3 matches found
CVE-2024-4869
The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...
CVE-2024-4869 WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header
The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...
WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Plugin <= 3.2.0 is vulnerable to Cross Site Scripting (XSS)
Software WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Type Plugin Vulnerable versions = 3.2.0 Fixed in 3.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4869 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...