Skip to main content

WPLP Cookie Consent CVE-2026-14475

| EUVDEUVD-2026-42844 MEDIUM
SQL Injection (CWE-89)
2026-07-10 Wordfence GHSA-4x73-55x9-5rm2
4.9
CVSS 3.1 · Vendor: Wordfence
Share

Severity by source

Vendor (Wordfence) PRIMARY
4.9 MEDIUM
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
4.9 MEDIUM

Admin panel is network-accessible (AV:N), requires no special conditions (AC:L), demands administrator credentials (PR:H), and enables read-only database extraction with no integrity or availability impact.

3.1 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (Wordfence).

CVSS VectorVendor: Wordfence

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Jul 10, 2026 - 09:21 vuln.today
CVE Published
Jul 10, 2026 - 07:48 cve.org
MEDIUM 4.9

DescriptionCVE.org

The Cookie Banner for GDPR / CCPA - WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scan_id' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

AnalysisAI

SQL Injection in the Cookie Banner for GDPR/CCPA - WPLP Cookie Consent WordPress plugin (versions up to and including 4.3.6) enables authenticated administrators to append arbitrary SQL to existing queries via the unsanitized 'scan_id' parameter in the cookie scanner module. Exploitation is constrained to administrator-level accounts (PR:H per CVSS vector), making this a privileged read-only database extraction flaw rather than a broad remote attack surface. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain admin credentials (phishing or credential stuffing)
Delivery
Authenticate to wp-admin panel
Exploit
Craft malicious scan_id AJAX request
Execution
Append SQL UNION payload to cookie scanner query
Impact
Extract WordPress database contents

Vulnerability AssessmentAI

Exploitation Exploitation requires an authenticated WordPress session with administrator-level privileges (role: administrator or above). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 4.9 (Medium) accurately reflects the constrained real-world risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with a compromised or rogue WordPress administrator account authenticates to the wp-admin panel, then submits a crafted AJAX request to the cookie scanner module with a malformed 'scan_id' value containing appended SQL syntax (e.g., UNION SELECT payloads). The unsanitized parameter is interpolated directly into the running query, allowing the attacker to retrieve arbitrary table contents - including WordPress user hashes, plugin configuration, or stored consent records - from the underlying MySQL database. …
Remediation Upstream fix available (PR/commit); released patched version not independently confirmed. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-14475 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy