all InfoSec news
$1,900 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in Cookie Information | Free GDPR Consent Solution WordPress Plugin
Malware Analysis, News and Indicators - Latest topics malware.news
On December 11th, 2023, during our Holiday Bug Extravaganza, we received a submission for an Arbitrary Options Update vulnerability in Cookie Information | Free GDPR Consent Solution, a WordPress plugin with more than 100,000+ active installations. This vulnerability could be used by authenticated attackers, with authenticated access, to update arbitrary options and leverage that for privilege escalation.
Props to Lucio Sá who discovered and responsibly reported this vulnerability through the Wordfence Bug Bounty Program. This researcher earned a …
bounty bug consent cookie december free gdpr gdpr consent holiday information options plugin solution submission update vulnerability wordpress wordpress plugin