The wording is such [0]:

> If the data subject’s consent is given in the context of a written declaration which also concerns other matters, the request for consent shall be presented in a manner which is clearly distinguishable from the other matters, in an intelligible and easily accessible form, using clear and plain language. Any part of such a declaration which constitutes an infringement of this Regulation shall not be binding.

> ... It shall be as easy to withdraw as to give consent.

Your example does appear muddy, but I also doubt any enforcement targetting such sites.

What however is extremely common is an "Accept all" vs "Manage settings" which opens up another panel, where there is still no "Reject all" option, and only various settings where you can "Save choices" which might or might not default to what you want. Such cases are obviously blatant rule violations, both in amount of clicks and obfuscation of consent.

[0] https://gdpr.eu/article-7-how-to-get-consent-to-collect-pers...