VYPR

WordPress GDPR

by WordPress

CVEs (2)

  • CVE-2021-24814Feb 1, 2022
    risk 0.01cvss epss 0.02

    The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.26, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. Since an HTML payload isn't properly escaped, it may be…

  • CVE-2022-0220Feb 1, 2022
    risk 0.00cvss epss 0.02

    The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.27, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. Since an HTML payload isn't properly escaped, it may be…