32 matches found
CVE-2022-0445
The WordPress Real Cookie Banner: GDPR DSGVO & ePrivacy Cookie Consent WordPress plugin before 2.14.2 does not have CSRF checks in place when resetting its settings, allowing attackers to make a logged in admin reset them via a CSRF attack...
WordPress plugin Real Cookie Banner 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
CVE-2025-12136
The Real Cookie Banner: GDPR & ePrivacy Cookie Consent plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.2.4. This is due to insufficient validation on the user-supplied URL in the '/scanner/scan-without-login' REST API endpoint. This makes ...
EUVD-2025-35827
The Real Cookie Banner: GDPR & ePrivacy Cookie Consent plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.2.4. This is due to insufficient validation on the user-supplied URL in the '/scanner/scan-without-login' REST API endpoint. This makes ...
CVE-2025-12136 Real Cookie Banner: GDPR & ePrivacy Cookie Consent <= 5.2.4 - Authenticated (Admin+) Server-Side Request Forgery via scan-without-login Endpoint
The Real Cookie Banner: GDPR & ePrivacy Cookie Consent plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.2.4. This is due to insufficient validation on the user-supplied URL in the '/scanner/scan-without-login' REST API endpoint. This makes ...
CVE-2025-12136
CVE-2025-12136 affects the WordPress plugin “Real Cookie Banner: GDPR & ePrivacy Cookie Consent”. Wordfence and related sources describe a Server-Side Request Forgery (SSRF) vulnerability in all versions up to and including 5.2.4, caused by insufficient validation of the user-supplied URL in the ...
PT-2025-43606
Name of the Vulnerable Software and Affected Versions The Real Cookie Banner versions up to and including 5.2.4 Description The Real Cookie Banner: GDPR & ePrivacy Cookie Consent plugin for WordPress is susceptible to Server-Side Request Forgery. This is caused by inadequate validation of the...
WordPress Real Cookie Banner: GDPR & ePrivacy Cookie Consent plugin <= 5.2.4 - Authenticated (Admin+) Server-Side Request Forgery via scan-without-login Endpoint vulnerability
Authenticated Admin+ Server-Side Request Forgery via scan-without-login Endpoint vulnerability discovered by SpiderSec in WordPress Plugin Real Cookie Banner versions = 5.2.4...
EUVD-2022-51848
Malicious code in bioql PyPI...
EUVD-2025-16608
Malicious code in bioql PyPI...
WordPress Real Cookie Banner Pro plugin < 5.1.6 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Real Cookie Banner Pro versions 5.1.6...
WordPress Real Cookie Banner plugin < 5.1.6 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Real Cookie Banner versions 5.1.6...
CVE-2025-1485
The Real Cookie Banner: GDPR & ePrivacy Cookie Consent WordPress plugin before 5.1.6, real-cookie-banner-pro WordPress plugin before 5.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...
CVE-2025-1485
The Real Cookie Banner: GDPR & ePrivacy Cookie Consent WordPress plugin before 5.1.6, real-cookie-banner-pro WordPress plugin before 5.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...
CVE-2025-1485
Concrete details confirm a Stored XSS vulnerability in the Real Cookie Banner and Real Cookie Banner Pro WordPress plugins, before version 5.1.6. Root cause: some settings are not sanitised/escaped, allowing high-privilege users (e.g., admins) to perform stored XSS even with unfiltered_html disal...
CVE-2025-1485 Real Cookie Banner < 5.1.6 - Admin+ Stored XSS
The Real Cookie Banner: GDPR & ePrivacy Cookie Consent WordPress plugin before 5.1.6, real-cookie-banner-pro WordPress plugin before 5.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...
CVE-2025-1485 Real Cookie Banner < 5.1.6 - Admin+ Stored XSS
The Real Cookie Banner: GDPR & ePrivacy Cookie Consent WordPress plugin before 5.1.6, real-cookie-banner-pro WordPress plugin before 5.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...
WordPress plugin Real Cookie Banner 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2022-4507
The Real Cookie Banner WordPress plugin before 3.4.10 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins...
WordPress Real Cookie Banner Plugin < 3.4.10 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:devowl:wordpressrealcookiebanner"; ifdescription...