2 matches found
CVE-2026-2389 Complianz – GDPR/CCPA Cookie Consent <= 7.4.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Content Filter
The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 7.4.4.2. This is due to the revertdivstosummary function replacing HTML entities with literal double-quote characters " in post content without subseque...
PT-2024-2071 · WordPress · The Complianz – Gdpr/Ccpa Cookie Consent
Name of the Vulnerable Software and Affected Versions: The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress versions up to, and including, 6.5.6 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the process delete function in...