CVE-2026-4283 is a critical missing authorization vulnerability (CWE-862) in the WP DSGVO Tools (GDPR) plugin for WordPress, affecting all versions up to 3.1.38. The vulnerability exists in the 'super-unsubscribe' AJAX action, which is designed to allow users to unsubscribe and anonymize their accounts through an email confirmation process. However, the action improperly accepts a 'process_now' parameter from unauthenticated users, enabling attackers to bypass the email confirmation step. The nonce token required for the AJAX request is publicly available on any page containing the '[unsubscribe_form]' shortcode, removing any barrier to exploitation. By submitting a victim's email address with 'process_now=1', an attacker can trigger immediate and irreversible anonymization of the victim's account. This process randomizes the password, overwrites the username and email, strips all user roles, anonymizes comments, and wipes sensitive user metadata. The vulnerability does not affect administrator accounts but can destroy any other user account, leading to loss of user data and potential denial of service for legitimate users. The CVSS 3.1 score of 9.1 reflects the vulnerability's network attack vector, low complexity, no privileges or user interaction required, and high impact on integrity and availability of user accounts. No known exploits are currently reported in the wild, but the ease of exploitation and severity make it a critical threat to affected WordPress sites.

The impact of CVE-2026-4283 is severe for organizations using the WP DSGVO Tools (GDPR) plugin on their WordPress sites. Attackers can permanently destroy non-administrator user accounts without authentication, leading to irreversible loss of user data and disruption of user access. This can result in significant operational issues, especially for websites relying on user accounts for services, memberships, or customer management. The anonymization process removes critical user information, which may also affect compliance and auditing capabilities. Additionally, widespread exploitation could damage organizational reputation and trust, particularly for sites handling sensitive or personal data under GDPR regulations. Since the vulnerability affects all versions up to 3.1.38, many sites remain at risk until patched. The lack of required user interaction and the publicly accessible nonce make automated attacks feasible, increasing the threat's scale and speed. Although administrator accounts are not directly affected, the loss of non-admin accounts can still severely impact business continuity and user experience.

To mitigate CVE-2026-4283, organizations should immediately update the WP DSGVO Tools (GDPR) plugin to a patched version once available from the vendor. Until a patch is released, administrators should consider disabling or removing the '[unsubscribe_form]' shortcode from all pages to prevent exposure of the nonce and block the vulnerable AJAX action. Implementing web application firewall (WAF) rules to detect and block requests containing the 'process_now=1' parameter targeting the 'super-unsubscribe' AJAX endpoint can reduce exploitation risk. Additionally, monitoring logs for suspicious unsubscribe requests and unusual account anonymization activity can help detect attempted attacks. Site administrators should review user account integrity regularly and maintain backups to restore any lost data. Restricting access to the AJAX endpoint via IP whitelisting or authentication where feasible can also reduce exposure. Finally, educating site maintainers about the vulnerability and encouraging prompt plugin updates is critical to minimizing risk.