32 matches found
CVE-2025-68073
CVE-2025-68073 describes a Missing Authorization vulnerability in the WordPress plugin “Ninja Team GDPR CCPA Compliance Support” (ninja-gdpr-compliance). Affected versions are up to 2.7.4. The issue arises from improperly configured access control, allowing exploitation of security levels. The CV...
WordPress plugin for GDPR CCPA Compliance Support has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2025-49928
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Humanityco Cookie Notice & Compliance for GDPR / CCPA cookie-notice allows Stored XSS.This issue affects Cookie Notice & Compliance for GDPR / CCPA: from n/a through = 2.5.8...
EUVD-2021-11502
Malware in sbrugna...
EUVD-2020-24160
Malware in sbrugna...
EUVD-2023-12826
Malicious code in bioql PyPI...
EUVD-2025-3795
Malicious code in bioql PyPI...
CVE-2025-58607
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GDPR Info Cookie Notice & Consent Banner for GDPR & CCPA Compliance cookie-notice-and-consent-banner allows Stored XSS.This issue affects Cookie Notice & Consent Banner for GDPR & CCPA Compliance:...
CVE-2025-58607 WordPress Cookie Notice & Consent Banner for GDPR & CCPA Compliance Plugin <= 1.7.11 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GDPR Info Cookie Notice & Consent Banner for GDPR & CCPA Compliance cookie-notice-and-consent-banner allows Stored XSS.This issue affects Cookie Notice & Consent Banner for GDPR & CCPA Compliance:...
CVE-2025-49285
Cross-Site Request Forgery CSRF vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Cross Site Request Forgery.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 3.8.0...
CVE-2025-49285 WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent <= 3.8.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent allows Cross Site Request Forgery. This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through 3.8.0...
CVE-2024-5607
The GDPR CCPA Compliance & Cookie Consent Banner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions named ajaxUpdateSettings in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers,...
CVE-2023-24400
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Hu-manity.Co Cookie Notice & Compliance for GDPR / CCPA plugin = 2.4.6 versions...
CVE-2021-24590
The Cookie Notice & Consent Banner for GDPR & CCPA Compliance WordPress plugin before 1.7.2 does not properly sanitize inputs to prevent injection of arbitrary HTML within the plugin's design customization options...
WordPress GDPR CCPA Compliance Support plugin <= 2.7.3 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Aiden in WordPress Plugin GDPR CCPA Compliance Support versions = 2.7.3...
CVE-2025-48260
Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR CCPA Compliance Support: from n/a through = 2.7.3...
CVE-2025-48260 WordPress GDPR CCPA Compliance Support plugin <= 2.7.3 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR CCPA Compliance Support: from n/a through = 2.7.3...
CVE-2025-48260
CVE-2025-48260 corresponds to a Missing Authorization (broken access control) vulnerability in the WordPress plugin GDPR CCPA Compliance Support. The weakness affects versions up to 2.7.3 and is described as allowing exploitation of incorrectly configured access control levels. The CVSSv3.1 score...
PT-2025-21972 · Unknown · Ninjateam Gdpr Ccpa Compliance Support
Name of the Vulnerable Software and Affected Versions: Ninja Team GDPR CCPA Compliance Support versions 2.7.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For...
CVE-2020-36718
The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.3 via deserialization of untrusted input "njtgdprallowpermissions" value. This allows unauthenticated attackers to inject a PHP Object...