Vulnerabilities > VAN ONS

DATE CVE VULNERABILITY TITLE RISK
2018-11-12 CVE-2018-19207 Forced Browsing vulnerability in Van-Ons Wp-Gdpr-Compliance
The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild in November 2018.
network
low complexity
van-ons CWE-425
critical
9.8