The GDPR CCPA Compliance Support WordPress plugin was vulnerable to an Unauthenticated PHP Object Injection security vulnerability.
Proof of Concept
The vulnerability could triggered within the "njt_gdpr_allow_permissions" Base64 encoded cookie value.
Fixed in version 2.4✓
2020-11-03 (about 8 months ago)
2020-11-05 (about 8 months ago)
2020-11-06 (about 8 months ago)