CVE-2022-0220

Name of the Vulnerable Software and Affected Versions WordPress GDPR plugin versions prior to 1.9.27

Description The issue concerns the check privacy settings AJAX action in the WordPress GDPR plugin, which is accessible to both unauthenticated and authenticated users. This action responds with JSON data without the proper "application/json" content-type, and since the HTML payload is not properly escaped, it may be interpreted by a web browser, potentially leading to the execution of JavaScript code on a victim's browser. The vulnerability can be exploited against unauthenticated users due to the introduction of a CSRF check in version 1.9.26, which affects all unauthenticated users as they share the same nonce.

Recommendations For versions prior to 1.9.27, update to version 1.9.27 or later to resolve the issue. As a temporary workaround, consider restricting access to the check privacy settings AJAX action to minimize the risk of exploitation.