Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-01	CVE-2021-24814	Cross-site Scripting vulnerability in Welaunch Wordpress Gdpr&Ccpa The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.26, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. network low complexity welaunch CWE-79 critical	9.6

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.