Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2023/03/29 12:0 a.m.12 views

WordPress Cookie Notice & Compliance for GDPR / CCPA Plugin < 2.4.7 Multiple XSS Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:hu-manity:cookienotice%26complianceforgdpr%2fccpa";...

6.5CVSS5.5AI score0.00457EPSS
Exploits2References2
OSV
OSV
added 2023/03/27 4:15 p.m.2 views

CVE-2023-0823

The Cookie Notice & Compliance for GDPR / CCPA WordPress plugin before 2.4.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...

5.4CVSS6.7AI score0.00457EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/03/27 3:37 p.m.22 views

CVE-2023-0823 Cookie Notice & Compliance for GDPR / CCPA < 2.4.7 - Contributor+ Stored XSS

The Cookie Notice & Compliance for GDPR / CCPA WordPress plugin before 2.4.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...

5.7AI score0.00457EPSS
Exploits2References1
CVE
CVE
added 2023/03/27 3:37 p.m.89 views

CVE-2023-0823

CVE-2023-0823 affects the Cookie Notice & Compliance for GDPR / CCPA WordPress plugin before 2.4.7. The issue is that shortcode attributes are not properly validated or escaped before output, enabling stored cross-site scripting when a page/post embeds the shortcode and the attacker has Contribut...

5.4CVSS5.3AI score0.00457EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder