| CVE-2025-66080 | WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.3 - Broken Access Control vulnerability | WP Legal Pages | WP Cookie Notice for GDPR, CCPA & ePrivacy Consent | Medium | 5.3 | 2025-12-30 16:10:41 | Deep Dive |
| CVE-2025-66133 | WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.7 - Broken Access Control vulnerability | WP Legal Pages | WP Cookie Notice for GDPR, CCPA & ePrivacy Consent | Medium | 5.3 | 2025-12-16 08:12:55 | Deep Dive |
| CVE-2025-67554 | WordPress Cookie Notice & Compliance for GDPR / CCPA plugin <= 2.5.8 - Cross Site Scripting (XSS) vulnerability | Humanityco | Cookie Notice & Compliance for GDPR / CCPA | - | - | 2025-12-09 14:14:08 | Deep Dive |
| CVE-2025-11186 | Cookie Notice & Compliance for GDPR / CCPA <= 2.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | humanityco | Cookie Notice & Compliance for GDPR / CCPA | Medium | 6.4 | 2025-11-22 05:07:43 | Deep Dive |
| CVE-2025-66075 | WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.3 - Broken Access Control vulnerability | WP Legal Pages | WP Cookie Notice for GDPR, CCPA & ePrivacy Consent | Medium | 4.3 | 2025-11-21 12:29:57 | Deep Dive |
| CVE-2025-49390 | WordPress Cookie Notice & Consent plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability | christophrado | Cookie Notice & Consent | High | 7.1 | 2025-11-06 15:53:52 | Deep Dive |
| CVE-2025-12045 | Orbit Fox Companion <= 3.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Post Taxonomy | themeisle | Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More | Medium | 6.4 | 2025-11-04 11:19:28 | Deep Dive |
| CVE-2025-10874 | Orbit Fox < 3.0.2 - Author+ Server-Side Request Forgery | Unknown | Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More | 中危 | - | 2025-10-24 06:00:09 | Deep Dive |
| CVE-2025-10496 | Cookie Notice & Consent <= 1.6.5 - Unauthenticated Stored Cross-Site Scripting | christophrado | Cookie Notice & Consent | High | 7.2 | 2025-10-09 02:09:54 | Deep Dive |
| CVE-2025-58607 | WordPress Cookie Notice & Consent Banner for GDPR & CCPA Compliance Plugin <= 1.7.11 - Cross Site Scripting (XSS) Vulnerability | GDPR Info | Cookie Notice & Consent Banner for GDPR & CCPA Compliance | Medium | 6.5 | 2025-09-03 14:36:43 | Deep Dive |
| CVE-2025-49285 | WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 3.8.0 - Cross Site Request Forgery (CSRF) Vulnerability | WP Legal Pages | WP Cookie Notice for GDPR, CCPA & ePrivacy Consent | Medium | 4.3 | 2025-06-06 12:53:42 | Deep Dive |
| CVE-2025-31765 | WordPress GDPR Cookie Notice plugin <= 1.2.0 - Broken Access Control vulnerability | themeqx | GDPR Cookie Notice | Medium | 5.3 | 2025-04-01 14:51:17 | Deep Dive |
| CVE-2025-2205 | GDPR Cookie Compliance <= 4.15.6 - Authenticated (Admin+) Stored Cross-Site Scripting | mooveagency | GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice for CCPA, EU Cookie Law | Medium | 4.4 | 2025-03-12 03:21:27 | Deep Dive |
| CVE-2024-13849 | Cookie Notice Bar <= 1.3.0 - Authenticated (Administrator+) Stored Cross-Site Scripting | dcurasi | Cookie Notice Bar | Medium | 5.5 | 2025-02-20 09:21:37 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2022-3399 | Cookie Notice & Compliance for GDPR / CCPA <= 2.4.17.1 - Authenticated (Admin+) Stored Cross-Site Scripting | humanityco | Cookie Notice & Compliance for GDPR / CCPA | Medium | 4.4 | 2024-08-16 02:31:26 | Deep Dive |
| CVE-2023-47824 | WordPress Legal Pages Plugin <= 1.3.8 is vulnerable to Cross Site Request Forgery (CSRF) | wpWax | Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator | Medium | 5.4 | 2023-11-22 19:37:00 | Deep Dive |
| CVE-2023-41948 | WordPress Cookie Notice & Consent Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS) | Christoph Rado | Cookie Notice & Consent | Medium | 5.9 | 2023-09-25 00:36:51 | Deep Dive |
| CVE-2023-32294 | WordPress GDPR Cookie Consent Notice Box Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS) | Radical Web Design | GDPR Cookie Consent Notice Box | Medium | 5.9 | 2023-08-30 15:00:18 | Deep Dive |
| CVE-2023-23894 | WordPress Surbma | GDPR Proof Cookie Consent & Notice Bar Plugin <= 17.5.3 is vulnerable to Cross Site Scripting (XSS) | Surbma | Surbma | GDPR Proof Cookie Consent & Notice Bar | Medium | 6.5 | 2023-05-08 21:57:06 | Deep Dive |