Vulnerabilities > Ninjateam > Gpdr Ccpa Compliance Support > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-06-07 CVE-2020-36718 Deserialization of Untrusted Data vulnerability in Ninjateam Gpdr Ccpa Compliance Support
The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.3 via deserialization of untrusted input "njt_gdpr_allow_permissions" value.
network
low complexity
ninjateam CWE-502
critical
9.8