Vulnerabilities > HU Manity

DATE CVE VULNERABILITY TITLE RISK
2023-05-07 CVE-2023-24400 Unspecified vulnerability in Hu-Manity Cookie Notice & Compliance for Gdpr / Ccpa
Auth.
network
low complexity
hu-manity
5.4
2023-03-27 CVE-2023-0823 Unspecified vulnerability in Hu-Manity Cookie Notice & Compliance for Gdpr / Ccpa
The Cookie Notice & Compliance for GDPR / CCPA WordPress plugin before 2.4.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
network
low complexity
hu-manity
5.4
2021-09-27 CVE-2021-24569 Unspecified vulnerability in Hu-Manity Cookie Notice & Compliance for Gdpr / Ccpa
The Cookie Notice & Compliance for GDPR / CCPA WordPress plugin before 2.1.2 does not escape the value of its Button Text setting when outputting it in an attribute in the frontend, allowing high privilege users such as admin to perform Cross-Site Scripting even when the unfiltered_html capability is disallowed.
network
low complexity
hu-manity
4.8