CVE-2025-63019

Insertion of Sensitive Information Into Sent Data vulnerability in Johan Jonk Stenström Cookies and Content Security Policy cookies-and-content-security-policy allows Retrieve Embedded Sensitive Data.This issue affects Cookies and Content Security Policy: from n/a through = 2.34...

CVE-2025-63019

CVE-2025-63019 describes a vulnerability in the WordPress plugin “Cookies and Content Security Policy” (cookies-and-content-security-policy) affecting versions from n/a up to and including 2.34. It is a data-in-transit/inserted-information issue where sensitive data can be retrieved from sent dat...

CVE-2025-63019 WordPress Cookies and Content Security Policy plugin <= 2.34 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Johan Jonk Stenström Cookies and Content Security Policy cookies-and-content-security-policy allows Retrieve Embedded Sensitive Data.This issue affects Cookies and Content Security Policy: from n/a through = 2.34...

EUVD-2021-11317

Malware in sbrugna...

EUVD-2022-35094

Malicious code in bioql PyPI...

CVE-2025-51529

CVE-2025-51529 affects the WordPress plugin “jonkastonka Cookies and Content Security Policy” up to version 2.29. The vulnerability is an incorrect access control in the AJAX endpoint function cacsp_insert_consent_data, exposed via wp-admin/admin-ajax.php with wp_ajax_nopriv_ and no authenticatio...

WordPress plugin Cookies and Content Security Policy security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2021-24405

The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check when saving its settings, allowing any authenticated users such as subscriber to change them. If users can't register, this can be done through CSRF. Furthermore, the cookie banner setting is not...

Pete Hegseth’s Signal Scandal Spirals Out of Control

Plus: Cybercriminals stole a record-breaking fortune from US residents and businesses in 2024, and Google performs its final flip-flop in its yearslong quest to kill tracking cookies...

CVE-2023-40662

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jonk @ Follow me Darling Cookies and Content Security Policy.This issue affects Cookies and Content Security Policy: from n/a through 2.15...

Cookie Notice & Compliance for GDPR / CCPA < 2.4.7 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks As a contributor, put the below shortcode in...

SUSE CVE-2019-13744

Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

UBUNTU-CVE-2022-2615

Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

WordPress Easy Cookies Policy Plugin Cross-Site Scripting Vulnerability (CNVD-2021-49075)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL server set up a personal blog site.WordPress plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Easy...

Cross site scripting

The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check when saving its settings, allowing any authenticated users such as subscriber to change them. If users can't register, this can be done through CSRF. Furthermore, the cookie banner setting is not...

CVE-2021-24405

The CVE-2021-24405 entry applies to the WordPress plugin Easy Cookies Policy up to version 1.6.2. The vulnerability stems from missing CSRF protection and lack of sanitisation/validation when saving settings, enabling any authenticated user (e.g., subscriber) to alter the cookie banner configurat...

CVE-2021-24405 Easy Cookie Policy <= 1.6.2 - Broken Access Control to Stored Cross-Site Scripting

The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check when saving its settings, allowing any authenticated users such as subscriber to change them. If users can't register, this can be done through CSRF. Furthermore, the cookie banner setting is not...

WordPress plugin Easy Cookies Policy 安全漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL server set up a personal blog site.WordPress plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Easy...

WordPress Easy Cookies Policy plugin <= 1.6.2 - Broken Access Control vulnerability leading to Stored Cross-Site Scripting (XSS)

Broken Access Control vulnerability leading to Stored Cross-Site Scripting XSS discovered by 0xB9 in WordPress Easy Cookies Policy plugin versions = 1.6.2. Solution This plugin has been closed as of April 28, 2021 and is not available for download. This closure is temporary, pending a full review...

chromium-browser: Insufficient policy enforcement in cookies

Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page...