CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1619 – GDPR Cookie Compliance < 4.15.7 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2025-1619
23 Feb 2025 — The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and includin... • https://wpscan.com/vulnerability/ae9bc19d-1634-4501-a258-8c56b2afee88 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1620 – GDPR Cookie Compliance < 4.15.7 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2025-1620
23 Feb 2025 — The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and includin... • https://wpscan.com/vulnerability/923db805-92e7-4489-8e57-374a19f817d7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1621 – GDPR Cookie Compliance < 4.15.7 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2025-1621
23 Feb 2025 — The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and includin... • https://wpscan.com/vulnerability/c30b9631-2024-4081-9cc5-8294a77c5ebb • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1622 – GDPR Cookie Compliance < 4.15.7 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2025-1622
23 Feb 2025 — The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and includin... • https://wpscan.com/vulnerability/7a903d61-2792-4fe0-a26b-f400f4a3124b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1623 – GDPR Cookie Compliance < 4.15.9 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2025-1623
23 Feb 2025 — The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and includin... • https://wpscan.com/vulnerability/40288fa0-50c6-4e13-9b92-968b060d3bf5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1624 – GDPR Cookie Compliance < 4.15.9 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2025-1624
23 Feb 2025 — The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and includin... • https://wpscan.com/vulnerability/2f4a402a-97f6-4638-9ce0-456ccd5606e9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •