CVE-2024-1592

The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.6. This is due to missing or incorrect nonce validation on the process_delete function in class-DNSMPD.php. This makes it possible for unauthenticated attackers to delete GDPR data requests via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

We have discovered 49,892 live websites that are affected by CVE-2024-1592.

Run a Free Instant Scan



Affected Software

Product  Complianz
Category Cookie compliance
Vulnerable Domains49,892 live websites (13% of Complianz install base)
Vulnerable Versions
  • from 0 through 6.5.6
Vulnerable Versions Count64 versions ( 62% of all versions)



Details

  • Published - Mar 2, 2024
  • Updated - Aug 1, 2024

Credits

  • Krzysztof Zając (finder)

Website Distribution by Country

Number of websites using CVE-2024-1592
United States3,043 websites


Germany15,675 websites
Italy5,303 websites
Spain5,172 websites
France4,942 websites
Czech Republic2,743 websites
GB1,344 websites
Austria1,230 websites
Netherlands1,177 websites
Slovakia1,130 websites

Website Distribution by TLD

Number of websites using CVE-2024-1592
.com13,339 websites
.de11,852 websites
.it3,868 websites
.cz2,529 websites
.fr2,289 websites
.es2,205 websites
.at1,333 websites
.nl1,017 websites
.org940 websites
.co.uk808 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2024-1592

Top websites that are affected by CVE-2024-1592. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
*********.com United States*,***
******.com United States*,***
*****.com United States**,***
****.edu United States**,***
*****.de United States**,***
*********.com United States**,***
****************.com France**,***
*******.com Germany**,***
********.com United States**,***
************.com United States**,***
See full domain list

FAQ

A total of 49,892 websites have been identified as vulnerable to CVE-2024-1592, based on global website indexing conducted by WebTechSurvey.
The Complianz is affected by the CVE-2024-1592 vulnerability.
Complianz versions up to and including 6.5.6 are vulnerable to CVE-2024-1592.