Hallo there,
We run the latest version of your plugin on our WooCommerce, we do our best to use always the latest version.
In the last few weeks we have started to receive reports from our users. They informed us that their antivirus software was reporting our site as infected.
Indeed, we found that in some cases there was external javascript on our site. As visible in this screenshot https://shottr.cc/s/Wu21/SCR-20230109-nxw.png
After lengthy analysis, we discovered that this javascript is injected by your plugin, via the option “iubenda_cookie_law_solution” which has somehow been overwritten with an eval
https://shottr.cc/s/WzDz/SCR-20230109-nu0.png
Cleaning up the “iubenda_cookie_law_solution” option the malicious javascript disappeared. Was it an old vulnerability? Is it safe to reactivate the plugin?