VYPR

Dsgvo Google Web Fonts Gdpr

by WordPress

Source repositories

CVEs (1)

  • CVE-2026-3535CriApr 8, 2026
    risk 0.64cvss 9.8epss 0.01

    The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the `DSGVOGWPdownloadGoogleFonts()` function in all versions up to, and including, 1.1. The function is exposed via a `wp_ajax_nopriv_` hook,…