Description
WordPress Plugin Ultimate GDPR & CCPA Compliance Toolkit for WordPress is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently change the plugin's settings. WordPress Plugin Ultimate GDPR & CCPA Compliance Toolkit for WordPress version 2.4 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
XWikiplatform Improper Encoding or Escaping of Output Vulnerability (CVE-2024-55663)
WordPress Plugin uContext for Amazon Cross-Site Request Forgery (3.9.1)
WordPress Plugin ShiftNav-Responsive Mobile Menu Cross-Site Scripting (1.7.1)
WordPress Plugin User Access Manager Cross-Site Scripting (1.2.14)