Description
WordPress Plugin Cookie Consent for WP-Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently delete arbitrary posts. WordPress Plugin Cookie Consent for WP-Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) version 3.0.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.1.0 or latest
References
Related Vulnerabilities
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-4448)
Python Missing Initialization of Resource Vulnerability (CVE-2018-14647)
WordPress Plugin Uploader Cross-Site Scripting and Arbitrary File Upload Vulnerabilities (1.0.4)
WordPress Plugin Vertical SlideShow 'upload.php' Arbitrary File Upload (2.1)