Does LGPD Framework By Data443 have any unpatched vulnerabilities?

Yes — LGPD Framework By Data443 currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is LGPD Framework By Data443 compatible with WordPress 6.2.9?

According to WordPress.org data, LGPD Framework By Data443 2.0.2 has been tested up to WordPress 6.2.9. Check the plugin's changelog for the latest compatibility information.

Is LGPD Framework By Data443 compatible with PHP 5.6+?

LGPD Framework By Data443 requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is LGPD Framework By Data443 updated?

LGPD Framework By Data443 was last updated on Mar 30, 2023. Frequent updates are generally a positive security signal.

What is LGPD Framework By Data443's security score?

LGPD Framework By Data443 has a WP-Safety security score of 64/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

LGPD Framework By Data443 Security & Risk Analysis

wordpress.org/plugins/lgpd-framework

Easy to use tools to help you meet LGPD compliance requirements. Fully documented, extendable and developer-friendly. Free, friendly support! Include …

100 active installs v2.0.2 PHP 5.6+ WP 4.7+ Updated Mar 30, 2023

compliancelgpdprivacyprivacy-policysecurity

C · Use Caution

CVEs total1

Unpatched1

Last CVENov 18, 2024

Plugin page Download

Safety Verdict

Is LGPD Framework By Data443 Safe to Use in 2026?

Use With Caution

Score 64/100

LGPD Framework By Data443 has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Nov 18, 2024Updated 3yr ago

Risk Assessment

The "lgpd-framework" v2.0.2 plugin exhibits a mixed security posture. While it demonstrates strengths in SQL query sanitization, with 100% prepared statements, and includes a reasonable number of capability checks, significant concerns arise from its attack surface and output sanitization. A substantial portion of its AJAX handlers (7 out of 7) lack authentication checks, creating a large entry point for unauthenticated actions. Furthermore, only 40% of its extensive output operations are properly escaped, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities. The taint analysis further reinforces these concerns, revealing 3 high-severity flows with unsanitized paths, suggesting potential for serious data manipulation or unauthorized access.

The plugin's vulnerability history, including a recently disclosed medium severity XSS vulnerability, confirms these risks. The recurrence of XSS as a common vulnerability type is particularly worrying given the low output escaping rate. The presence of the `unserialize` function, a known dangerous function when dealing with untrusted input, adds another layer of potential risk. While the plugin does implement some nonces and capability checks, these are not consistently applied across all entry points, especially the unprotected AJAX handlers. Overall, the plugin has some solid foundational security practices but suffers from critical weaknesses in input validation and output sanitization, coupled with a history of past vulnerabilities, necessitating careful attention and updates.

Key Concerns

Unprotected AJAX handlers
Low output escaping rate
High severity taint flows
Unpatched CVE
Dangerous function: unserialize
Bundled outdated library: Select2 v4.0.5

Vulnerabilities

LGPD Framework By Data443 Security Vulnerabilities

CVEs by Year

1 CVE in 2024 · unpatched

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-52465medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

LGPD Framework <= 2.0.2 - Reflected Cross-Site Scripting

Nov 18, 2024Unpatched

Code Analysis

Analyzed Mar 16, 2026

LGPD Framework By Data443 Code Analysis

Dangerous Functions

Raw SQL Queries

55 prepared

Unescaped Output

520

341 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$localkeyresults = unserialize( $localdata );src\Components\WHMCS\check.php:59

unserialize$localkeyresults = unserialize( $localdata );src\Components\WHMCS\WHMCS.php:50

unserializeforeach ( unserialize( $token ) as $key => $tokenData ) {src\Components\WordpressUser\DataManager.php:30

unserialize$data = unserialize( $item->userlog );views\modules\wordpress-user\dashboard\profile-page\user-logs.php:14

Bundled Libraries

DataTablesSelect24.0.5

SQL Query Safety

100% prepared55 total queries

Output Escaping

40% escaped861 total outputs

Data Flows

7 unsanitized

Data Flow Analysis

7 flows7 with unsanitized paths

settingsFields (src\Components\PrivacyPolicy\AdminTabPrivacyPolicy.php:220)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

7 unprotected

LGPD Framework By Data443 Attack Surface

Entry Points16

Unprotected7

AJAX Handlers 7

authwp_ajax_lgpd_add_consent_accept_cookieslgpd-helper-functions.php:7

noprivwp_ajax_lgpd_add_consent_accept_cookieslgpd-helper-functions.php:8

authwp_ajax_lgpd_add_consent_deny_cookieslgpd-helper-functions.php:82

noprivwp_ajax_lgpd_add_consent_deny_cookieslgpd-helper-functions.php:83

authwp_ajax_donot_sell_save_postsrc\Components\PrivacyToolsPage\PrivacyToolsPageController.php:73

noprivwp_ajax_donot_sell_save_postsrc\Components\PrivacyToolsPage\PrivacyToolsPageController.php:74

noprivwp_ajax_validation_privacysafesrc\Components\PrivacyToolsPage\PrivacyToolsPageController.php:75

