41 matches found
PT-2025-27153 · Cookiebot · Cookiebot
Name of the Vulnerable Software and Affected Versions: Cookiebot versions through 4.5.8 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This is a type of attack where an attacker tricks a user...
CVE-2025-1666
The Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the senduninstallsurvey function in all versions up to, and including, 4.4.1. This makes it possible for authenticate...
CVE-2025-1666 Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics <= 4.4.1 - Missing Authorization to Authenticated (Subscriber+) Survey Submission
The Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the senduninstallsurvey function in all versions up to, and including, 4.4.1. This makes it possible for authenticate...
CVE-2025-1666 Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics <= 4.4.1 - Missing Authorization to Authenticated (Subscriber+) Survey Submission
The Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the senduninstallsurvey function in all versions up to, and including, 4.4.1. This makes it possible for authenticate...
CVE-2025-1666
CVE-2025-1666 refers to the WordPress cookie banner plugin Cookiebot CMP by Usercentrics. The Red Hat entry and Wordfence coverage confirm a vulnerability caused by a missing capability check in send_uninstall_survey() affecting all versions up to 4.4.1, allowing authenticated attackers with Subs...
WordPress Cookiebot plugin <= 4.4.1 - Missing Authorization to Authenticated (Subscriber+) Survey Submission vulnerability
Missing Authorization to Authenticated Subscriber+ Survey Submission vulnerability discovered by Peter Thaleikis in WordPress Plugin Cookiebot versions = 4.4.1...
WordPress plugin Cookiebot CMP by Usercentrics 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
The vulnerability of the Cookiebot module and the GTM CMS system Drupal, which allows attackers to perform cross-site scripting attacks.
The vulnerability of the Cookiebot module and the Drupal CMS system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
CVE-2024-13289
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Cookiebot + GTM allows Cross-Site Scripting XSS.This issue affects Cookiebot + GTM: from 0.0.0 before 1.0.18...
CVE-2024-13289
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Cookiebot + GTM allows Cross-Site Scripting XSS.This issue affects Cookiebot + GTM: from 0.0.0 before 1.0.18...
CVE-2024-13289 Cookiebot + GTM - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-055
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Cookiebot + GTM allows Cross-Site Scripting XSS.This issue affects Cookiebot + GTM: from 0.0.0 before 1.0.18...
CVE-2024-13289 Cookiebot + GTM - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-055
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Cookiebot + GTM allows Cross-Site Scripting XSS.This issue affects Cookiebot + GTM: from 0.0.0 before 1.0.18...
CVE-2024-13289
CVE-2024-13289 affects the Drupal Cookiebot + GTM module. The issue is an improper neutralization of input during web page generation, enabling Cross-Site Scripting (XSS). Affected versions are 0.0.0 up to, but not including, 1.0.18. The recommended remediation is to upgrade to version 1.0.18 or ...
Drupal 安全漏洞
Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Cookiebot + GTM prior to version 1.0.18, which stems from improper input neutralization during page generation, resulting in a cross-site scripting...
DRUPAL-CONTRIB-2024-055
This module makes it possible for you to integrate Cookiebot and Google Tag Manager in a fast and simple way. The module doesn't sufficiently filter for malicious script leading to a persistent cross site scripting XSS vulnerability...
Cookiebot + GTM - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-055
This module makes it possible for you to integrate Cookiebot and Google Tag Manager in a fast and simple way. The module doesn't sufficiently filter for malicious script leading to a persistent cross site scripting XSS vulnerability...
Drupal Cookiebot + GTM module < 1.0.18 - Authenticated Cross Site Scripting (XSS) vulnerability
Authenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff in WordPress Module Cookiebot + GTM versions 1.0.18...
PT-2025-2104 · Unknown · Cookiebot + Gtm
Name of the Vulnerable Software and Affected Versions: Cookiebot + GTM versions 0.0.0 through 1.0.17 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting XSS. This allows an attacker to conduct Cross-Site Scripting...
Cookiebot < 3.6.1 - CSRF & XSS
Antony Garand of Sucuri discovered that multiple WordPress plugins were vulnerable to Cross-Site Scripting XSS within the admin panel, which could be exploited by using s Cross-Site Request Forgery CSRF attack...
WordPress Cookiebot plugin <= 3.6.0 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability found by Antony Garand Sucuri in WordPress Cookiebot plugin versions = 3.6.0. Solution Update the WordPress Cookiebot plugin to the latest available version at least 3.6.1...