Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-15258

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00266EPSS
Exploits1References3
NVD
NVD
added 2025/05/15 8:15 p.m.7 views

CVE-2024-8397

The webtoffee-gdpr-cookie-consent WordPress plugin before 2.6.1 does not properly sanitize and escape the IP headers when logging them, allowing visitors to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the 'Consent report' page and the malicious...

5.4CVSS0.00266EPSS
Exploits1References1
NVD
NVD
added 2025/05/15 8:15 p.m.6 views

CVE-2024-8286

The webtoffee-gdpr-cookie-consent WordPress plugin before 2.6.1 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting visit logs via CSRF attacks...

6.5CVSS0.00182EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/15 12:0 a.m.6 views

PT-2025-21519 · Unknown · Webtoffee-Gdpr-Cookie-Consent

Name of the Vulnerable Software and Affected Versions: webtoffee-gdpr-cookie-consent versions prior to 2.6.1 Description: The issue allows visitors to conduct Stored Cross-Site Scripting attacks due to improper sanitization and escaping of IP headers when logging them. The payload is triggered wh...

5.4CVSS5.2AI score0.00266EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/05/15 12:0 a.m.8 views

PT-2025-21518 · Unknown · Webtoffee-Gdpr-Cookie-Consent

Name of the Vulnerable Software and Affected Versions: webtoffee-gdpr-cookie-consent versions prior to 2.6.1 Description: The issue concerns the lack of CSRF checks in some bulk actions, which could allow attackers to make logged-in admins perform unwanted actions, such as deleting visit logs via...

6.5CVSS6.4AI score0.00182EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.4 views

WordPress plugin webtoffee-gdpr-cookie-consent 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.4AI score0.00182EPSS
Exploits1References1
Rows per page
Query Builder