Again this proves, wordpress is only as secure as its weakest plugin. However with Imunify360 we have your back.
The popular Van Ons WordPress plugin for GDPR compliance, with more than 100,000 active installations, was patched on November 7th due to a privilege escalation vulnerability ( CVE–2018–19207) found in version 1.4.2. The WP GDPR Compliance plugin helps website owners meet the recent GDPR European data privacy regulation. This came into effect in May of this year, boosting the plugin’s popularity.
Starting on 10th November, our Threat Intelligence Group noticed a surge in attacks targeting this exploit vector.
Read the full story here