CVE-2023-4013

Name of the Vulnerable Software and Affected Versions GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) WordPress plugin versions prior to 4.12.5

Description The issue is related to a lack of proper CSRF checks when managing the plugin's license. This could allow attackers to make logged-in admins update and deactivate the plugin's license via CSRF attacks.

Recommendations For versions prior to 4.12.5, update to version 4.12.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the license management functionality to minimize the risk of exploitation.