cleantalk
Vulnerabilities and Security Researches

GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent), 83db5c202bfb684392782b84416e4f9814569f0e

CVE, Research URL

83db5c202bfb684392782b84416e4f9814569f0e

Home page URL

Security reports for GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent)

Application

GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent)

Published on
Dec 27, 2019
Research Description
GDPR Cookie Compliance &#8211; Cookie Banner, Cookie Consent, Cookie Notice for CCPA, EU Cookie Law [gdpr-cookie-compliance] < 4.0.3 GDPR Cookie Compliance <= 4.0.2 - Missing Authorization The GDPR Cookie Compliance plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the gdpr_cookie_compliance_reset_settings AJAX action in versions up to, and including, 4.0.2. This makes it possible for authenticated attackers to reset all of the settings.
Affected versions
max 4.0.3.
Status
vulnerable
Previous vulnerability researches
Simple GDPR Cookie Compliance (CVE-2026-24604) , Jan 27, 2026
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2019-25143) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (7d5b4ba83a5c6004460bf267fe534a359e1416b0) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2023-4013) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2025-1621) , Mar 14, 2025
New vulnerability
Customize My Account for WooCommerce (CVE-2026-12136) , Jun 20, 2026
Customize My Account for WooCommerce (CVE-2026-12137) , Jun 20, 2026
Listdom – Business Directory and Classified Ads Listings WordPress Plugin (CVE-2026-54819) , Jun 20, 2026
GIFT4U &#8211; Gift Cards All in One for Woo (CVE-2026-54809) , Jun 20, 2026
WP DSGVO Tools (GDPR) (CVE-2026-10034) , Jun 20, 2026