CVE-2025-66080

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 4.0.3...

CVE-2025-66080

CVE-2025-66080 affects Cookie Banner for GDPR / CCPA – WPLP Cookie Consent (WordPress plugin) and is a Missing Authorization vulnerability. Wordfence reports affected versions up to 4.0.3 with Patched status in later updates; exploitation would involve access-control bypass via misconfigured secu...

EUVD-2025-205816

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through 4.0.3...

PT-2025-54190

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through 4.0.3...

CVE-2025-66133

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 4.0.7...

PT-2025-51421

Name of the Vulnerable Software and Affected Versions WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions through 4.0.7 Description An authorization issue exists in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent. The issue involves incorrectly configured...

CVE-2025-66075

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 4.0.3...

WordPress plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions = 4.0.3...

EUVD-2025-16608

Malicious code in bioql PyPI...

EUVD-2025-17276

Malicious code in bioql PyPI...

CVE-2025-49285

Cross-Site Request Forgery CSRF vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Cross Site Request Forgery.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 3.8.0...

CVE-2025-49285

Cross-Site Request Forgery CSRF vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Cross Site Request Forgery.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 3.8.0...

CVE-2025-49285

CVE-2025-49285 is a CSRF vulnerability in the WP Cookie Notice for GDPR, CCPA & ePrivacy Consent WordPress plugin. Reported as affecting versions from n/a up to 3.8.0. The connected Red Hat and Wordfence records confirm a CSRF issue but do not provide details on exploit vectors beyond the CSRF la...

CVE-2025-49285 WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent <= 3.8.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent allows Cross Site Request Forgery. This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through 3.8.0...

WordPress plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2024-4869

The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...

CVE-2024-4869 WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header

The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...

CVE-2024-4869

Based on the CVE entry CVE-2024-4869 and corroborating sources, the WP Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Client-IP header in all versions up to 3.2.0 due to insufficient input sanitization and output escaping. The vulnerability can allow an u...

WordPress WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) plugin <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header vulnerability

Unauthenticated Stored Cross-Site Scripting via Client-IP header vulnerability discovered by Krzysztof Zając in WordPress Plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions = 3.2.0...