CVE-2025-14061

CVE-2025-14061 – WP Cookie Consent (Cookie Banner, GDPR/CCPA consent) for WordPress : Unauthenticated attackers can modify data and permanently delete arbitrary posts, pages, attachments, and other post types by ID due to a missing capability check in gdpr_delete_policy_data. Affected versions: a...

EUVD-2025-12002

Malicious code in bioql PyPI...

EUVD-2023-27765

Malicious code in bioql PyPI...

CVE-2023-23678

Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent for GDPR, CCPA & ePrivacy .This issue affects WP Cookie Consent for GDPR, CCPA & ePrivacy : from n/a through 2.2.5...

CVE-2025-46525

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in msmitley WP Cookie Consent wp-cookie-consent allows Stored XSS.This issue affects WP Cookie Consent: from n/a through = 1.0...

CVE-2025-46525

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in msmitley WP Cookie Consent wp-cookie-consent allows Stored XSS.This issue affects WP Cookie Consent: from n/a through = 1.0...

CVE-2025-46525 WordPress WP Cookie Consent plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in msmitley WP Cookie Consent wp-cookie-consent allows Stored XSS.This issue affects WP Cookie Consent: from n/a through = 1.0...

CVE-2025-46525 WordPress WP Cookie Consent plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in msmitley WP Cookie Consent wp-cookie-consent allows Stored XSS.This issue affects WP Cookie Consent: from n/a through = 1.0...

CVE-2025-46525

CVE-2025-46525 (WP Cookie Consent) : The vulnerability is an stored XSS caused by improper input neutralization during web page generation in the WordPress plugin WP Cookie Consent (affected: versions 1.0 and earlier). Root cause per sources: improper neutralization of input leading to Cross-site...

PT-2025-17829 · Msmitley · Wp Cookie Consent

Name of the Vulnerable Software and Affected Versions: msmitley WP Cookie Consent versions 1.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS attacks. This means that an attacker can inject malicious script...

CVE-2024-4869

The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...

CVE-2024-4869 WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header

The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...

CVE-2024-3599 WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.0.2 - Missing Authorization to Unauthenticated Arbitrary Post Deletion

The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the gdprpolicyprocessdelete function in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to delete...

PT-2024-26827 · WordPress · Wp Cookie Consent

Name of the Vulnerable Software and Affected Versions: WP Cookie Consent plugin for WordPress versions up to, and including, 3.0.2 Description: The issue is related to a missing capability check on the gdpr policy process delete function, which allows unauthorized loss of data. This makes it...

CVE-2023-23678

Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent for GDPR, CCPA & ePrivacy .This issue affects WP Cookie Consent for GDPR, CCPA & ePrivacy : from n/a through 2.2.5...

Input validation

Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent for GDPR, CCPA & ePrivacy .This issue affects WP Cookie Consent for GDPR, CCPA & ePrivacy : from n/a through 2.2.5...

CVE-2023-23678

CVE-2023-23678 affects the WordPress plugin WP Cookie Notice for GDPR/CCPA/ePrivacy (WP Cookie Consent). The issue is CSV Injection due to improper neutralization of formula elements in CSV files generated by the plugin up to version 2.2.5. A fix was released in 2.2.6. Remediation: upgrade to 2.2...

PT-2023-19121 · Wpekaclub · Wpekaclub Wp Cookie Consent

Name of the Vulnerable Software and Affected Versions: WPEkaClub WP Cookie Consent for GDPR, CCPA & ePrivacy versions through 2.2.5 Description: The issue is related to improper neutralization of formula elements in a CSV file. This affects the WP Cookie Consent plugin for GDPR, CCPA, and ePrivac...