Lucene search
K

13 matches found

NVD
NVD
added 2026/05/16 4:16 p.m.11 views

CVE-2021-47957

Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...

6.4CVSS0.00197EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/16 3:26 p.m.35 views

CVE-2021-47957 WordPress Plugin Cookie Law Bar 1.2.1 Stored XSS via clb_bar_msg

Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...

6.4CVSS0.00197EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/16 3:26 p.m.9 views

CVE-2021-47957 WordPress Plugin Cookie Law Bar 1.2.1 Stored XSS via clb_bar_msg

Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/16 3:26 p.m.6 views

CVE-2021-47957

Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/16 3:26 p.m.11 views

EUVD-2021-34825

Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References4
CVE
CVE
added 2026/05/16 3:26 p.m.18 views

CVE-2021-47957

The vulnerability affects the WordPress plugin Cookie Law Bar (version 1.2.1). It is a stored XSS in the Bar Message field (parameter clb_bar_msg) that can be exploited by an authenticated attacker to inject scripts via the plugin settings page, with the payload executing in the browsers of all s...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/16 12:0 a.m.11 views

WordPress plugin Cookie Law Bar 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/16 12:0 a.m.12 views

PT-2026-41454

Name of the Vulnerable Software and Affected Versions Cookie Law Bar version 1.2.1 Description A stored cross-site scripting issue allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the 'Bar Message' field. These script payloads are injected through the...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References6
WPVulnDB
WPVulnDB
added 2021/05/25 12:0 a.m.10 views

Cookie Law Bar <= 1.2.1 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin does not properly sanitise its Bar Message setting, allowing high privilege users to set an XSS payload in it, which will be triggered in all frontend page of the blog. PoC As admin, go the plugin settings /wp-admin/options-general.php?page=clb and set a payload such as in the Bar...

1.7AI score
Exploits0References2Affected Software1
0day.today
0day.today
added 2021/05/25 12:0 a.m.23 views

WordPress Cookie Law Bar 1.2.1 Plugin - (clb_bar_msg) Stored Cross-Site Scripting Vulnerability

Exploit Title: WordPress Plugin Cookie Law Bar 1.2.1 - 'clbbarmsg' Stored Cross-Site Scripting XSS Exploit Author: Mesut Cetin Vendor Homepage: https://www.cookielawinfo.com/wordpress-plugin/ Software Link: https://wordpress.org/plugins/cookie-law-bar/ Version: 1.2.1 Tested on: Ubuntu 16.04 LTS,...

Exploits0
wpexploit
wpexploit
added 2021/05/25 12:0 a.m.113 views

Cookie Law Bar <= 1.2.1 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin does not properly sanitise its Bar Message setting, allowing high privilege users to set an XSS payload in it, which will be triggered in all frontend page of the blog. As admin, go the plugin settings /wp-admin/options-general.php?page=clb and set a payload such as alert/XSS/ in the B...

6.2AI score
Exploits0References2
Packet Storm
Packet Storm
added 2021/05/25 12:0 a.m.179 views

WordPress Cookie Law Bar 1.2.1 Cross Site Scripting

Exploit Title: WordPress Plugin Cookie Law Bar 1.2.1 - 'clbbarmsg' Stored Cross-Site Scripting XSS Date: 2021-05-24 Exploit Author: Mesut Cetin Vendor Homepage: https://www.cookielawinfo.com/wordpress-plugin/ Software Link: https://wordpress.org/plugins/cookie-law-bar/ Version: 1.2.1 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/25 12:0 a.m.187 views

WordPress Plugin Cookie Law Bar 1.2.1 - &#039;clb_bar_msg&#039; Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Cookie Law Bar 1.2.1 - 'clbbarmsg' Stored Cross-Site Scripting XSS Date: 2021-05-24 Exploit Author: Mesut Cetin Vendor Homepage: https://www.cookielawinfo.com/wordpress-plugin/ Software Link: https://wordpress.org/plugins/cookie-law-bar/ Version: 1.2.1 Tested on:...

7.4AI score
Exploits0
Rows per page
Query Builder