Shortcodes 9

[lgpd_privacy_safe] lgpd-framework.php:25

[data443_privacy_safe] lgpd-framework.php:26

[lgpd_privacy] src\Components\PrivacyPolicy\PrivacyPolicy.php:17

[lgpd_privacy_policy_url] src\Components\PrivacyPolicy\PrivacyPolicy.php:18

[lgpd_privacy_policy_link] src\Components\PrivacyPolicy\PrivacyPolicy.php:19

[lgpd_privacy_tools] src\Components\PrivacyToolsPage\PrivacyToolsPageShortcode.php:12

[lgpd_privacy_tools_url] src\Components\PrivacyToolsPage\PrivacyToolsPageShortcode.php:13

[lgpd_privacy_tools_link] src\Components\PrivacyToolsPage\PrivacyToolsPageShortcode.php:14

[lgpd_do_not_sell_form] src\Components\PrivacyToolsPage\PrivacyToolsPageShortcode.php:15

WordPress Hooks 140

actioninitlgpd-framework.php:60

actioninitlgpd-framework.php:91

filterlgpd_custom_policy_linklgpd-helper-functions.php:193

actionwp_enqueue_scriptslgpd-helper-functions.php:345

actionprofile_updatelgpd-helper-functions.php:382

actioninitlgpd-init.php:34

actionplugins_loadedlgpd-init.php:48

actionadmin_noticessrc\Admin\AdminNotice.php:19

actionadmin_enqueue_scriptssrc\Admin\AdminTab.php:116

actionadmin_noticessrc\Admin\AdminTab.php:125

actionadmin_footersrc\Admin\Modal.php:17

actionadmin_menusrc\Admin\WordpressAdmin.php:31

filterlgpd/admin/tabssrc\Admin\WordpressAdmin.php:34

actionadmin_enqueue_scriptssrc\Admin\WordpressAdmin.php:37

filterdisplay_post_statessrc\Admin\WordpressAdmin.php:40

actioncurrent_screensrc\Admin\WordpressAdmin.php:43

actiondelete_usersrc\Admin\WordpressAdmin.php:45

actionadmin_initsrc\Admin\WordpressAdminPage.php:24

actionadmin_initsrc\Admin\WordpressAdminPage.php:29

actionlgpd/admin/action/AdvancedIntegration/generatesrc\Components\AdvancedIntegration\AdminTabAdvancedIntegration.php:19

filterlgpd/admin/tabssrc\Components\AdvancedIntegration\AdvancedIntegration.php:15

actionlgpd/admin/action/update_consent_datasrc\Components\Consent\AdminTabConsent.php:40

filterlgpd/admin/tabssrc\Components\Consent\ConsentAdmin.php:8

actioninitsrc\Components\Consent\ConsentManager.php:31

actioninitsrc\Components\Consent\ConsentManager.php:32

filterlgpd/data-subject/datasrc\Components\Consent\ConsentManager.php:34

actionlgpd/data-subject/deletesrc\Components\Consent\ConsentManager.php:35

actionlgpd/data-subject/anonymizesrc\Components\Consent\ConsentManager.php:36

filterlgpd_custom_policy_linksrc\Components\Consent\ConsentManager.php:44

actionlgpd/admin/action/CookiePopup/generatesrc\Components\CookiePopup\AdminTabCookiePopup.php:33

filterlgpd/admin/tabssrc\Components\CookiePopup\CookiePopup.php:15

actionlgpd/admin/action/PrivacyManager/generatesrc\Components\DoNotSell\AdminTabDoNotSell.php:20

filterlgpd/admin/tabssrc\Components\DoNotSell\DoNotSell.php:8

actionlgpd/admin/action/PrivacyManager/generatesrc\Components\PrivacyManager\AdminTabPrivacyManager.php:18

filterlgpd/admin/tabssrc\Components\PrivacyManager\PrivacyManager.php:15

actionlgpd/admin/action/privacy-policy/generatesrc\Components\PrivacyPolicy\AdminTabPrivacyPolicy.php:37

filterlgpd/admin/tabssrc\Components\PrivacyPolicy\PrivacyPolicy.php:15

actionlgpd/admin/action/PrivacyManager/generatesrc\Components\PrivacySafe\AdminTabPrivacySafe.php:23

