CVE-2025-53316

🗓️ 06 Nov 2025 15:54:04Reported by PatchstackType

CVE-2025-53316 CSRF flaw in WordPress WP GDPR Cookie Consent plugin versions up to 1.0.0 enables stored XSS.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2025-53316	20 Jan 202620:11	–	circl
CNNVD	WordPress plugin WP GDPR Cookie Consent 跨站请求伪造漏洞	6 Nov 202500:00	–	cnnvd
Cvelist	CVE-2025-53316 WordPress WP GDPR Cookie Consent plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability	6 Nov 202515:54	–	cvelist
EUVD	EUVD-2025-37995	6 Nov 202515:54	–	euvd
NVD	CVE-2025-53316	6 Nov 202516:15	–	nvd
Patchstack	WordPress WP GDPR Cookie Consent Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)	27 Jun 202500:00	–	patchstack
Patchstack	WordPress WP GDPR Cookie Consent plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability	27 Jun 202514:55	–	patchstack
Positive Technologies	PT-2025-45226	6 Nov 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-53316	7 Nov 202517:32	–	redhatcve
Vulnrichment	CVE-2025-53316 WordPress WP GDPR Cookie Consent plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability	6 Nov 202515:54	–	vulnrichment

Vulners

Node

shahjahan_jewel wp_gdpr_cookie_consentRange≤1.0.0wordpress

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "wp-gdpr-cookie-consent",
    "product": "WP GDPR Cookie Consent",
    "vendor": "Shahjahan Jewel",
    "versions": [
      {
        "lessThanOrEqual": "1.0.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/Wordpress/Plugin/wp-gdpr-cookie-consent/vulnerability/wordpress-wp-gdpr-cookie-consent-plugin-1-0-0-cross-site-request-forgery-csrf-vulnerability

28 Apr 2026 16:13Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.17.1

EPSS0.00016

SSVC

CWE-352