Vulnerability — CVE-2020-36697

CVE-2020-36697

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2020-36697
Description:: The WP GDPR plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in versions up to, and including, 2.1.1. This makes it possible for unauthenticated attackers to delete any comment and modify the plugin’s settings.
Last updated date:: 06/12/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 06/12/2023
Reference url to background: https://blog.nintechnet.com/unauthenticated-stored-xss-and-content-spoofing-vulnerabilities-in-wordpress-wp-gdpr-plugin-unpatched/