Description
WordPress Plugin WP GDPR Compliance is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin WP GDPR Compliance version 1.4.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.4.3 or latest
References
https://www.wordfence.com/blog/2018/11/trends-following-vulnerability-in-wp-gdpr-compliance-plugin/
https://medium.com/alertot/serialization-flaw-in-wp-gdpr-compliance-8cfc8feb4ec3
https://plugins.svn.wordpress.org/wp-gdpr-compliance/trunk/readme.txt