Vulnerability — CVE-2020-36718

CVE-2020-36718

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2020-36718
Description:: The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.3 via deserialization of untrusted input "njt_gdpr_allow_permissions" value. This allows unauthenticated attackers to inject a PHP Object.
Last updated date:: 06/13/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 06/13/2023
Reference url to background: https://blog.nintechnet.com/gdpr-ccpa-compliance-support-plugin-fixed-insecure-deserialization-vulnerability/