2 matches found
WordPress Complianz – GDPR/CCPA Cookie Consent Plugin <= 6.5.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software Complianz – GDPR/CCPA Cookie Consent Type Plugin Vulnerable versions = 6.5.6 Fixed in 7.0.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1592 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 58711ad23413 Credits...
CVE-2024-1592 Complianz – GDPR/CCPA Cookie Consent <= 6.5.6 - Cross-Site Request Forgery to Data Request Deletion
The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.6. This is due to missing or incorrect nonce validation on the processdelete function in class-DNSMPD.php. This makes it possible for unauthenticated...