Description
WordPress Plugin Ultimate GDPR & CCPA Compliance Toolkit for WordPress is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently change the plugin's settings. WordPress Plugin Ultimate GDPR & CCPA Compliance Toolkit for WordPress version 2.4 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
TYPO3 Improper Input Validation Vulnerability (CVE-2011-4902)
WordPress Plugin WP Hardening-Fix Your WordPress Security Cross-Site Scripting (1.2.1)
Joomla! Core 1.7.x Cross-Site Scripting (1.7.0 - 1.7.2)
Oracle JRE CVE-2013-0443 Vulnerability (CVE-2013-0443)
WordPress Plugin Image Gallery with Slideshow 'upload-file.php' Arbitrary File Upload (1.5)