The Legal Pages plugin for WordPress, used to generate privacy policies, terms and conditions, GDPR, CCPA, and cookie notices, is vulnerable to unauthorized changes in all versions up to 1.3.8. Attackers with subscriber-level access or higher can take advantage of this vulnerability to delete posts and fetch and insert template data without permission.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
