Documentation: Home / Vulnerabilities / Access violation vulnerability in Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator 1.3.8

Latest

Access violation vulnerability in Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator 1.3.8

Severity: medium-risk
Status: Fixed
Publication: November 14, 2023

The Legal Pages plugin for WordPress, used to generate privacy policies, terms and conditions, GDPR, CCPA, and cookie notices, is vulnerable to unauthorized changes in all versions up to 1.3.8. Attackers with subscriber-level access or higher can take advantage of this vulnerability to delete posts and fetch and insert template data without permission.

Detected in:

Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator fixed vulnerable versions: >= * <= 1.3.8

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Latest

Protecting site visitors with Security Headers

Hardening your website’s security

Login protection as essential security

Why WordPress is (in)secure

Staying ahead of vulnerabilities

Password has been found in a data breach

Access violation vulnerability in Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator 1.3.8

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles