WordPress Plugin Total GDPR Compliance Lite-WordPress for GDPR Compatibility includes Backdoor Only if downloaded via the vendor website - CVE-2021-24867 - Vulnerability Database

WordPress Plugin Total GDPR Compliance Lite-WordPress for GDPR Compatibility includes Backdoor Only if downloaded via the vendor website - CVE-2021-24867

Critical
Reference: CVE-2021-24867
Title: WordPress Plugin Total GDPR Compliance Lite-WordPress for GDPR Compatibility includes Backdoor Only if downloaded via the vendor website
Overview:

WordPress Plugin Total GDPR Compliance Lite-WordPress for GDPR Compatibility only if downloaded via the vendor website contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin Total GDPR Compliance Lite-WordPress for GDPR Compatibility version 1.0.4 is vulnerable prior versions may also be affected.