Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.8 views

CVE-2022-0445

The WordPress Real Cookie Banner: GDPR DSGVO & ePrivacy Cookie Consent WordPress plugin before 2.14.2 does not have CSRF checks in place when resetting its settings, allowing attackers to make a logged in admin reset them via a CSRF attack...

6.5CVSS6.7AI score0.00523EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/10/25 12:0 a.m.5 views

WordPress plugin Real Cookie Banner 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

6.8CVSS6.7AI score0.00358EPSS
Exploits0References8
NVD
NVD
added 2025/10/24 10:15 a.m.7 views

CVE-2025-12136

The Real Cookie Banner: GDPR & ePrivacy Cookie Consent plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.2.4. This is due to insufficient validation on the user-supplied URL in the '/scanner/scan-without-login' REST API endpoint. This makes ...

6.8CVSS0.00358EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/24 9:23 a.m.5 views

EUVD-2025-35827

The Real Cookie Banner: GDPR & ePrivacy Cookie Consent plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.2.4. This is due to insufficient validation on the user-supplied URL in the '/scanner/scan-without-login' REST API endpoint. This makes ...

6.8CVSS5.3AI score0.00358EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/10/24 9:23 a.m.12 views

CVE-2025-12136 Real Cookie Banner: GDPR & ePrivacy Cookie Consent <= 5.2.4 - Authenticated (Admin+) Server-Side Request Forgery via scan-without-login Endpoint

The Real Cookie Banner: GDPR & ePrivacy Cookie Consent plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.2.4. This is due to insufficient validation on the user-supplied URL in the '/scanner/scan-without-login' REST API endpoint. This makes ...

6.8CVSS0.00358EPSS
Exploits0References7
CVE
CVE
added 2025/10/24 9:23 a.m.27 views

CVE-2025-12136

CVE-2025-12136 affects the WordPress plugin “Real Cookie Banner: GDPR & ePrivacy Cookie Consent”. Wordfence and related sources describe a Server-Side Request Forgery (SSRF) vulnerability in all versions up to and including 5.2.4, caused by insufficient validation of the user-supplied URL in the ...

6.8CVSS5.4AI score0.00358EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/10/24 12:0 a.m.8 views

PT-2025-43606

Name of the Vulnerable Software and Affected Versions The Real Cookie Banner versions up to and including 5.2.4 Description The Real Cookie Banner: GDPR & ePrivacy Cookie Consent plugin for WordPress is susceptible to Server-Side Request Forgery. This is caused by inadequate validation of the...

6.8CVSS6.1AI score0.00358EPSS
Exploits0References11
Patchstack
Patchstack
added 2025/10/23 10:57 p.m.8 views

WordPress Real Cookie Banner: GDPR & ePrivacy Cookie Consent plugin <= 5.2.4 - Authenticated (Admin+) Server-Side Request Forgery via scan-without-login Endpoint vulnerability

Authenticated Admin+ Server-Side Request Forgery via scan-without-login Endpoint vulnerability discovered by SpiderSec in WordPress Plugin Real Cookie Banner versions = 5.2.4...

6.8CVSS6.8AI score0.00358EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-51848

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00534EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2025-16608

Malicious code in bioql PyPI...

4.8CVSS5.4AI score0.0021EPSS
Exploits1References2
Patchstack
Patchstack
added 2025/06/02 7:53 p.m.7 views

WordPress Real Cookie Banner Pro plugin < 5.1.6 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Real Cookie Banner Pro versions 5.1.6...

4.8CVSS7.4AI score0.0021EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/06/02 7:47 p.m.7 views

WordPress Real Cookie Banner plugin < 5.1.6 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Real Cookie Banner versions 5.1.6...

4.8CVSS7.4AI score0.0021EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/06/02 6:15 a.m.12 views

CVE-2025-1485

The Real Cookie Banner: GDPR & ePrivacy Cookie Consent WordPress plugin before 5.1.6, real-cookie-banner-pro WordPress plugin before 5.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...

4.8CVSS0.0021EPSS
Exploits1References1
OSV
OSV
added 2025/06/02 6:15 a.m.5 views

CVE-2025-1485

The Real Cookie Banner: GDPR & ePrivacy Cookie Consent WordPress plugin before 5.1.6, real-cookie-banner-pro WordPress plugin before 5.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...

4.8CVSS5.8AI score0.0021EPSS
Exploits1References1
CVE
CVE
added 2025/06/02 6:0 a.m.63 views

CVE-2025-1485

Concrete details confirm a Stored XSS vulnerability in the Real Cookie Banner and Real Cookie Banner Pro WordPress plugins, before version 5.1.6. Root cause: some settings are not sanitised/escaped, allowing high-privilege users (e.g., admins) to perform stored XSS even with unfiltered_html disal...

4.8CVSS5.8AI score0.0021EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/02 6:0 a.m.7 views

CVE-2025-1485 Real Cookie Banner < 5.1.6 - Admin+ Stored XSS

The Real Cookie Banner: GDPR & ePrivacy Cookie Consent WordPress plugin before 5.1.6, real-cookie-banner-pro WordPress plugin before 5.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...

4.7AI score0.0021EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/06/02 6:0 a.m.19 views

CVE-2025-1485 Real Cookie Banner < 5.1.6 - Admin+ Stored XSS

The Real Cookie Banner: GDPR & ePrivacy Cookie Consent WordPress plugin before 5.1.6, real-cookie-banner-pro WordPress plugin before 5.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...

0.0021EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/06/02 12:0 a.m.6 views

WordPress plugin Real Cookie Banner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.8CVSS5AI score0.0021EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 12:16 a.m.7 views

CVE-2022-4507

The Real Cookie Banner WordPress plugin before 3.4.10 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins...

5.4CVSS6AI score0.00534EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2023/01/25 12:0 a.m.16 views

WordPress Real Cookie Banner Plugin < 3.4.10 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:devowl:wordpressrealcookiebanner"; ifdescription...

5.4CVSS5.6AI score0.00534EPSS
Exploits2References1
Rows per page
Query Builder