Does Better GDPR have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Better GDPR compatible with WordPress 5.6.17?

According to WordPress.org data, Better GDPR 0.3.2 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

Is Better GDPR compatible with PHP 7.0+?

Better GDPR requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Better GDPR updated?

Better GDPR was last updated on Jun 26, 2022. Frequent updates are generally a positive security signal.

What is Better GDPR's security score?

Better GDPR has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Better GDPR Security & Risk Analysis

wordpress.org/plugins/better-gdpr

Privacy compliance for WordPress websites in one click by the PrivacyBunker.io team.

0 active installs v0.3.2 PHP 7.0+ WP 4.7+ Updated Jun 26, 2022

compliancecookie-consentgdprprivacyprivacy-tools

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Better GDPR Safe to Use in 2026?

Generally Safe

Score 85/100

Better GDPR has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The 'better-gdpr' plugin v0.3.2 presents a significant security risk due to a large number of unprotected entry points. All 6 identified entry points, including AJAX handlers and REST API routes, lack proper authentication and authorization checks. This means any unauthenticated user could potentially trigger these functions, leading to unintended behavior or information disclosure. While the plugin demonstrates good practices in its handling of SQL queries, the absence of capability checks and nonce verification on these exposed entry points is a major concern. The taint analysis also indicates a potential for unsanitized paths, although no critical or high severity issues were identified in this specific analysis.

The plugin's vulnerability history is clean, with no recorded CVEs. This is a positive indicator, suggesting that developers may be actively addressing security issues or that the plugin hasn't been a target for exploitation. However, the lack of historical vulnerabilities should not overshadow the current, evident security weaknesses in the code itself. The overall security posture is concerning due to the exposed attack surface, despite the good practices in other areas and the clean vulnerability history. Further review of the specific unsanitized paths and the functionality of the unprotected entry points is highly recommended.

Key Concerns

Unprotected AJAX handlers
Unprotected REST API routes
Unsanitized paths in taint analysis
Missing nonce checks
Missing capability checks
Improper output escaping detected

Vulnerabilities

None known

Better GDPR Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Better GDPR Release Timeline

No version history available.

Code Analysis

Analyzed Apr 16, 2026

Better GDPR Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

preg_replace(/e)preg_replace("|/edatabunker-api.php:34

preg_replace(/e)preg_replace("|/edatabunker-api.php:62

preg_replace(/e)preg_replace("|/edatabunker-api.php:189

Output Escaping

27% escaped22 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

bettergdpr_register (admin-user.php:13)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

6 unprotected

Better GDPR Attack Surface

Entry Points6

Unprotected6

AJAX Handlers 1

authwp_ajax_bettergdpr_ajax_regadmin-user.php:303

REST API Routes 5

GET/wp-json/bettergdpr/v1export/(?P<email>[\d\%\@\.\w]+)better-gdpr.php:211

GET/wp-json/bettergdpr/v1fullexport/(?P<email>[\d\%\@\.\w]+)better-gdpr.php:215

GET/wp-json/bettergdpr/v1delete/(?P<email>[\d\%\@\.\w]+)better-gdpr.php:219

POST/wp-json/bettergdpr/v1changemail/(?P<email>[\d\%\@\.\w]+)better-gdpr.php:223

GET/wp-json/bettergdpr/v1validatebetter-gdpr.php:227

WordPress Hooks 15

actionadmin_menuadmin-user.php:304

filterplugin_action_linksadmin-user.php:305

filtermanage_users_custom_columnadmin-user.php:308

filtermanage_users_columnsadmin-user.php:309

actionrest_api_initbetter-gdpr.php:210

actiondelete_userbetter-gdpr.php:398

actionprofile_updatebetter-gdpr.php:399

actionregister_formbetter-gdpr.php:400

actionregistration_errorsbetter-gdpr.php:401

actionuser_registerbetter-gdpr.php:402

actionwp_enqueue_scriptsbetter-gdpr.php:403

actionwoocommerce_register_formbetter-gdpr.php:407

filterwoocommerce_checkout_fieldsbetter-gdpr.php:409

actionwoocommerce_checkout_update_user_metabetter-gdpr.php:410

actionshow_user_profilebetter-gdpr.php:430

Maintenance & Trust

Better GDPR Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17

Last updatedJun 26, 2022

PHP min version7.0

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Better GDPR Alternatives

GDPR Compliance & Cookie Consent

gdpr-compliance-cookie-consent

This plugin adds GDPR-compliant cookie management to websites, ensuring legal compliance and enhancing user privacy.

5K 1 CVE

CookiePro | Simplify Compliance with GDPR & EU Cookie Laws

cookiepro

CookiePro is the most mature and trusted cookie consent tool that is purpose-built for compliance with GDPR, ePrivacy and IAB framework.

1K No CVEs

GetTerms Cookie Consent & Policies

getterms-cookie-consent-policies

100

The GetTerms plugin allows users to manage their GetTerms compliance packs, embed auto-updating policies, and display their Cookie Consent Widget.

500 No CVEs

Cookie Guard

cookie-guard

100

Complete GDPR and cookie compliance solution with customizable consent banner, smart script blocking, and consent logging.

30 No CVEs

PrivacyPillar | Get compliant with GDPR, CCPA, and Global cookie policy

adzapier

PrivacyPillar is a highly secure and seamless application to collect and manage your website visitors’ consent and preferences.

0 No CVEs

Developer Profile

Better GDPR Developer Profile

Yuli

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Better GDPR

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

REST Endpoints

bettergdpr/v1/export/(?P<email>[\d\%\@\.\w]+)bettergdpr/v1/fullexport/(?P<email>[\d\%\@\.\w]+)bettergdpr/v1/delete/(?P<email>[\d\%\@\.\w]+)bettergdpr/v1/changemail/(?P<email>[\d\%\@\.\w]+)bettergdpr/v1/validate/(?P<email>[\d\%\@\.\w]+)

FAQ