Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 2:58 p.m.4 views

CVE-2026-4283

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the super-unsubscribe AJAX action accepting a processnow parameter from unauthenticated users, which bypasses the intended email-confirmation...

9.1CVSS5.8AI score0.00431EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/25 8:26 a.m.7 views

WordPress WP DSGVO Tools (GDPR) plugin <= 3.1.38 - Missing Authorization to Unauthenticated Account Destruction of Non-Admin Users vulnerability

Missing Authorization to Unauthenticated Account Destruction of Non-Admin Users vulnerability discovered by shark3y in WordPress Plugin WP DSGVO Tools GDPR versions = 3.1.38...

9.1CVSS5.8AI score0.00431EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/24 6:31 a.m.4 views

EUVD-2026-14735

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the super-unsubscribe AJAX action accepting a processnow parameter from unauthenticated users, which bypasses the intended email-confirmation...

9.1CVSS5.8AI score0.00431EPSS
Exploits0References8
NVD
NVD
added 2026/03/24 5:16 a.m.5 views

CVE-2026-4283

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the super-unsubscribe AJAX action accepting a processnow parameter from unauthenticated users, which bypasses the intended email-confirmation...

9.1CVSS0.00431EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/03/24 4:27 a.m.5 views

CVE-2026-4283

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the super-unsubscribe AJAX action accepting a processnow parameter from unauthenticated users, which bypasses the intended email-confirmation...

9.1CVSS5.8AI score0.00431EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/03/24 4:27 a.m.30 views

CVE-2026-4283 WP DSGVO Tools (GDPR) <= 3.1.38 - Missing Authorization to Unauthenticated Account Destruction of Non-Admin Users

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the super-unsubscribe AJAX action accepting a processnow parameter from unauthenticated users, which bypasses the intended email-confirmation...

9.1CVSS0.00431EPSS
Exploits0References7
CVE
CVE
added 2026/03/24 4:27 a.m.25 views

CVE-2026-4283

The WP DSGVO Tools (GDPR) WordPress plugin (versions up to 3.1.38) is affected by an unauthorized account destruction flaw via the super-unsubscribe AJAX action. unauthenticated users can submit a victim email with process_now=1, bypassing the email-confirmation flow and triggering irreversible a...

9.1CVSS5.8AI score0.00431EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.10 views

PT-2026-27328

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the super-unsubscribe AJAX action accepting a process now parameter from unauthenticated users, which bypasses the intended email-confirmatio...

9.1CVSS5.8AI score0.00431EPSS
Exploits0References8
Code423n4
Code423n4
added 2023/07/14 12:0 a.m.18 views

Two-step ownership transfer process in LSP0ERC725AccountCore can be bypassed

Lines of code Vulnerability details Bug Description To transfer ownership of the LSP0ERC725AccountCore contract, the owner has to call transferOwnership to nominate a pending owner. Afterwards, the pending owner must call acceptOwnership to become the new owner. When called by the owner,...

7.2AI score
Exploits0
Rows per page
Query Builder