8 matches found
CVE-2025-11754
The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gdpr/v1/settings' REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to retrieve sensitive plugin...
CVE-2025-11754
The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gdpr/v1/settings' REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to retrieve sensitive plugin...
CVE-2025-11754 Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.1.2 - Missing Authorization to Sensitive Information Exposure
The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gdpr/v1/settings' REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to retrieve sensitive plugin...
CVE-2025-11754 Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.1.2 - Missing Authorization to Sensitive Information Exposure
The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gdpr/v1/settings' REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to retrieve sensitive plugin...
CVE-2025-10588
The PixelYourSite – Your smart PIXEL TAG & API Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 11.1.2. This is due to missing or incorrect nonce validation on the adminEnableGdprAjax function. This makes it possible for unauthenticate...
CVE-2025-10588 PixelYourSite <= 11.1.2 – Cross-Site Request Forgery to GDPR Options Modification
The PixelYourSite – Your smart PIXEL TAG & API Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 11.1.2. This is due to missing or incorrect nonce validation on the adminEnableGdprAjax function. This makes it possible for unauthenticate...
CVE-2025-10588 PixelYourSite <= 11.1.2 – Cross-Site Request Forgery to GDPR Options Modification
The PixelYourSite – Your smart PIXEL TAG & API Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 11.1.2. This is due to missing or incorrect nonce validation on the adminEnableGdprAjax function. This makes it possible for unauthenticate...
PT-2025-43023
Name of the Vulnerable Software and Affected Versions PixelYourSite – Your smart PIXEL TAG & API Manager plugin for WordPress versions up to and including 11.1.2 Description The software is susceptible to Cross-Site Request Forgery CSRF. This is caused by a lack of, or incorrect, nonce validation...