WP Clinic
Log in Sign up

PLUGIN SECURITY

Is Complianz Gdpr safe?

Known vulnerabilities, PHP compatibility and safer alternatives for the Complianz Gdpr WordPress plugin — checked against WP Clinic's local security database.

Plugin details

  • Slug: complianz-gdpr
  • Requires PHP: 7.4+
  • Max supported PHP (analyzed): 8.4

Known vulnerabilities

  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 6.0.0 [CVE-2022-0193, WordPress Complianz – GDPR/CCPA Cookie Consent plugin <= 5.5.2 - Reflected Cross-Site Scripting (XSS) vulnerability, One more step, Complianz - GDPR/CCPA Cookie Consent <= 5.5.2 - Reflected Cross-Site Scripting via s parameter]
  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 6.3.4 [CVE-2022-3494, WordPress Complianz plugin <= 6.3.3 - Auth. SQL Injection (SQLi) vulnerability, Complianz Free <= 6.3.3 & Premium <= 6.3.5 - SQL Injection via Translations, Complianz (Free &lt; 6.3.4, Premium &lt; 6.3.6) - Translator SQLi]
  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 6.4.2 [CVE-2023-1069, Complianz - GDPR/CCPA Cookie Consent <= 6.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting, WordPress Complianz – GDPR/CCPA Cookie Consent Plugin < 6.4.2 is vulnerable to Cross Site Scripting (XSS), WordPress Complianz Premium Plugin < 6.4.2 is vulnerable to Cross Site Scripting (XSS), Complianz - GDPR/CCPA Cookie Consent &lt; 6.4.2 - Contributor+ Stored XSS]
  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 6.4.5 [Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via maybe_install_suggested_plugins]
  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 6.4.5 [Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via ajax_script_save]
+ 8 more known vulnerabilities
  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 6.4.5 [CVE-2023-33333, WordPress Complianz – GDPR/CCPA Cookie Consent Plugin <= 6.4.4 is vulnerable to Cross Site Request Forgery (CSRF), WordPress Complianz Premium Plugin <= 6.4.6.1 is vulnerable to Cross Site Request Forgery (CSRF), Complianz <= 6.4.4 (Premium <= 6.4.6.1) - Cross-Site Request Forgery to Stored Cross-Site Scripting, Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via run_sync, Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via ajax_edit_item, Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via ajax_create_pages, Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via ajax_delete_snapshot, Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via ajax_script_add]
  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 6.4.5 [Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via cmplz_duplicate_cookiebanner]
  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 6.4.5 [Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via cmplz_delete_cookiebanner]
  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 6.5.6 [CVE-2023-6498, Complianz | GDPR/CCPA Cookie Consent <= 6.5.5 - Authenticated(Administrator+) Stored Cross-site Scripting via settings, Complianz | GDPR/CCPA Cookie Consent &lt; 6.5.6 - Admin+ Stored XSS]
  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 7.0.0 [CVE-2024-1592, Complianz – GDPR/CCPA Cookie Consent <= 6.5.6 - Cross-Site Request Forgery to Data Request Deletion, WordPress Complianz – GDPR/CCPA Cookie Consent Plugin <= 6.5.6 is vulnerable to Cross Site Request Forgery (CSRF), Complianz &ndash; GDPR/CCPA Cookie Consent &lt; 7.0.0 - Cross-Site Request Forgery to Data Request Deletion]
  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 7.4.4 [CVE-2025-11185, Complianz | GDPR/CCPA Cookie Consent <= 7.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode]
  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 7.4.5 [CVE-2026-2389, Complianz – GDPR/CCPA Cookie Consent <= 7.4.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Content Filter]
  • Complianz &#8211; GDPR/CCPA Cookie Consent [complianz-gdpr] < 7.4.6 [CVE-2026-4019, Complianz – GDPR/CCPA Cookie Consent <= 7.4.5 - Missing Authorization to Unauthenticated Private Post Content Disclosure via Consent Area REST Endpoint, WordPress Complianz Plugin <= 7.4.5 is vulnerable to Broken Access Control]

Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.

Safer / more established alternatives

Check your own WordPress site

Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.