cleantalk
Vulnerabilities and Security Researches

Complianz – GDPR/CCPA Cookie Consent, CVE-2024-1592

CVE, Research URL

CVE-2024-1592

Home page URL

Security reports for Complianz – GDPR/CCPA Cookie Consent

Application

Complianz – GDPR/CCPA Cookie Consent

Published on
Mar 02, 2024
Research Description
The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.6. This is due to missing or incorrect nonce validation on the process_delete function in class-DNSMPD.php. This makes it possible for unauthenticated attackers to delete GDPR data requests via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions
max 7.0.0.
Status
vulnerable
Previous vulnerability researches
Complianz – GDPR/CCPA Cookie Consent (CVE-2025-11185) , Feb 27, 2026
Complianz – GDPR/CCPA Cookie Consent (CVE-2022-0193) , Jun 06, 2024
Complianz – GDPR/CCPA Cookie Consent (CVE-2022-3494) , Jun 06, 2024
Complianz – GDPR/CCPA Cookie Consent (CVE-2024-1592) , Jun 06, 2024
Complianz – GDPR/CCPA Cookie Consent (CVE-2023-33333) , Jun 06, 2024
New vulnerability
Link Hopper (CVE-2025-15483) , Feb 27, 2026
WPForms Google Sheet Connector (CVE-2025-67979) , Feb 27, 2026
Page Builder – AIO WP Builder: #1 Website Builder for WordPress (CVE-2025-53217) , Feb 27, 2026
WooCommerce Google Analytics Integration By Advanced WC Analytics (CVE-2025-68032) , Feb 27, 2026
WP Author box, Bio link and Post Rating – Authorsy (CVE-2026-24950) , Feb 27, 2026