PT-2026-35885

Name of the Vulnerable Software and Affected Versions Complianz – GDPR/CCPA Cookie Consent versions prior to 7.4.6 Description Unauthorized data access is possible due to the REST API endpoint "/wp-json/complianz/v1/consent-area/post id/block id" using return true as the permission callback, whic...

EUVD-2023-54147

Malicious code in bioql PyPI...

EUVD-2023-52360

Malicious code in bioql PyPI...

CVE-2021-24814

The checkprivacysettings AJAX action of the WordPress GDPR WordPress plugin before 1.9.26, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. Since an HTML payload isn't properly escaped, it may be interpreted by a web...

CVE-2024-10388

The WordPress GDPR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gdprfirstname' and 'gdprlastname' parameters in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

WordPress plugin WordPress GDPR 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

WordPress plugin Embed videos and respect privacy 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...

WordPress DSGVO All in one for WP plugin <= 4.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin DSGVO All in one for WP versions = 4.5...

CVE-2023-51404 WordPress My Agile Privacy Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MyAgilePrivacy My Agile Privacy – The only GDPR solution for WordPress that you can truly trust allows Stored XSS.This issue affects My Agile Privacy – The only GDPR solution for WordPress that you...

CVE-2023-4276

The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the 'abprprofileShortcode' function. This makes it possible for unauthenticated attackers to change user email and password via a...

CVE-2023-4276 Absolute Privacy <= 2.1 - Cross-Site Request Forgery to User Email/Password Change

The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the 'abprprofileShortcode' function. This makes it possible for unauthenticated attackers to change user email and password via a...

PT-2023-28577 · WordPress · Absolute Privacy

Name of the Vulnerable Software and Affected Versions: Absolute Privacy plugin for WordPress versions up to, and including, 2.1 Description: The issue is due to missing nonce validation on the abpr profileShortcode function, making it possible for unauthenticated attackers to change user email an...

WordPress Plugin Absolute Privacy Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

Advance Android Malware Analysis Framework: Droidefense

Droidefense originally named atom: analysis through observation machine is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has...