Mooveagency

Gdpr Cookie Compliance

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2025-1623

Exploit
  • EPSS 0.09%
  • Veröffentlicht 16.03.2025 06:15:13
  • Zuletzt bearbeitet 02.04.2025 12:32:24

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability...

3.5

CVE-2025-1624

Exploit
  • EPSS 0.09%
  • Veröffentlicht 16.03.2025 06:15:13
  • Zuletzt bearbeitet 02.04.2025 12:32:04

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability...

4.8

CVE-2025-1619

Exploit
  • EPSS 0.09%
  • Veröffentlicht 16.03.2025 06:15:12
  • Zuletzt bearbeitet 02.04.2025 12:33:33

The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability...

4.8

CVE-2025-1620

Exploit
  • EPSS 0.09%
  • Veröffentlicht 16.03.2025 06:15:12
  • Zuletzt bearbeitet 02.04.2025 12:33:26

The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability...

4.8

CVE-2025-1621

Exploit
  • EPSS 0.09%
  • Veröffentlicht 16.03.2025 06:15:12
  • Zuletzt bearbeitet 02.04.2025 12:33:10

The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability...

3.5

CVE-2025-1622

  • EPSS 0.08%
  • Veröffentlicht 16.03.2025 06:15:12
  • Zuletzt bearbeitet 02.04.2025 12:32:52

The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability...

4.8

CVE-2025-2205

Exploit
  • EPSS 0.14%
  • Veröffentlicht 12.03.2025 03:21:26
  • Zuletzt bearbeitet 08.07.2025 15:38:59

The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.15.6 due to insufficient input ...

6.5

CVE-2023-4013

Exploit
  • EPSS 0.19%
  • Veröffentlicht 30.08.2023 15:15:09
  • Zuletzt bearbeitet 23.04.2025 17:16:40

The GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) WordPress plugin before 4.12.5 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CS...

4.3

CVE-2019-25143

Exploit
  • EPSS 0.03%
  • Veröffentlicht 07.06.2023 02:15:10
  • Zuletzt bearbeitet 21.11.2024 04:39:58

The GDPR Cookie Compliance plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the gdpr_cookie_compliance_reset_settings AJAX action in versions up to, and including, 4.0.2. This makes it possible for authe...