filterlgpd/admin/tabssrc\Components\PrivacySafe\PrivacySafe.php:8

actionwp_enqueue_scriptssrc\Components\PrivacyToolsPage\PrivacyToolsPageController.php:60

actionlgpd/frontend/action/identifysrc\Components\PrivacyToolsPage\PrivacyToolsPageController.php:63

actionlgpd/frontend/privacy-tools-page/contentsrc\Components\PrivacyToolsPage\PrivacyToolsPageController.php:65

actionlgpd/frontend/privacy-tools-page/contentsrc\Components\PrivacyToolsPage\PrivacyToolsPageController.php:66

actionlgpd/frontend/privacy-tools-page/contentsrc\Components\PrivacyToolsPage\PrivacyToolsPageController.php:68

actionlgpd/frontend/privacy-tools-page/action/withdraw_consentsrc\Components\PrivacyToolsPage\PrivacyToolsPageController.php:70

actionlgpd/frontend/privacy-tools-page/action/exportsrc\Components\PrivacyToolsPage\PrivacyToolsPageController.php:71

actionlgpd/frontend/privacy-tools-page/action/forgetsrc\Components\PrivacyToolsPage\PrivacyToolsPageController.php:72

filterlgpd/admin/tabssrc\Components\Support\Support.php:8

actionthe_privacy_policy_linksrc\Components\Themes\Themes.php:43

actionget_template_part_template-parts/footer/sitesrc\Components\Themes\Themes.php:46

actiontwentysixteen_creditssrc\Components\Themes\Themes.php:50

filterstorefront_credit_linksrc\Components\Themes\Themes.php:55

filterlgpd_custom_policy_linksrc\Components\Themes\Themes.php:60

filterlgpd_custom_policy_linksrc\Components\Themes\Themes.php:75

filterlgpd_custom_policy_linksrc\Components\Themes\Themes.php:87

filterlgpd_custom_policy_linksrc\Components\Themes\Themes.php:99

actioncomment_form_after_fieldssrc\Components\WordpressComments\WordpressComments.php:27

actioncomment_form_logged_in_aftersrc\Components\WordpressComments\WordpressComments.php:28

filterpreprocess_commentsrc\Components\WordpressComments\WordpressComments.php:29

filterlgpd/data-subject/datasrc\Components\WordpressComments\WordpressComments.php:33

actionlgpd/data-subject/deletesrc\Components\WordpressComments\WordpressComments.php:34

actionlgpd/data-subject/anonymizesrc\Components\WordpressComments\WordpressComments.php:35

filterlgpd_custom_policy_linksrc\Components\WordpressComments\WordpressComments.php:67

filterlgpd_custom_policy_errorsrc\Components\WordpressComments\WordpressComments.php:119

actionlgpd/dashboard/privacy-tools/contentsrc\Components\WordpressUser\Controllers\DashboardDataPageController.php:27

actionlgpd/dashboard/privacy-tools/contentsrc\Components\WordpressUser\Controllers\DashboardDataPageController.php:28

actionlgpd/dashboard/privacy-tools/contentsrc\Components\WordpressUser\Controllers\DashboardDataPageController.php:29

actionlgpd/dashboard/privacy-tools/contentsrc\Components\WordpressUser\Controllers\DashboardDataPageController.php:30

actionlgpd/dashboard/privacy-tools/action/withdraw_consentsrc\Components\WordpressUser\Controllers\DashboardDataPageController.php:32

actionlgpd/dashboard/privacy-tools/action/exportsrc\Components\WordpressUser\Controllers\DashboardDataPageController.php:33

actionlgpd/dashboard/privacy-tools/action/forgetsrc\Components\WordpressUser\Controllers\DashboardDataPageController.php:34

actionadmin_noticessrc\Components\WordpressUser\Controllers\DashboardDataPageController.php:36

actionlgpd/dashboard/profile-page/contentsrc\Components\WordpressUser\Controllers\DashboardProfilePageController.php:15

actionlgpd/dashboard/profile-page/contentsrc\Components\WordpressUser\Controllers\DashboardProfilePageController.php:16

actionlgpd/dashboard/profile-page/contentsrc\Components\WordpressUser\Controllers\DashboardProfilePageController.php:17

actionlgpd/dashboard/profile-page/contentsrc\Components\WordpressUser\Controllers\DashboardProfilePageController.php:18

actionlgpd/dashboard/profile-page/contentusersrc\Components\WordpressUser\Controllers\DashboardProfilePageController.php:19

actionlgpd/dashboard/profile-page/contentusersrc\Components\WordpressUser\Controllers\DashboardProfilePageController.php:20

