CVE-2018-19207

Name of the Vulnerable Software and Affected Versions Van Ons WP GDPR Compliance plugin versions prior to 1.4.3

Description The issue allows remote attackers to execute arbitrary code due to mishandled input in $wpdb->prepare(). This has been exploited in the wild.

Recommendations For versions prior to 1.4.3, update to version 1.4.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin until the update is applied.