CVE-2021-4348
- Reference to the description:
- Description:
- The Ultimate GDPR & CCPA plugin for WordPress is vulnerable to unauthenticated settings import and export via the export_settings & import_settings functions in versions up to, and including, 2.4. This makes it possible for unauthenticated attackers to change plugin settings and conduct attacks such as redirecting visitors to malicious sites.
- Last updated date:
- 06/14/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 06/14/2023