Lucene search
K

37 matches found

Patchstack
Patchstack
added 2024/06/25 12:0 a.m.13 views

WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Plugin <= 3.2.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Type Plugin Vulnerable versions = 3.2.0 Fixed in 3.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4869 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

7.2CVSS5.9AI score0.00377EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/05/02 5:15 p.m.18 views

CVE-2024-3599

The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the gdprpolicyprocessdelete function in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to delete...

5.3CVSS5.2AI score0.0053EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/02 4:52 p.m.12 views

CVE-2024-3599 WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.0.2 - Missing Authorization to Unauthenticated Arbitrary Post Deletion

The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the gdprpolicyprocessdelete function in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to delete...

5.3CVSS6AI score0.0053EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/02 4:52 p.m.28 views

CVE-2024-3599 WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.0.2 - Missing Authorization to Unauthenticated Arbitrary Post Deletion

The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the gdprpolicyprocessdelete function in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to delete...

5.3CVSS5.4AI score0.0053EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/17 12:0 a.m.10 views

WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Plugin <= 3.0.2 is vulnerable to Broken Access Control

Software WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Type Plugin Vulnerable versions = 3.0.2 Fixed in 3.1.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3599 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID bea6dcba69bc...

5.3CVSS6.6AI score0.0053EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/16 12:0 a.m.21 views

WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) < 3.1.0 - Missing Authorization to Unauthenticated Arbitrary Post Deletion

Description The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the gdprpolicyprocessdelete function in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers t...

5.3CVSS6.7AI score0.0053EPSS
Exploits0References1Affected Software1
Wired Threat Level
Wired Threat Level
added 2023/11/07 4:52 p.m.25 views

YouTube's Ad Blocker Detection Believed to Break EU Privacy Law

A complaint filed with the EU’s independent data regulator accuses YouTube of failing to get explicit user permission for its ad blocker detection system, potentially violating the ePrivacy Directive...

7.2AI score
Exploits0
NVD
NVD
added 2023/11/07 4:15 p.m.22 views

CVE-2023-23678

Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent for GDPR, CCPA & ePrivacy .This issue affects WP Cookie Consent for GDPR, CCPA & ePrivacy : from n/a through 2.2.5...

7.2CVSS0.00605EPSS
Exploits0References1
Prion
Prion
added 2023/11/07 4:15 p.m.21 views

Input validation

Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent for GDPR, CCPA & ePrivacy .This issue affects WP Cookie Consent for GDPR, CCPA & ePrivacy : from n/a through 2.2.5...

5.8CVSS7.4AI score0.00605EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/07 3:48 p.m.27 views

CVE-2023-23678 WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Plugin <= 2.2.5 is vulnerable to CSV Injection

Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent for GDPR, CCPA & ePrivacy .This issue affects WP Cookie Consent for GDPR, CCPA & ePrivacy : from n/a through 2.2.5...

4CVSS7.2AI score0.00605EPSS
Exploits0References1
CVE
CVE
added 2023/11/07 3:48 p.m.43 views

CVE-2023-23678

CVE-2023-23678 affects the WordPress plugin WP Cookie Notice for GDPR/CCPA/ePrivacy (WP Cookie Consent). The issue is CSV Injection due to improper neutralization of formula elements in CSV files generated by the plugin up to version 2.2.5. A fix was released in 2.2.6. Remediation: upgrade to 2.2...

7.2CVSS7.5AI score0.00605EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/06/20 12:0 a.m.15 views

WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Plugin <= 2.2.5 is vulnerable to CSV Injection

Software WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Type Plugin Vulnerable versions = 2.2.5 Fixed in 2.2.6 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2023-23678 Patch priority Low CVSS severity Low 4 Developer Claim ownership PSID 204630e00285 Credits Rio Darmawan...

7.2CVSS6.9AI score0.00605EPSS
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2022/07/12 1:4 p.m.32 views

TikTok Postpones Privacy Policy Update in Europe After Italy Warns of GDPR Breach

Popular video-sharing platform TikTok on Tuesday agreed to pause a controversial privacy policy update that could have allowed it to serve targeted ads based on users' activity on the social video platform without their permission to do so. The reversal, reported by TechCrunch, comes a day after...

0.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/12/08 7:19 p.m.13 views

New German Government is Pro-Encryption and Anti-Backdoors

I hope this is true: According to Jens Zimmermann, the German coalition negotiations had made it "quite clear" that the incoming government of the Social Democrats SPD, the Greens and the business-friendly liberal FDP would reject "the weakening of encryption, which is being attempted under the...

2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/07/31 6:31 p.m.70 views

Onwards and Upwards: Our GDPR Journey and Looking Ahead

At Imperva, our world revolves around data security, data protection, and data privacy. From our newest recruits to the most seasoned members of the executive team, we believe that customer privacy is key. For the better part of the last two years, Imperva has laid the foundation for our complian...

1.6AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2018/06/08 1:47 p.m.6 views

This Week in Security News: HR and Heritage Hacks

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the details of 92 million accounts for MyHertitage were discovered on a private server outside of the company. Also, companies using service...

7.5AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2018/06/01 2:16 p.m.42 views

This Week in Security News: ePrivacy and Hack Back

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the Council of the European Union reviewed a bill dubbed the “ePrivacy” Regulation, which targets message-sharing services like WhatsApp and...

8.4AI score
Exploits0
Rows per page
Query Builder