Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-01	CVE-2022-0220	Improper Encoding or Escaping of Output vulnerability in Welaunch Wordpress Gdpr&Ccpa The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.27, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. network low complexity welaunch CWE-116	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.