GDPR Cookie Consent < 1.8.3 – Improper Access Controls

February 12, 2020
gdpr-cookie-consent-1-8-3-improper-access-controls GDPR Cookie Consent < 1.8.3 – Improper Access Controls
Description
Improper Access Controls issue in the cli_policy_generator AJAX call which could allow an authenticated user with low privileges (such as a subscriber) to: - Change the status of any post/page from published to draft, removing them from the frontend of the blog. - Put a payload in the content of one of them, leading to Stored Cross-Site Scripting (XSS) issues. 

Source

Share this article:
 

eHost managed wordpress hosting

We’re listening.

Have something to say about this article? Share it with us on Facebook, Twitter or LinkedIn:

SHARE IT HERE:

Related Posts

How to make a WordPress website

How to make a WordPress website

Have you always wanted to create your own website? WordPress is the way to go! Whether you want to create your own personal blog, an online store, or a business website – with WordPress, creating your own website is easy as pie. If you know what you’re doing, of...

Get ALL Your SEO, WordPress & Divi News

Join Our Daily Roundup

SEO News and More

SEO News and More

Subscribe ToThe Weekly SEO Trade News Updates

Get the latest SEO, SEM and SMM marketing intel, tips and tricks from one of the best SEO Gurus online. 

Every Tuesday morning we send out an aggregated email listing all new posts on SEO Trade News.

Excellent! Now check your email to confirm your subscription.