actionlgpd/dashboard/profile-page/userlogssrc\Components\WordpressUser\Controllers\DashboardProfilePageController.php:21

actionlgpd/admin/action/exportsrc\Components\WordpressUser\Controllers\DashboardProfilePageController.php:23

actionlgpd/admin/action/forgetsrc\Components\WordpressUser\Controllers\DashboardProfilePageController.php:24

actionregister_formsrc\Components\WordpressUser\RegistrationForm.php:17

filterregistration_errorssrc\Components\WordpressUser\RegistrationForm.php:18

filterlgpd_custom_policy_linksrc\Components\WordpressUser\RegistrationForm.php:25

actionadmin_menusrc\Components\WordpressUser\WordpressUser.php:45

actionshow_user_profilesrc\Components\WordpressUser\WordpressUser.php:49

actionedit_user_profilesrc\Components\WordpressUser\WordpressUser.php:50

filterlgpd/data-subject/datasrc\Components\WordpressUser\WordpressUser.php:52

actionlgpd/data-subject/deletesrc\Components\WordpressUser\WordpressUser.php:53

actionlgpd/data-subject/anonymizesrc\Components\WordpressUser\WordpressUser.php:54

filtersend_email_change_emailsrc\Components\WordpressUser\WordpressUser.php:102

filtersend_password_change_emailsrc\Components\WordpressUser\WordpressUser.php:103

filtersend_email_change_emailsrc\Components\WordpressUser\WordpressUser.php:109

filtersend_password_change_emailsrc\Components\WordpressUser\WordpressUser.php:110

actionlgpd/admin/action/searchsrc\DataSubject\AdminTabDataSubject.php:33

filterlgpd/admin/tabssrc\DataSubject\DataSubjectAdmin.php:8

filterlgpd_custom_policy_linksrc\Helpers.php:353

actionadmin_initsrc\Installer\Installer.php:70

actionlgpd/admin/action/accept_disclaimersrc\Installer\Installer.php:72

actionlgpd/admin/action/restart_wizardsrc\Installer\Installer.php:74

actionlgpd/admin/action/auto_installsrc\Installer\Installer.php:76

actionlgpd/admin/action/skip_installsrc\Installer\Installer.php:77

actionlgpd/admin/action/skip_noticesrc\Installer\Installer.php:78

actionadmin_initsrc\Installer\InstallerRouter.php:23

actionadmin_menusrc\Installer\InstallerWizard.php:18

filterlgpd_custom_policy_linksrc\Installer\Steps\PolicyContents.php:21

actionwpcf7_before_send_mailsrc\Modules\ContactForm7\ContactForm7.php:17

filterlgpd_custom_policy_linksrc\Modules\ContactForm7\ContactForm7.php:51

filterwpcf7_editor_panelssrc\Modules\ContactForm7\Flamingo.php:9

actionwpcf7_save_contact_formsrc\Modules\ContactForm7\Flamingo.php:10

actionwpcf7_admin_noticessrc\Modules\ContactForm7\Flamingo.php:11

filterlgpd/data-subject/datasrc\Modules\ContactForm7\Flamingo.php:13

actionlgpd/data-subject/deletesrc\Modules\ContactForm7\Flamingo.php:14

actionlgpd/data-subject/anonymizesrc\Modules\ContactForm7\Flamingo.php:15

filterlgpd/data-subject/datasrc\Modules\EddCcpa\EddCcpa.php:23

actionlgpd/data-subject/deletesrc\Modules\EddCcpa\EddCcpa.php:24

actionlgpd/data-subject/anonymizesrc\Modules\EddCcpa\EddCcpa.php:25

actionedd_complete_purchasesrc\Modules\EddCcpa\EddCcpa.php:27

filterlgpd/data-subject/datasrc\Modules\NewsletterCcpa\NewsletterCcpa.php:25

actionlgpd/data-subject/deletesrc\Modules\NewsletterCcpa\NewsletterCcpa.php:26

actionlgpd/data-subject/anonymizesrc\Modules\NewsletterCcpa\NewsletterCcpa.php:27

actionig_es_after_form_fieldssrc\Modules\NewsletterCcpa\NewsletterCcpa.php:28

filterig_es_add_subscriber_datasrc\Modules\NewsletterCcpa\NewsletterCcpa.php:29

filterlgpd-framework-consent-policysrc\Modules\NewsletterCcpa\NewsletterCcpa.php:38

filterlgpd/data-subject/datasrc\Modules\WooCommerceCcpa\WooCommerceCcpa.php:21

actionlgpd/data-subject/deletesrc\Modules\WooCommerceCcpa\WooCommerceCcpa.php:22

actionlgpd/data-subject/anonymizesrc\Modules\WooCommerceCcpa\WooCommerceCcpa.php:23

