CVE-2021-24405
The CVE-2021-24405 entry applies to the WordPress plugin Easy Cookies Policy up to version 1.6.2. The vulnerability stems from missing CSRF protection and lack of sanitisation/validation when saving settings, enabling any authenticated user (e.g., subscriber) to alter the cookie banner configurat...