Lucene search
K

5 matches found

NVD
NVD
added 7 hours ago4 views

CVE-2026-14475

The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

4.9CVSS
Exploits0References7
Cvelist
Cvelist
added 8 hours ago5 views

CVE-2026-14475 Cookie Banner for GDPR / CCPA <= 4.3.6 - Authenticated (Administrator+) SQL Injection via 'scan_id' Parameter

The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

4.9CVSS
Exploits0References7
CVE
CVE
added 8 hours ago4 views

CVE-2026-14475

The CVE-2026-14475 entry relates to the WordPress plugin “WPLP Cookie Consent” (GDPR/CCPA banner) with a SQL Injection vulnerability via the scan_id parameter in all versions up to 4.3.6. The root cause is insufficient escaping of the user-supplied parameter and inadequate preparation of the exis...

4.9CVSS6.1AI score
Exploits0References7
Patchstack
Patchstack
added 2026/04/16 9:36 a.m.8 views

WordPress Accessibility Suite by Ability, Inc plugin <= 4.20 - Authenticated (Subscriber+) SQL Injection via 'scan_id' Parameter vulnerability

Authenticated Subscriber+ SQL Injection via 'scanid' Parameter vulnerability discovered by Victor Pasman in WordPress Plugin Accessibility Suite versions = 4.20...

6.5CVSS6AI score0.00346EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.14 views

PT-2026-33268

Name of the Vulnerable Software and Affected Versions Accessibility Suite by Ability, Inc versions prior to 4.21 Description The Accessibility Suite by Ability, Inc plugin for WordPress contains a flaw allowing authenticated attackers with Subscriber-level access or higher to perform SQL Injectio...

6.5CVSS5.7AI score0.00346EPSS
Exploits0References7
Rows per page
Query Builder