EUVD-2025-37408

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnectaccountrequest function in all versions up to, and including, 3.5.1. This makes i...

CVE-2025-11816

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnectaccountrequest function in all versions up to, and including, 3.5.1. This makes i...

CVE-2025-11816

CVE-2025-11816 concerns the WP Legal Pages (Privacy Policy Generator, Terms & Conditions Generator) WordPress plugin. Wordfence reports that all versions up to and including 3.5.1 are vulnerable due to a missing capability check in disconnect_account_request(), enabling unauthenticated attackers ...

CVE-2025-11816 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.5.1 - Missing Authorization to Unauthenticated API Disconnect

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnectaccountrequest function in all versions up to, and including, 3.5.1. This makes i...

PT-2025-44696

Name of the Vulnerable Software and Affected Versions WP Legal Pages versions prior to 3.5.2 Description The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin: WP Legal Pages is susceptible to unauthorized data modification. This is due to a missing capability check within t...

EUVD-2021-12018

Malware in sbrugna...

CVE-2025-8565

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on the wplpgdprinstallpluginajaxhandler function in all versions up to, and including, 3.4.3...

CVE-2025-8565

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on the wplpgdprinstallpluginajaxhandler function in all versions up to, and including, 3.4.3...

CVE-2025-8565 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.4.3 - Missing Authorization to Authenticated (Contributor+) Arbitrary Plugin Installation

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on the wplpgdprinstallpluginajaxhandler function in all versions up to, and including, 3.4.3...

CVE-2025-8565 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.4.3 - Missing Authorization to Authenticated (Contributor+) Arbitrary Plugin Installation

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on the wplpgdprinstallpluginajaxhandler function in all versions up to, and including, 3.4.3...

CVE-2025-8565

CVE-2025-8565 affects the WordPress plugin Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin: WP Legal Pages. The vulnerability is a missing capability check in wplp_gdpr_install_plugin_ajax_handler() that exists in all versions up to and including 3.4.3. This allows authent...

CVE-2025-49413 WordPress Super Store Finder Plugin <= 7.6 - Reflected Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Store Finder superstorefinder-wp allows Reflected XSS.This issue affects Super Store Finder: from n/a through = 7.6...

CVE-2025-49413

CVE-2025-49413 affects the WordPress plugin “Super Store Finder” (WP plugin by highwarden) versions up to and including 7.6. It is a reflected XSS caused by improper neutralization of input during web page generation. The CVSS 3.1 base vector indicates Network attack, no privileges required, user...

PT-2025-33948 · Unknown · Wishloop Terms Of Service & Privacy Policy Generator

Name of the Vulnerable Software and Affected Versions: Wishloop Terms of Service & Privacy Policy Generator versions through 1.0 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to Stored Cross-site Scripting XSS. This allows for the...

CVE-2024-12636

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.6. This is due to missing or incorrect nonce validation on the 'createpopupdeleteprocess' functio...

CVE-2024-12636 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.2.7 - Cross-Site Request Forgery

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.6. This is due to missing or incorrect nonce validation on the 'createpopupdeleteprocess' functio...

CVE-2023-47824

Cross-Site Request Forgery CSRF vulnerability in wpWax Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator plugin = 1.3.8 versions...

WordPress WP AutoTerms: Privacy Policy Generator (GDPR & CCPA), Terms & Conditions Generator, Cookie Notice Banner Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Software WP AutoTerms: Privacy Policy Generator GDPR & CCPA, Terms & Conditions Generator, Cookie Notice Banner Type Plugin Vulnerable versions = 1.8.2 Fixed in 2.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1...