CVE-2025-11754 | GDPR Cookie Consent Plugin up to 4.1.2 on WordPress REST API Endpoint /gdpr/v1/settings authorization

Inserito da Angelo Barbosa | Feb 18, 2026 | CVE

A vulnerability classified as problematic has been found in GDPR Cookie Consent Plugin up to 4.1.2 on WordPress. Affected by this vulnerability is an unknown functionality of the file /gdpr/v1/settings of the component REST API Endpoint. This manipulation causes missing authorization.

This vulnerability is registered as CVE-2025-11754. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-11754 | GDPR Cookie Consent Plugin up to 4.1.2 on WordPress REST API Endpoint /gdpr/v1/settings authorization

Post correlati

CVE-2025-65591 | nopCommerce 4.90.0 Currencies Custom formatting cross site scripting

CVE-2025-5532 | Campus Directory Plugin up to 1.9.0 on WordPress Shortcode emd_mb_meta cross site scripting

CVE-2024-12362 | InvoicePlane up to 1.6.1 invoices.php download invoice path traversal

CVE-2025-10097 | SimStudioAI sim up to 1.0.0 route.ts code code injection (Issue 961)