Lucene search
K

38 matches found

Patchstack
Patchstack
added 6 days ago5 views

WordPress Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin <= 4.3.6 - Authenticated (Administrator+) SQL Injection vulnerability

Authenticated Administrator+ SQL Injection vulnerability discovered by PRISM in WordPress Plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions = 4.3.6...

4.9CVSS6.1AI score0.00294EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/31 5:6 p.m.5 views

CVE-2025-66080

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 4.0.3...

5.3CVSS5.9AI score0.00235EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/30 4:10 p.m.7 views

EUVD-2025-205816

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through 4.0.3...

5.3CVSS6.5AI score0.00235EPSS
Exploits0References2
CVE
CVE
added 2025/12/30 4:10 p.m.9 views

CVE-2025-66080

CVE-2025-66080 affects Cookie Banner for GDPR / CCPA – WPLP Cookie Consent (WordPress plugin) and is a Missing Authorization vulnerability. Wordfence reports affected versions up to 4.0.3 with Patched status in later updates; exploitation would involve access-control bypass via misconfigured secu...

5.3CVSS5.9AI score0.00235EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.9 views

PT-2025-54190

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through 4.0.3...

5.3CVSS7AI score0.00235EPSS
Exploits0References3
NVD
NVD
added 2025/12/16 9:15 a.m.4 views

CVE-2025-66133

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 4.0.7...

5.3CVSS0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.6 views

PT-2025-51421

Name of the Vulnerable Software and Affected Versions WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions through 4.0.7 Description An authorization issue exists in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent. The issue involves incorrectly configured...

5.3CVSS6.4AI score0.00214EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/22 12:34 p.m.13 views

CVE-2025-66075

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 4.0.3...

4.3CVSS6.9AI score0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/21 12:0 a.m.6 views

WordPress plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.3CVSS5.8AI score0.00255EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/08 8:55 a.m.7 views

WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions = 4.0.3...

4.2CVSS7AI score0.00255EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-17276

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.0014EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2025-16608

Malicious code in bioql PyPI...

4.8CVSS5.4AI score0.0021EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/06/08 1:19 p.m.7 views

CVE-2025-49285

Cross-Site Request Forgery CSRF vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Cross Site Request Forgery.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 3.8.0...

4.3CVSS5.9AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2025/06/06 1:15 p.m.8 views

CVE-2025-49285

Cross-Site Request Forgery CSRF vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Cross Site Request Forgery.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 3.8.0...

4.3CVSS0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/06 12:53 p.m.5 views

CVE-2025-49285 WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent <= 3.8.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent allows Cross Site Request Forgery. This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through 3.8.0...

4.3CVSS7.2AI score0.0014EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:53 p.m.41 views

CVE-2025-49285

CVE-2025-49285 is a CSRF vulnerability in the WP Cookie Notice for GDPR, CCPA & ePrivacy Consent WordPress plugin. Reported as affecting versions from n/a up to 3.8.0. The connected Red Hat and Wordfence records confirm a CSRF issue but do not provide details on exploit vectors beyond the CSRF la...

4.3CVSS5.9AI score0.0014EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.6 views

WordPress plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

4.3CVSS4.8AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2024/06/26 12:15 a.m.44 views

CVE-2024-4869

The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...

7.2CVSS0.00377EPSS
Exploits0References3
CVE
CVE
added 2024/06/25 11:35 p.m.58 views

CVE-2024-4869

Based on the CVE entry CVE-2024-4869 and corroborating sources, the WP Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Client-IP header in all versions up to 3.2.0 due to insufficient input sanitization and output escaping. The vulnerability can allow an u...

7.2CVSS6.4AI score0.00377EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/06/25 11:35 p.m.49 views

CVE-2024-4869 WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header

The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...

7.2CVSS0.00377EPSS
Exploits0References3
Rows per page
Query Builder