| CVE-2025-47704 | Klaro Cookie & Consent Management - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-050 | Drupal | Klaro Cookie & Consent Management | - | - | 2025-05-14 17:02:10 | Deep Dive |
| CVE-2025-46525 | WordPress WP Cookie Consent plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability | msmitley | WP Cookie Consent | Medium | 5.9 | 2025-04-24 16:09:16 | Deep Dive |
| CVE-2025-2205 | GDPR Cookie Compliance <= 4.15.6 - Authenticated (Admin+) Stored Cross-Site Scripting | mooveagency | GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice for CCPA, EU Cookie Law | Medium | 4.4 | 2025-03-12 03:21:27 | Deep Dive |
| CVE-2025-25113 | WordPress Implied Cookie Consent plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability | Senktec | Implied Cookie Consent | High | 7.1 | 2025-03-03 13:30:24 | Deep Dive |
| CVE-2025-23501 | WordPress Cookie Consent & Autoblock for GDPR/CCPA plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability | SpruceJoy | Cookie Consent & Autoblock for GDPR/CCPA | High | 7.1 | 2025-01-16 20:06:08 | Deep Dive |
| CVE-2024-11724 | Cookie Consent for WP – Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) <= 3.6.5 - Missing Authorization to Authenticated (Subscriber+) Whitelist Script | wplegalpages | Cookie Banner for GDPR / CCPA – WPLP Cookie Consent | Medium | 4.3 | 2024-12-12 06:46:35 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-4869 | WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header | wplegalpages | Cookie Banner for GDPR / CCPA – WPLP Cookie Consent | High | 7.2 | 2024-06-25 23:35:08 | Deep Dive |
| CVE-2024-35692 | WordPress GDPR/CCPA Cookie Consent Banner plugin <= 3.2 - Broken Access Control vulnerability | Termly | Cookie Consent | Medium | 5.3 | 2024-06-11 09:21:00 | Deep Dive |
| CVE-2024-5607 | GDPR CCPA Compliance & Cookie Consent Banner <= 2.7.0 - Missing Authorization to Settings Update and Stored Cross-Site Scripting | ninjateam | GDPR CCPA Compliance & Cookie Consent Banner | Medium | 5.4 | 2024-06-07 02:39:29 | Deep Dive |
| CVE-2024-3599 | WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.0.2 - Missing Authorization to Unauthenticated Arbitrary Post Deletion | wplegalpages | Cookie Banner for GDPR / CCPA – WPLP Cookie Consent | Medium | 5.3 | 2024-05-02 16:52:03 | Deep Dive |
| CVE-2024-1592 | Complianz – GDPR/CCPA Cookie Consent <= 6.5.6 - Cross-Site Request Forgery to Data Request Deletion | complianz | Complianz – GDPR/CCPA Cookie Consent | Medium | 4.3 | 2024-03-02 06:46:20 | Deep Dive |
| CVE-2023-6700 | Cookie Information | Free GDPR Consent Solution <= 2.0.22 - Authenticated (Subscriber+) Arbitrary Options Update | cookieinformation | Cookie Information | Free GDPR Consent Solution | High | 8.8 | 2024-02-05 21:21:42 | Deep Dive |
| CVE-2023-6498 | Complianz | GDPR/CCPA Cookie Consent <= 6.5.5 - Authenticated(Administrator+) Stored Cross-site Scripting via settings | complianz | Complianz – GDPR/CCPA Cookie Consent | Medium | 4.4 | 2024-01-04 03:30:12 | Deep Dive |
| CVE-2023-49191 | WordPress GDPR Cookie Consent by Supsystic Plugin <= 2.1.2 is vulnerable to Cross Site Scripting (XSS) | Supsystic | GDPR Cookie Consent by Supsystic | Medium | 5.9 | 2023-12-15 15:13:36 | Deep Dive |
| CVE-2023-23678 | WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Plugin <= 2.2.5 is vulnerable to CSV Injection | WPEkaClub | WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) | 高危 | - | 2023-11-07 15:48:28 | Deep Dive |
| CVE-2023-41948 | WordPress Cookie Notice & Consent Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS) | Christoph Rado | Cookie Notice & Consent | Medium | 5.9 | 2023-09-25 00:36:51 | Deep Dive |
| CVE-2023-32294 | WordPress GDPR Cookie Consent Notice Box Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS) | Radical Web Design | GDPR Cookie Consent Notice Box | Medium | 5.9 | 2023-08-30 15:00:18 | Deep Dive |
| CVE-2023-4013 | GDPR Cookie Compliance < 4.12.5 - License Update/Deactivation via CSRF | Unknown | GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) | 中危 | - | 2023-08-30 14:22:02 | Deep Dive |
| CVE-2023-3388 | Beautiful Cookie Consent Banner <= 2.10.1 - Unauthenticated Stored Cross-Site Scripting | nikelschubert | Beautiful Cookie Consent Banner | High | 7.2 | 2023-06-24 02:00:19 | Deep Dive |