WP GDPR APR 2024
WP Private Data Exposed
Be informed about the latest WP GDPR APR 2024 – WP Private Data Exposed, identified and reported publicly. These Sensitive or Private Data Exposed have a severe negative financial impact on any business. Consider our GDPR audit. It is a -2% DECREASE compared to previous month, as specifically targeted WordPress Sensitive Data Exposed. Consider for your online safety, a tailored WP/Woo Security AUDIT, – OR – switching with a TOP10LIST alternative WP GDPR Plugin – OR – Hire professionals for tailored WP GDPR.
WHO needs tailored WP security? EVERYBODY!
Today’s reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate “gazillion” different threats in your WordPress. Get your WP Private Data Exposed Patch Management.
The following cases made headlines PUBLICLY in the WP GDPR APR 2024 & WP Private Data Exposed category:
Avada Theme | Unauthenticated Sensitive Information Exposure via Form Upload (BAC) Directory Listing |
Avada Theme | Private Information Exposure via Form Entries |
Backup and Restore WordPress | Unauthenticated Private Data Exposure |
Backup Bolt | Private Data Exposure |
Blossom Spa Theme | Private Information Exposure |
Coming Soon & Maintenance Mode by Colorlib | Private Information Exposure |
Complianz – GDPR/CCPA Cookie Consent | Cross-Site Request Forgery (CSRF) to Data Request Deletion (BAC) |
DSGVO All in one for WP | Cross-Site Request Forgery (CSRF) |
DX-Watermark | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) and Cross-Site Scripting (XSS) |
Easy Maintenance Mode | Private Information Exposure |
Error Log Viewer by BestWebSoft | Directory Listing (BAC) to Private Data Exposure |
Event Tickets | Improper Authorization (BAC) to Private Information Disclosure |
Events Tickets Plus | Attendees Lists Private Information Disclosure |
f(x) Private Site | Private Information Exposure |
FG PrestaShop to WooCommerce | Private Data Exposure via Log File |
Finale Lite | Missing Authorization (BAC) to Unauthenticated System Private Information Disclosure |
Form Maker by 10Web | Private Information Exposure |
GenerateBlocks | Private Information Exposure |
Hustle | Private Information Exposure via Exposed Hubspot API Keys |
JM Twitter Cards | Private Information Exposure via Meta Description |
LiquidPoll – Advanced Polls for Creators and Brands | Private Information Exposure |
Maintenance Mode by helderk | Private Information Exposure |
MasterStudy LMS | Missing Authorization (BAC) to Sensitive Information Exposure in search_posts |
MasterStudy LMS | Private Information Exposure via REST route |
NextMove Lite | Missing Authorization (BAC) to Unauthenticated System Private Information Disclosure |
Ninja Forms | Cross-Site Request Forgery (CSRF) to Publicly Accessible Form Submission Export |
OceanWP Theme | Missing Authorization (BAC) to Sensitive Information Exposure via LimitedLocal File Inclusion (BAC) |
Page Builder Sandwich – Front-End Page Builder | Private Information Exposure |
Paid Memberships Pro – Mailchimp Add On | Private Data Exposure |
Paid Memberships Pro – Payfast Gateway Add On | Private Data Exposure via Log File |
Password Protected Store for WooCommerce | Private Information Exposure via REST API |
Post Grid | Private Information Exposure via get_posts API Endpoint |
s2Member Pro | Private Information Exposure |
Seriously Simple Podcasting | Unauthenticated Administrator Email Private Information Disclosure |
Simple Restrict | Missing Authorization (BAC) to Sensitive Information Exposure |
Smart Custom Fields | Missing Authorization (BAC) to Post Content Private Information Disclosure |
Video Conferencing with Zoom | Private Information Exposure |
VK All in One Expansion Unit | Private Information Exposure |
Wholesale For WooCommerce | Unauthenticated Private Data Exposure |
WholesaleX | Private Data Exposure on User Export |
WooCommerce POS | Insufficient Verification of Data Authenticity to Private Information Disclosure |
WP Reset | Private Information Exposure due to Insufficient Randomness |
WP Show Posts | Private Information Exposure |
WordPress GDPR & WP Private Data Exposed reported in 2023: | 137 |
WordPress GDPR & WP Private Data Exposed reported in 2024: | 120 |
WHO needs tailored WP Maintenance? EVERYBODY!
Today’s reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order WP Private Data Exposed Patch Management.
Security is not a single-task job
Need tailored WP Security and got no clue where to start? Hire an expert. Pay a coffee per week or figure it out yourself.