Vulnerabilities (CVE)

Filtered by vendor Createit Subscribe
Filtered by product Ultimate Gdpr \& Ccpa Compliance Toolkit
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-4348 1 Createit 1 Ultimate Gdpr \& Ccpa Compliance Toolkit 2024-11-21 N/A 7.5 HIGH
The Ultimate GDPR & CCPA plugin for WordPress is vulnerable to unauthenticated settings import and export via the export_settings & import_settings functions in versions up to, and including, 2.4. This makes it possible for unauthenticated attackers to change plugin settings and conduct attacks such as redirecting visitors to malicious sites.