Vulnerabilities > Really Simple Plugins > Complianz
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-04 | CVE-2023-6498 | Cross-site Scripting vulnerability in Really-Simple-Plugins Complianz The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 6.5.5 due to insufficient input sanitization and output escaping. | 4.8 |
| 2023-11-30 | CVE-2023-33333 | Unspecified vulnerability in Really-Simple-Plugins Complianz Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Scripting (XSS).This issue affects Complianz: from n/a through 6.4.4; Complianz Premium: from n/a through 6.4.6.1. | 8.8 |
| 2023-11-30 | CVE-2023-34030 | Unspecified vulnerability in Really-Simple-Plugins Complianz 6.4.7 Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Request Forgery.This issue affects Complianz: from n/a through 6.4.5; Complianz Premium: from n/a through 6.4.7. | 8.8 |
| 2023-03-27 | CVE-2023-1069 | Unspecified vulnerability in Really-Simple-Plugins Complianz The Complianz WordPress plugin before 6.4.2, Complianz Premium WordPress plugin before 6.4.2 do not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 5.4 |
| 2022-11-07 | CVE-2022-3494 | Unspecified vulnerability in Really-Simple-Plugins Complianz The Complianz WordPress plugin before 6.3.4, and Complianz Premium WordPress plugin before 6.3.6 allow a translators to inject arbitrary SQL through an unsanitized translation. | 8.8 |
| 2022-02-14 | CVE-2022-0193 | Unspecified vulnerability in Really-Simple-Plugins Complianz The Complianz WordPress plugin before 6.0.0 does not escape the s parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting | 6.1 |