| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-14061 | Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.0.7 - Missing Authorization to Unauthenticated Arbitrary Post Deletion | wplegalpages | Cookie Banner for GDPR / CCPA – WPLP Cookie Consent | Medium | 5.3 | 2025-12-17 06:36:59 | Deep Dive |
| CVE-2024-11724 | Cookie Consent for WP – Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) <= 3.6.5 - Missing Authorization to Authenticated (Subscriber+) Whitelist Script | wplegalpages | Cookie Banner for GDPR / CCPA – WPLP Cookie Consent | Medium | 4.3 | 2024-12-12 06:46:35 | Deep Dive |
| CVE-2024-49220 | WordPress Cookie Scanner plugin <= 1.1 - CSRF to Stored XSS vulnerability | Nikel | Cookie Scanner | - | - | 2024-10-17 18:05:59 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-4869 | WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header | wplegalpages | Cookie Banner for GDPR / CCPA – WPLP Cookie Consent | High | 7.2 | 2024-06-25 23:35:08 | Deep Dive |