Critical security issues caused by improper access controls in a WordPress plugin designed for GDPR cookie compliance have been resolved, but hundreds of thousands of websites may still be vulnerable to attack. The GDPR Cookie Consent plugin, offered by developer Cookie Law Info through WebToffee, has been designed to help ensure websites are compliant with the EU’s General Data Protection Regulation (GDPR); specifically, obtaining consent for cookies from visitors, the creation of a Privacy & Cookies Policy page and the enablement of banners showing compliance.
Read full article on ZDNet