GDPR Cookie Consent < 1.8.3 – Improper Access Controls

Feb 12, 2020 | Security - Internet, WordPress, and otherwise

gdpr-cookie-consent-1-8-3-improper-access-controls GDPR Cookie Consent < 1.8.3 – Improper Access Controls
Description
Improper Access Controls issue in the cli_policy_generator AJAX call which could allow an authenticated user with low privileges (such as a subscriber) to: - Change the status of any post/page from published to draft, removing them from the frontend of the blog. - Put a payload in the content of one of them, leading to Stored Cross-Site Scripting (XSS) issues. 

Source

eHost managed wordpress hosting



We’re listening.

Have something to say about this article? Share it with us on Facebook, Twitter or LinkedIn:

SHARE IT HERE:

Subscribe ToThe Weekly SEO Trade News Updates

Get the latest SEO, SEM and SMM marketing intel, tips and tricks from one of the best SEO Gurus online. 

Every Tuesday morning we send out an aggregated email listing all new posts on SEO Trade News.

Excellent! Now check your email to confirm your subscription.