Beautiful Cookie Consent Banner < 2.10.2 - Cross-Site Scripting

The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via the 'nscbarcontenthref' parameter in versions up to, and including, 2.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

ethyca-fides has a DOM-based XSS vulnerability in fides.js via fides_description override

Summary fides.js is the script that renders Fides's consent banner on customer websites. It lets the embedding page override the banner's description text at runtime via a URL query parameter, a JavaScript global, or a cookie. On sites that have opted into HTML-formatted descriptions, the...

EUVD-2025-19989

Malicious code in bioql PyPI...

CVE-2025-58607

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GDPR Info Cookie Notice & Consent Banner for GDPR & CCPA Compliance cookie-notice-and-consent-banner allows Stored XSS.This issue affects Cookie Notice & Consent Banner for GDPR & CCPA Compliance:...

CVE-2025-58607 WordPress Cookie Notice & Consent Banner for GDPR & CCPA Compliance Plugin <= 1.7.11 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GDPR Info Cookie Notice & Consent Banner for GDPR & CCPA Compliance cookie-notice-and-consent-banner allows Stored XSS.This issue affects Cookie Notice & Consent Banner for GDPR & CCPA Compliance:...

CVE-2025-58607

CVE-2025-58607 is a stored XSS in the WordPress plugin “Cookie Notice & Consent Banner for GDPR & CCPA Compliance” (versions

CVE-2025-58607 WordPress Cookie Notice & Consent Banner for GDPR & CCPA Compliance Plugin <= 1.7.11 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GDPR Info Cookie Notice & Consent Banner for GDPR & CCPA Compliance cookie-notice-and-consent-banner allows Stored XSS.This issue affects Cookie Notice & Consent Banner for GDPR & CCPA Compliance:...

WordPress plugin Cookie Notice & Consent Banner for GDPR & CCPA Compliance 跨站脚本漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin Cookie...

CVE-2025-49866

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nikel Beautiful Cookie Consent Banner beautiful-and-responsive-cookie-consent allows Reflected XSS.This issue affects Beautiful Cookie Consent Banner: from n/a through = 4.6.1...

CVE-2025-49866

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nikel Beautiful Cookie Consent Banner beautiful-and-responsive-cookie-consent allows Reflected XSS.This issue affects Beautiful Cookie Consent Banner: from n/a through = 4.6.1...

CVE-2025-49866 WordPress Beautiful Cookie Consent Banner plugin <= 4.6.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nikel Beautiful Cookie Consent Banner beautiful-and-responsive-cookie-consent allows Reflected XSS.This issue affects Beautiful Cookie Consent Banner: from n/a through = 4.6.1...

WordPress plugin Beautiful Cookie Consent Banner 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

CVE-2023-3388

The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via the 'nscbarcontenthref' parameter in versions up to, and including, 2.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2022-3823

The Beautiful Cookie Consent Banner WordPress plugin before 2.9.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

CVE-2024-5607

The GDPR CCPA Compliance & Cookie Consent Banner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions named ajaxUpdateSettings in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers,...

CVE-2024-5607

The GDPR CCPA Compliance & Cookie Consent Banner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions named ajaxUpdateSettings in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers,...

CVE-2024-5607

The GDPR CCPA Compliance & Cookie Consent Banner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions named ajaxUpdateSettings in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers,...

CVE-2024-5607

The CVE-2024-5607 entry concerns the GDPR CCPA Compliance & Cookie Consent Banner WordPress plugin. It states a missing capability check on multiple ajaxUpdateSettings() functions in all versions up to and including 2.7.0, allowing authenticated attackers with Subscriber-level access and higher t...

WordPress GDPR CCPA Compliance & Cookie Consent Banner plugin <= 2.7.0 - Missing Authorization to Settings Update and Stored Cross-Site Scripting vulnerability

Missing Authorization to Settings Update and Stored Cross-Site Scripting vulnerability discovered by Lucio Sá in WordPress Plugin GDPR CCPA Compliance Support versions = 2.7.0...

WordPress GDPR/CCPA Cookie Consent Banner plugin <= 3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Cookie Consent versions = 3.2...