Support » Plugin: Complianz - GDPR/CCPA Cookie Consent » Security risk

  • We tried this plugin, but it appears to save the admins credentials and automatically logs in for anyone visiting the website. Given that this was the first plugin we installed, once we removed the plugin the site stopped logging in visitors as the admin account for the site. Really bad design, security risk and not recommended at all.

    • This topic was modified 3 months, 4 weeks ago by Jan Dembowski. Reason: Removed reference to other plugin
Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Rogier Lankhorst


    Hi @galaxcjohn,

    The plugin does not save admin credentials anywhere, neither does it log in visitors. Why do you think that?

    I think you may be confusing the requests from the automated scan in the plugin with visitors logging in. When an admin, like you, is logged in on the website, the cookie scan will load the front-end of the website in an iframe in your admin to verify the cookies. As you are logged in yourself, this is actually you loading the iframe.

    You don’t have to worry: it is not possible for anyone to log in to the website using our plugin.

    Let me know if you need any further clarification.

    Moderator Jan Dembowski


    Forum Moderator and Brute Squad

    @galaxcjohn I have removed the part about another plugin. That’s not for this plugin’s review and please leave that out next time.

    Thread Starter galaxcjohn


    @jdembowski – Apologies, I’ll remember that for next time.

    @rogierlankhorst – I have tried this on a brand new installation, and both an older version of the plugin (downloaded last year but never got around to trying it, so installed and updated within WP) but we can’t seem to stop the admin bar appearing up top when viewing in both a cached, and incognito window within Chrome or Edge.

    Right now, the only thing in place is Divi. When the plugin is active and the cache cleared, it still shows the admin bar. When the plugin is deactivated, the admin bar is no longer present within incognito Chrome.

    We’ve tried blitzing the test site, installed a new site, same again. I’m totally stumped as this is the 3rd attempt of this. Initially, we thought it was WP-Optimize, but haven’t added it on the 2nd and 3rd attempts.

    Nothing showing up in debugging either.

    I’m 100% all for trying to get this fixed as the plugin settings, setup and things are great, but this one (albeit massive) challenge is really stumping me on what it could be.

    Plugin Author Rogier Lankhorst


    As mentioned, we don’t save credentials or login visitors automatically. As there’s no code for this purpose, or anything related.

    The only thing I could think of is that you’re opening an incognito window, on top off an already existing incognito window where you’re already logged-in. Does this happen on other devices, like a browser on your phone?

    We’d like to figure it out as well, so if you could share your URL, or a staging URL so we can have a look, let me know.

    We can’t reproduce such behavior ourselves. You can check 😉

    Is this happening also with a default wp theme and all other plugins deactivated?

    Plugin Author Rogier Lankhorst


    @galaxcjohn what we could try, is that you set up a sandbox here (free)

    Then install Complianz. You can then add your theme and plugins. If nothing happens you’ll know the issue has to be on your own server.

    If you can reproduce it there we can take a look.

    Good idea?

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this review.