10 matches found
WordPress plugin reCaptcha by WebDesignBy 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CVE-2025-11754
The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gdpr/v1/settings' REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to retrieve sensitive plugin...
CVE-2025-11754
The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gdpr/v1/settings' REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to retrieve sensitive plugin...
CVE-2025-11754
The GDPR Cookie Consent plugin for WordPress (CVE-2025-11754) is vulnerable due to a missing capability check on the gdpr/v1/settings REST API endpoint in all versions up to and including 4.1.2. This allows unauthenticated attackers to retrieve sensitive plugin data, including API tokens, email a...
CVE-2025-11754 Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.1.2 - Missing Authorization to Sensitive Information Exposure
The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gdpr/v1/settings' REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to retrieve sensitive plugin...
CVE-2020-16097
On controllers running versions of v8.20 prior to vCR8.20.200221b distributed in v8.20.1093MR2, v8.10 prior to vGR8.10.179 distributed in v8.10.1211MR5, v8.00 prior to vGR8.00.165 Distributed in v8.00.1228MR6, v7.90 prior to vGR7.90.165 distributed in v7.90.1038MRX, v7.80 or earlier, It is possib...
Schema & Structured Data for WP & AMP < 1.27 - Contributor+ reCaptcha Key Update
Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check on the 'saswpreviewsformrender' function, allowing authenticated attackers, with contributor access and above, to modify the plugin's stored reCaptcha site and secret keys, potentially...
CVE-2020-16097
On controllers running versions of v8.20 prior to vCR8.20.200221b distributed in v8.20.1093MR2, v8.10 prior to vGR8.10.179 distributed in v8.10.1211MR5, v8.00 prior to vGR8.00.165 Distributed in v8.00.1228MR6, v7.90 prior to vGR7.90.165 distributed in v7.90.1038MRX, v7.80 or earlier, It is possib...
CVE-2020-16097
On controllers running versions of v8.20 prior to vCR8.20.200221b distributed in v8.20.1093MR2, v8.10 prior to vGR8.10.179 distributed in v8.10.1211MR5, v8.00 prior to vGR8.00.165 Distributed in v8.00.1228MR6, v7.90 prior to vGR7.90.165 distributed in v7.90.1038MRX, v7.80 or earlier, It is possib...
Design/Logic Flaw
On controllers running versions of v8.20 prior to vCR8.20.200221b distributed in v8.20.1093MR2, v8.10 prior to vGR8.10.179 distributed in v8.10.1211MR5, v8.00 prior to vGR8.00.165 Distributed in v8.00.1228MR6, v7.90 prior to vGR7.90.165 distributed in v7.90.1038MRX, v7.80 or earlier, It is possib...