Description
WordPress Plugin Total GDPR Compliance Lite-WordPress for GDPR Compatibility [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin Total GDPR Compliance Lite-WordPress for GDPR Compatibility version 1.0.4 is vulnerable; prior versions may also be affected.
Remediation
Disable and remove the plugin, or download it from wordpress.org repository
References
Related Vulnerabilities
WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Cross-Site Scripting (1.3.7)
WordPress Plugin MQ ReLinks Multiple Vulnerabilities (1.8)
WordPress Plugin Safe SVG Cross-Site Scripting (1.9.5)
WordPress Plugin Tabs Cross-Site Scripting (1.8.0)
WordPress Plugin Payment Form for PayPal Pro SQL Injection (1.1.64)