I just got a notice that the plugin

GDPR Cookie Consent

has a XSS vulnerability in it. Just released today:

This entry was posted in Vulnerabilities, WordPress Security on February 11, 2020 by Matt Barry   0 Replies

Description: Improper Access Controls
Affected Plugin: GDPR Cookie Consent
Affected Versions: <= 1.8.2
CVSS Score: 9.0 (Critical)
CVSS Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Patched Version: 1.8.3

If you are using this plugin, you will want to upgrade to version 1.8.3 immediately. If you want the details of the vulnerability and how it works, you can read the rest of the long post here:

or search it out on the WordFence blog.

Thanks for visiting. Share this information with your developer friends! 🙂