Jan. 2, 2023, 10:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

The iubenda | All-in-one Compliance for GDPR / CCPA Cookie Consent + more WordPress plugin before 3.3.3 does does not have authorisation and CSRF in an AJAX action, and does not ensure that the options to be updated belong to the plugin as long as they are arrays. As a result, any authenticated users, such as subscriber can grant themselves any privileges, such as edit_plugins etc

action authorisation ccpa compliance consent cookie csrf cve gdpr law options plugin result solution wordpress wordpress plugin

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

Level 1 SOC Analyst

@ Telefonica Tech | Dublin, Ireland

Specialist, Database Security

@ OP Financial Group | Helsinki, FI

Senior Manager, Cyber Offensive Security

@ Edwards Lifesciences | Poland-Remote

Information System Security Officer

@ Booz Allen Hamilton | USA, AL, Huntsville (4200 Rideout Rd SW)

Senior Security Analyst - Protective Security (Open to remote across ANZ)

@ Canva | Sydney, Australia