Vulnerabilities > EU Cookie LAW Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-23 | CVE-2022-3811 | Unspecified vulnerability in EU Cookie LAW Project EU Cookie LAW The EU Cookie Law for GDPR/CCPA WordPress plugin through 3.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | 4.8 |
2019-10-16 | CVE-2019-16522 | Cross-site Scripting vulnerability in EU Cookie LAW Project EU Cookie LAW The eu-cookie-law plugin through 3.0.6 for WordPress (aka EU Cookie Law (GDPR)) is susceptible to Stored XSS due to improper encoding of several configuration options in the admin area and the displayed cookie consent message. | 4.8 |