Product
The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to unauthenticated arbitrary file upload due to missing file type validation, allowing attackers to upload PHP webshells and achieve remote code execution.