WP GDPR 1.4.2 Security Alert
On November 8th, 2018 the WP GDPR plugin was removed from the WordPress repository due to a security issue with the ajax calls in the plugin that could be used to exploit the target website.
This exploit would potentially allow a hacker to trigger arbitrary actions on your WordPress site, essentially gaining full control.
The exploit was immediately patched in version 1.4.3 and the plugin is available for update again the WordPress repository. If you're site has been affected, we recommend reverting to a backup copy if that is feasible, if not, please get in touch and we will take a look at it.
For issue prevention, we always recommend taking daily backups of your site, and security monitoring to keep an eye on the codebase.
If you'd like more technical information on this exploit, you can find it on the WordFence Blog.
An update for the affected plugin can be found here.