Cookieinformation Wp-Gdpr-Compliance vulnerabilities
2 known vulnerabilities affecting cookieinformation/wp-gdpr-compliance.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-6700P2HIGHCVSS 8.8ExploitedPoC≤ 2.0.222024-02-05
CVE-2023-6700 [HIGH] CWE-862 CVE-2023-6700: The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to arbitrary
The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to arbitrary option updates due to a missing capability check on its AJAX request handler in versions up to, and including, 2.0.22. This makes it possible for authenticated attackers, with subscriber-level access or higher, to edit arbitrary site options which can be u
nvd
CVE-2022-0147P3MEDIUMCVSS 6.1PoCfixed in 2.0.82022-03-14
CVE-2022-0147 [MEDIUM] CWE-79 CVE-2022-0147: The Cookie Information | Free GDPR Consent Solution WordPress plugin before 2.0.8 does not escape us
The Cookie Information | Free GDPR Consent Solution WordPress plugin before 2.0.8 does not escape user data before outputting it back in attributes in the admin dashboard, leading to a Reflected Cross-Site Scripting issue
nvd