CVE-2018-19207

Publication date

2018-11-12 17:00:00

Family

mitre

State

PUBLISHED

Description

The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild in November 2018.