploit details are provided beyond...
WordPress plugin GDPR Cookie Compliance 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
DRUPAL-CONTRIB-2025-018
The GDPR Task submodule enables you to create GDPR tasks. The module doesn't sufficiently protect against Cross Site Request Forgery CSRF attacks by validating user identity and intent when creating tasks...
WordPress plugin GDPR CCPA Compliance Support 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...
PT-2025-5428 · Ninja Team · Ninjateam Gdpr Ccpa Compliance Support
Name of the Vulnerable Software and Affected Versions: NinjaTeam GDPR CCPA Compliance Support versions 2.7.1 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For...
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China
Austrian privacy non-profit None of Your Business noyb has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users' data to China. The advocacy group is seeking an...
WordPress plugin Cookie Consent & Autoblock for GDPR/CCPA 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...
Multiple Binary Vulnerabilities in GBase 8c at Tianjin Nanda General Data Technology Co.
GBase 8c is a multimodal and polymorphic distributed database built on openGauss 3.0. Multiple binary vulnerabilities exist in GBase 8c at Tianjin Nanda General Data Technology Co. that can be exploited by attackers to cause a denial of service...
WordPress WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) plugin <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header vulnerability
Unauthenticated Stored Cross-Site Scripting via Client-IP header vulnerability discovered by Krzysztof Zając in WordPress Plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions = 3.2.0...