Feb. 6, 2024, 3:40 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

On December 11th, 2023, during our Holiday Bug Extravaganza, we received a submission for an Arbitrary Options Update vulnerability in Cookie Information | Free GDPR Consent Solution, a WordPress plugin with more than 100,000+ active installations. This vulnerability could be used by authenticated attackers, with authenticated access, to update arbitrary options and leverage that for privilege escalation.


Props to Lucio Sá who discovered and responsibly reported this vulnerability through the Wordfence Bug Bounty Program. This researcher earned a …

bounty bug consent cookie december free gdpr gdpr consent holiday information options plugin solution submission update vulnerability wordpress wordpress plugin

Director of IT & Information Security

@ Outside | Boulder, CO

Information Security Governance Manager

@ Informa Group Plc. | London, United Kingdom

Senior Risk Analyst - Application Security (Remote, United States)

@ Dynatrace | Waltham, MA, United States

Security Software Engineer (Starshield) - Top Secret Clearance

@ SpaceX | Washington, DC

Network & Security Specialist (IT24055)

@ TMEIC | Roanoke, Virginia, United States

Senior Security Engineer - Application Security (F/M/N)

@ Swile | Paris, France