Complianz – GDPR/CCPA Cookie Consent

complianz-gdpr · by complianz · wordpress.org ↗ · SVN ↗

Acquired by Complianz. New committers from that team's naming convention are expected and will not fire takeover events. source ↗

Active installs: 1M+
Current version: 7.4.6
Added: 2018-06-26
Last updated: 2026-04-17 (15d ago)
First seen by beacon: 10d ago
Total downloads: 27,957,778

Alerts (0)

No open alerts.

Show 4 resolved alerts

Critical code_pattern Resolved · no_longer_matches 2026-04-24 15:56:44 (7d ago)

Slug	complianz-gdpr
Pattern	`unserialize_after_remote_call`
Kind	`builtin`
Version	`7.4.6`
Hit count	3
First hit	File `upgrade/upgrade-to-pro.php` Line 285 Snippet L279: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr → L285: $request->sections = maybe_unserialize( $request->sections );
Explanation	a remote HTTP fetch (`wp_remote_*`/`curl_exec`) is followed by `unserialize`/`maybe_unserialize` within the same file — classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. Legit plugins essentially never do this.

View raw JSON

{
    "slug": "complianz-gdpr",
    "pattern": "unserialize_after_remote_call",
    "kind": "builtin",
    "version": "7.4.6",
    "hit_count": 3,
    "first_hit": {
        "file": "upgrade/upgrade-to-pro.php",
        "line": 285,
        "snippet": "L279: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr  \u2192  L285: $request->sections = maybe_unserialize( $request->sections );"
    },
    "explanation": "a remote HTTP fetch (`wp_remote_*`/`curl_exec`) is followed by `unserialize`/`maybe_unserialize` within the same file \u2014 classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. Legit plugins essentially never do this."
}

Critical code_scan_delta Resolved · fp_edd_updater_library 2026-04-24 15:41:05 (7d ago)

Slug complianz-gdpr

Previous version 7.4.6

Current version 7.4.6

New findings

Pattern	Kind	File	Line	Snippet	Confidence
`unserialize_after_remote_call`	`builtin`	`upgrade/upgrade-to-pro.php`	285	L279: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr → L285: $request->sections = maybe_unserialize( $request->sections );	`high`
`unserialize_after_remote_call`	`builtin`	`upgrade/upgrade-to-pro.php`	291	L279: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr → L291: $request->banners = maybe_unserialize( $request->banners );	`high`
`unserialize_after_remote_call`	`builtin`	`upgrade/upgrade-to-pro.php`	295	L279: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr → L295: $request->icons = maybe_unserialize( $request->icons );	`high`

New finding count 3

View raw JSON

{
    "slug": "complianz-gdpr",
    "previous_version": "7.4.6",
    "current_version": "7.4.6",
    "new_findings": [
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "upgrade/upgrade-to-pro.php",
            "line": 285,
            "snippet": "L279: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr  \u2192  L285: $request->sections = maybe_unserialize( $request->sections );",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "upgrade/upgrade-to-pro.php",
            "line": 291,
            "snippet": "L279: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr  \u2192  L291: $request->banners = maybe_unserialize( $request->banners );",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "upgrade/upgrade-to-pro.php",
            "line": 295,
            "snippet": "L279: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr  \u2192  L295: $request->icons = maybe_unserialize( $request->icons );",
            "confidence": "high"
        }
    ],
    "new_finding_count": 3
}

Critical new_committer_young_account Resolved · no_longer_matches 2026-04-23 18:57:28 (8d ago)

Slug	complianz-gdpr
Committer	gdom3
Display name	`Domenico Gangemi`
Member since	2024-10-09
First commit at	2024-10-09 08:44:56
Account age at first commit	0
Commit count	50
Active installs	1,000,000

View raw JSON

{
    "slug": "complianz-gdpr",
    "committer": "gdom3",
    "display_name": "Domenico Gangemi",
    "member_since": "2024-10-09",
    "first_commit_at": "2024-10-09 08:44:56",
    "account_age_at_first_commit": 0,
    "commit_count": 50,
    "active_installs": 1000000
}

Critical new_committer_young_account Resolved · deduped 2026-04-21 18:24:41 (10d ago)

Slug	complianz-gdpr
Committer	gdom3
Display name	`Domenico Gangemi`
Member since	2024-10-09
First commit at	2024-10-09 08:44:56
Account age at first commit	0
Commit count	50
Active installs	1,000,000

View raw JSON

{
    "slug": "complianz-gdpr",
    "committer": "gdom3",
    "display_name": "Domenico Gangemi",
    "member_since": "2024-10-09",
    "first_commit_at": "2024-10-09 08:44:56",
    "account_age_at_first_commit": 0,
    "commit_count": 50,
    "active_installs": 1000000
}

SVN committers (4)

Accounts with actual commit access to complianz-gdpr on plugins.svn.wordpress.org, reconstructed from svn log. This is the list that matters for ownership changes — not the readme contributors.

Committer	Member since	Commits	First commit	Latest commit
Rogier Lankhorst	2015-01-13	138	2018-07-09 · r1906526	2024-05-29 · r3094434
Domenico Gangemi Young account	2024-10-09	50	2024-10-09 · r3165538	2026-04-20 · r3510607
Moustafa Gouda	2018-07-14	8	2024-10-22 · r3173806	2024-11-14 · r3188888
Hessel de Jong	2020-11-24	4	2023-02-15 · r2865531	2023-08-09 · r2950241

Readme contributors (12)

Names the plugin's readme declares as contributors. A soft signal — anyone can be listed. The SVN access column is the ground-truth cross-reference: does this contributor actually commit code?

Contributor	Member since	SVN access	Status
Rogier Lankhorst	2015-01-13	138 commits	Active
Hessel de Jong	2020-11-24	4 commits	Active
Aert	2018-06-28	—	Active
Complianz	2019-05-31	—	Active
Ian Carlson	2011-04-11	—	Active
Jarno Vos	2021-02-01	—	Active
Leon Wimmenhoeve	2019-02-07	—	Active
Mark	2017-08-04	—	Active
Mathieu Paapst	2018-08-23	—	Active
mujuonly	2016-01-12	—	Active
pierrotevrard	2020-02-13	—	Active
tomeijkelenkamp	2021-05-25	—	Active

Versions (20 most recent)

Version	Released	Download
7.4.6	2026-04-17 · 15d ago	zip
7.4.5	2026-03-16 · 1mo ago	zip
7.4.4.2	2025-12-16 · 4mo ago	zip
7.4.4.1	2025-12-03 · 5mo ago	zip
7.4.4	2025-11-18 · 5mo ago	zip
7.4.3	2025-11-03 · 6mo ago	zip
7.4.2	2025-07-29 · 9mo ago	zip
7.4.1	2025-06-18 · 10mo ago	zip
7.4.0.1	2025-04-15 · 1y ago	zip
7.4.0	2025-04-02 · 1y ago	zip
7.3.1	2025-03-12 · 1y ago	zip
7.3.0	2025-02-12 · 1y ago	zip
7.2.0	2025-01-08 · 1y ago	zip
7.1.5	2024-12-24 · 1y ago	zip
beta	2024-12-13 · 1y ago	zip
7.1.4	2024-10-28 · 1y ago	zip
7.1.0	2024-05-29 · 1y ago	zip
7.0.5	2024-04-30 · 2y ago	zip
7.0.4	2024-03-28 · 2y ago	zip
6.5.6	2023-12-13 · 2y ago	zip