ConsentFriend 1.7 security issue (fixed in 1.7.2)

There is a security issue in ConsentFriend 1.7.0+ that affects users who have enabled consentfriend.use_geoip.

Due to an unauthorized update server being used, this may lead to a compromise of the MaxMind GeoIP2/GeoLite2 license key, and potential modification of the GeoIP2/GeoLite2 database.

If you’re affected, we recommend revoking your GeoIP2/GeoLite2 license key in your MaxMind account and to create a new one as a precaution.

The issue is resolved in ConsentFriend 1.7.2, released today.