Lucene search
K

32 matches found

CVE
CVE
added 2026/01/22 4:52 p.m.11 views

CVE-2025-68073

CVE-2025-68073 describes a Missing Authorization vulnerability in the WordPress plugin “Ninja Team GDPR CCPA Compliance Support” (ninja-gdpr-compliance). Affected versions are up to 2.7.4. The issue arises from improperly configured access control, allowing exploitation of security levels. The CV...

6.5CVSS5.4AI score0.00269EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.10 views

WordPress plugin for GDPR CCPA Compliance Support has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.8AI score0.00269EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.9 views

PT-2025-49928

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Humanityco Cookie Notice & Compliance for GDPR / CCPA cookie-notice allows Stored XSS.This issue affects Cookie Notice & Compliance for GDPR / CCPA: from n/a through = 2.5.8...

5.9CVSS6AI score0.00172EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-11502

Malware in sbrugna...

5.4CVSS5.6AI score0.00624EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-24160

Malware in sbrugna...

9.8CVSS9.2AI score0.01719EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-12826

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00457EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-3795

Malicious code in bioql PyPI...

8.8CVSS8.9AI score0.00481EPSS
Exploits0References1
NVD
NVD
added 2025/09/03 3:15 p.m.14 views

CVE-2025-58607

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GDPR Info Cookie Notice & Consent Banner for GDPR & CCPA Compliance cookie-notice-and-consent-banner allows Stored XSS.This issue affects Cookie Notice & Consent Banner for GDPR & CCPA Compliance:...

6.5CVSS0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/03 2:36 p.m.14 views

CVE-2025-58607 WordPress Cookie Notice & Consent Banner for GDPR & CCPA Compliance Plugin <= 1.7.11 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GDPR Info Cookie Notice & Consent Banner for GDPR & CCPA Compliance cookie-notice-and-consent-banner allows Stored XSS.This issue affects Cookie Notice & Consent Banner for GDPR & CCPA Compliance:...

6.5CVSS0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/08 1:19 p.m.7 views

CVE-2025-49285

Cross-Site Request Forgery CSRF vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Cross Site Request Forgery.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 3.8.0...

4.3CVSS5.9AI score0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/06 12:53 p.m.5 views

CVE-2025-49285 WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent <= 3.8.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent allows Cross Site Request Forgery. This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through 3.8.0...

4.3CVSS7.2AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:28 a.m.8 views

CVE-2024-5607

The GDPR CCPA Compliance & Cookie Consent Banner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions named ajaxUpdateSettings in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers,...

5.4CVSS6.6AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:55 a.m.5 views

CVE-2023-24400

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Hu-manity.Co Cookie Notice & Compliance for GDPR / CCPA plugin = 2.4.6 versions...

6.5CVSS5.9AI score0.00387EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:22 p.m.5 views

CVE-2021-24590

The Cookie Notice & Consent Banner for GDPR & CCPA Compliance WordPress plugin before 1.7.2 does not properly sanitize inputs to prevent injection of arbitrary HTML within the plugin's design customization options...

5.4CVSS7AI score0.00624EPSS
Exploits2References1
Patchstack
Patchstack
added 2025/05/19 4:30 p.m.7 views

WordPress GDPR CCPA Compliance Support plugin <= 2.7.3 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Aiden in WordPress Plugin GDPR CCPA Compliance Support versions = 2.7.3...

4.3CVSS6.7AI score0.00211EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/05/19 3:15 p.m.15 views

CVE-2025-48260

Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR CCPA Compliance Support: from n/a through = 2.7.3...

4.3CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 2:45 p.m.18 views

CVE-2025-48260 WordPress GDPR CCPA Compliance Support plugin <= 2.7.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR CCPA Compliance Support: from n/a through = 2.7.3...

4.3CVSS0.00211EPSS
Exploits0References1
CVE
CVE
added 2025/05/19 2:45 p.m.27 views

CVE-2025-48260

CVE-2025-48260 corresponds to a Missing Authorization (broken access control) vulnerability in the WordPress plugin GDPR CCPA Compliance Support. The weakness affects versions up to 2.7.3 and is described as allowing exploitation of incorrectly configured access control levels. The CVSSv3.1 score...

4.3CVSS5.9AI score0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/19 12:0 a.m.5 views

PT-2025-21972 · Unknown · Ninjateam Gdpr Ccpa Compliance Support

Name of the Vulnerable Software and Affected Versions: Ninja Team GDPR CCPA Compliance Support versions 2.7.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For...

4.3CVSS4.4AI score0.00211EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 3:10 p.m.7 views

CVE-2020-36718

The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.3 via deserialization of untrusted input "njtgdprallowpermissions" value. This allows unauthenticated attackers to inject a PHP Object...

9.8CVSS7.3AI score0.01719EPSS
Exploits1References1
Rows per page
Query Builder