89 matches found
PrestaShop lgcookieslaw - SQL Injection
The EU Cookie Law GDPR Banner + Blocker PrestaShop module before 2.1.3 allows blind SQL injection via the lglaw or lgcookieslaw cookie used to store user consent choices. id: CVE-2022-44727 info: name: PrestaShop lgcookieslaw - SQL Injection author: mastercho severity: critical description: | The...
DRUPAL-CONTRIB-2026-040
This module enables sites to comply with the European cookie law using tarteaucitron.js. The module doesn't sufficiently filter user-supplied markup inside of content leading to an attacker being able to delete arbitrary cookies. This vulnerability is mitigated by the fact that an attacker needs ...
PT-2026-46080
This module enables sites to comply with the European cookie law using tarteaucitron.js. The module doesn't sufficiently filter user-supplied markup inside of content leading to an attacker being able to delete arbitrary cookies. This vulnerability is mitigated by the fact that an attacker needs ...
TacJS - Moderately critical - Improper Access Control - SA-CONTRIB-2026-040
This module enables sites to comply with the European cookie law using tarteaucitron.js. The module doesn't sufficiently filter user-supplied markup inside of content leading to an attacker being able to delete arbitrary cookies. This vulnerability is mitigated by the fact that an attacker needs ...
CVE-2021-47957
Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...
CVE-2021-47957
Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...
CVE-2021-47957 WordPress Plugin Cookie Law Bar 1.2.1 Stored XSS via clb_bar_msg
Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...
EUVD-2021-34825
Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...
CVE-2021-47957 WordPress Plugin Cookie Law Bar 1.2.1 Stored XSS via clb_bar_msg
Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...
CVE-2021-47957
The vulnerability affects the WordPress plugin Cookie Law Bar (version 1.2.1). It is a stored XSS in the Bar Message field (parameter clb_bar_msg) that can be exploited by an authenticated attacker to inject scripts via the plugin settings page, with the payload executing in the browsers of all s...
WordPress plugin Cookie Law Bar 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
PT-2026-41454
Name of the Vulnerable Software and Affected Versions Cookie Law Bar version 1.2.1 Description A stored cross-site scripting issue allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the 'Bar Message' field. These script payloads are injected through the...
CVE-2023-40198
Cross-Site Request Forgery CSRF vulnerability in Antsanchez Easy Cookie Law plugin = 3.1 versions...
CVE-2025-23434
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in viher3 Easy EU Cookie law easy-eu-cookie-law allows Stored XSS.This issue affects Easy EU Cookie law: from n/a through = 1.3.3.1...
CVE-2019-16522
The eu-cookie-law plugin through 3.0.6 for WordPress aka EU Cookie Law GDPR is susceptible to Stored XSS due to improper encoding of several configuration options in the admin area and the displayed cookie consent message. This affects Font Color, Background Color, and the Disable Cookie text. An...
EUVD-2019-7199
Malware in sbrugna...
EUVD-2020-5030
Malware in sbrugna...
EUVD-2023-44795
Malicious code in bioql PyPI...
EUVD-2024-36756
Malicious code in bioql PyPI...
EUVD-2025-3180
Malicious code in bioql PyPI...