3 matches found
CVE-2020-36697
The WP GDPR plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in versions up to, and including, 2.1.1. This makes it possible for unauthenticated attackers to delete any comment and modify the plugin’s settings...
CVE-2020-36697 WP GDPR <= 2.1.1 - Missing Authorization Checks
The WP GDPR plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in versions up to, and including, 2.1.1. This makes it possible for unauthenticated attackers to delete any comment and modify the plugin’s settings...
CVE-2020-36697
CVE-2020-36697 affects the WP GDPR plugin for WordPress, with vulnerability in versions up to 2.1.1 due to a missing capability check that enables authorization bypass. This allows unauthenticated attackers to delete comments and modify plugin settings. Remediation: upgrade to a version higher th...