actionwoocommerce_review_order_before_submitsrc\Modules\WooCommerceCcpa\WooCommerceCcpa.php:25

actionwoocommerce_checkout_processsrc\Modules\WooCommerceCcpa\WooCommerceCcpa.php:26

actionwoocommerce_register_formsrc\Modules\WooCommerceCcpa\WooCommerceCcpa.php:29

filterwoocommerce_registration_errorssrc\Modules\WooCommerceCcpa\WooCommerceCcpa.php:30

filterlgpd/options/get/consent_typessrc\Modules\WPML\WPML.php:32

filterlgpd/options/set/consent_typessrc\Modules\WPML\WPML.php:33

actioninitsrc\Router.php:28

actionadmin_initsrc\Router.php:29

filterlgpd-framework-consent-policyviews\modules\contact-form-7\content-privacy.php:11

filterlgpd-framework-consent-policy-with-termsviews\modules\wordpress-comments\terms-checkbox.php:23

filterlgpd-framework-consent-policyviews\modules\wordpress-comments\terms-checkbox.php:38

filterlgpd-framework-consent-policy-with-termsviews\modules\wordpress-user\registration-terms-checkbox.php:24

filterlgpd-framework-consent-policyviews\modules\wordpress-user\registration-terms-checkbox.php:39

Maintenance & Trust

LGPD Framework By Data443 Maintenance & Trust

Maintenance Signals

WordPress version tested6.2.9

Last updatedMar 30, 2023

PHP min version5.6

Downloads6K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

LGPD Framework By Data443 Alternatives

The CCPA Framework By Data443

the-ccpa-framework

Easy to use tools to help you meet CCPA compliance requirements. Fully documented, extendable and developer-friendly. Free, friendly support! Include …

10 No CVEs

The GDPR Framework By Data443

gdpr-framework

Easy to use tools to help make your website GDPR-compliant. Fully documented, extendable and developer-friendly. Extensions to enterprise GDPR compli …

10K 1 CVE

GDPR Compliance & Cookie Consent

gdpr-compliance-cookie-consent

This plugin adds GDPR-compliant cookie management to websites, ensuring legal compliance and enhancing user privacy.

5K 1 CVE

Gravity Forms: GDPR Framework Add-On

gdpr-for-gravity-forms

The easiest way to make your Gravity Forms GDPR-compliant. Fully documented, extendable and developer-friendly.

400 No CVEs

Consensu.io | Conformidade e Consentimento de Cookies para LGPD

consensu-io

Configure facilmente consentimento e monitoramento de cookies em seu website e esteja em conformidade com a LGPD.

300 1 CVE

Developer Profile

LGPD Framework By Data443 Developer Profile

Data443 Risk Mitigation, Inc.

10 plugins · 213K total installs

trust score

Avg Security Score

84/100

Avg Patch Time

411 days

View full developer profile

Detection Fingerprints

How We Detect LGPD Framework By Data443

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/lgpd-framework/assets/js/showseal.js

HTML / DOM Fingerprints

CSS Classes

data443-privacy-safe

Data Attributes

data-lgpd-privacy-safedata-lgpd-privacy-safe-imagecodedata-lgpd-privacy-safe-paramsdata-lgpd-privacy-safe-backlinkdata-lgpd-privacy-safe-close-textdata-lgpd-privacy-safe-text-color+5 more

JS Globals

lgpd_seal_var

Shortcode Output

<div class="data443-privacy-safe" style="font-size:12px;text-align: left;"><img id="data443-privacy-safe-image" src="https://orders.data443.com/seal/seal.php?params=

FAQ

LGPD Framework By Data443 Security & Risk Analysis

Is LGPD Framework By Data443 Safe to Use in 2026?

Use With Caution

Key Concerns

LGPD Framework By Data443 Security Vulnerabilities

CVEs by Year

Severity Breakdown

LGPD Framework By Data443 Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

LGPD Framework By Data443 Attack Surface

AJAX Handlers 7

Shortcodes 9

LGPD Framework By Data443 Maintenance & Trust

Maintenance Signals

Community Trust

LGPD Framework By Data443 Alternatives

The CCPA Framework By Data443

The GDPR Framework By Data443

GDPR Compliance & Cookie Consent

Gravity Forms: GDPR Framework Add-On

Consensu.io | Conformidade e Consentimento de Cookies para LGPD

LGPD Framework By Data443 Developer Profile

How We Detect LGPD Framework By Data443

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about LGPD Framework By Data443