Vulnerabilities > Really Simple Plugins > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-04 | CVE-2023-6498 | Cross-site Scripting vulnerability in Really-Simple-Plugins Complianz The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 6.5.5 due to insufficient input sanitization and output escaping. | 4.8 |
| 2023-08-17 | CVE-2023-31076 | Cross-site Scripting vulnerability in Really-Simple-Plugins Recipe Maker for Your Food Blog From ZIP Recipes Unauth. | 6.1 |
| 2023-03-27 | CVE-2023-1069 | Unspecified vulnerability in Really-Simple-Plugins Complianz The Complianz WordPress plugin before 6.4.2, Complianz Premium WordPress plugin before 6.4.2 do not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 5.4 |
| 2022-02-14 | CVE-2022-0193 | Unspecified vulnerability in Really-Simple-Plugins Complianz The Complianz WordPress plugin before 6.0.0 does not escape the s parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting | 6.1 |