europa-diffusion.com Improper Access Control vulnerability OBB-3930746

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2024-24718 · Unknown · Dsgvo Youtube

Name of the Vulnerable Software and Affected Versions: DSGVO Youtube versions 1.4.5 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For versions...

CVE-2024-24836

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Audrasjb GDPR Data Request Form allows Stored XSS.This issue affects GDPR Data Request Form: from n/a through 1.6...

WordPress plugin Cookie Information | Free GDPR Consent Solution Security Breach

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-15021 · WordPress · Omgf | Gdpr/Dsgvo Compliant

Name of the Vulnerable Software and Affected Versions: OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. plugin for WordPress versions up to, and including, 5.7.9 Description: The issue is related to a missing capability check on the update settings function, which is hooked via admin init...

CVE-2023-41800

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in UniConsent UniConsent CMP for GDPR CPRA GPP TCF plugin = 1.4.2 versions...

Debunking misinformation about Opera’s browsers

Privacy, Security Debunking misinformation about Opera’s browsers Share July 6th, 2023 At Opera, we take the privacy and security of our users very seriously. As a European company, we have to be compliant with the GDPR – one of the strongest, if not the strongest, data protection frameworks in t...

WordPress Plugin WP DSGVO Tools (GDPR) 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

Indian Government Publishes Draft of Digital Personal Data Protection Bill 2022

The Indian government on Friday released a draft version of the much-awaited data protection regulation, making it the fourth such effort since it was first proposed in July 2018. The Digital Personal Data Protection Bill, 2022, as it's called, aims to secure personal data, while also seeking...

Opera Privacy Statement Update 2022

Privacy Opera Privacy Statement Update 2022 Share August 29th, 2022 Opera, a browser company based out of Oslo, Norway, cares deeply about user security and data protection. With that in mind, we actively work on improving our internal practices and communications with you, our users. We are maki...

Discover 5 lessons Microsoft has learned about compliance management

Compliance management is a complex process—one that gets increasingly more complicated the larger an organization grows. Microsoft knows this firsthand, not only because of our experience providing Security and Compliance solutions to customers but also because of the global reach and...

New Backdoor Targets French Entities via Open-Source Package Installer

Researchers have exposed a new targeted email campaign aimed at French entities in the construction, real estate, and government sectors that leverages the Chocolatey Windows package manager to deliver a backdoor called Serpent on compromised systems. Enterprise security firm Proofpoint attribute...

Banning Surveillance-Based Advertising

The Norwegian Consumer Council just published a fantastic new report: "Time to Ban Surveillance-Based Advertising." From the Introduction: The challenges caused and entrenched by surveillance-based advertising include, but are not limited to: privacy and data protection infringements opaque...

Key Compliance Concepts for Financial Services

The Sarbanes-Oxley Act SOX was introduced following a number of financial scandals involving huge conglomerates and obliges companies to establish internal controls to prevent fraud and abuse, holding senior managers accountable for the accuracy of financial reporting. The financial crisis in 200...

Execs Could Face Jail Time For Privacy Violations

A new data privacy bill threatens large tech firms, like Facebook, with tough penalties – including monetary fines and up to 20 years of jail time for executives – if they violate user privacy policies. The “Mind Your Own Business Act,” proposed by Sen. Ron Wyden D-Ore. on Thursday, gives the...

Facebook Records User Audio, Sparking Privacy Questions

Facebook has admitted that it has been transcribing audio chats between its users on its Messenger platform. Sources said that it’s paying hundreds to third-party outside contractors to do so. The latter calls into question Facebook’s data-handling practices when it comes to being open with its...

British Airways Fined £183 Million Under GDPR Over 2018 Data Breach

Britain's Information Commissioner's Office ICO today hit British Airways with a record fine of £183 million for failing to protect the personal information of around half a million of its customers during last year's security breach. British Airways, who describes itself as "The World's Favorite...

The global data privacy roadmap: a question of risk

For most American businesses, complying with US data privacy laws follows a somewhat linear, albeit lengthy, path. Set up a privacy policy, don’t lie to the consumer, and check the specific rules if you’re a health care provider, video streaming company, or kids’ app maker. For American businesse...

DRUPAL-CONTRIB-2019-033

This module addresses the General Data Protection Regulation GDPR that came into effect 25th May 2018, and the EU Directive on Privacy and Electronic Communications from 2012. It provides a banner where you can gather consent from the user when the website stores cookies on their computer or...

Will pay-for-privacy be the new normal?

Privacy is a human right, and online privacy should be no exception. Yet, as the US considers new laws to protect individuals’ online data, at least two proposals—one statewide law that can still be amended and one federal draft bill that has yet to be introduced—include an unwelcome bargain:...