Skip to main content

WPLP Cookie Consent EUVDEUVD-2026-41469

| CVE-2026-12920 MEDIUM
SQL Injection (CWE-89)
2026-07-03 Wordfence GHSA-64rj-8mhx-6c97
4.9
CVSS 3.1 · Vendor: Wordfence
Share

Severity by source

Vendor (Wordfence) PRIMARY
4.9 MEDIUM
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
4.9 MEDIUM

Admin panel is network-accessible (AV:N), but PR:H reflects mandatory administrator credentials; SQL injection yields database reads only, so I:N and A:N.

3.1 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (Wordfence).

CVSS VectorVendor: Wordfence

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Jul 03, 2026 - 01:58 vuln.today
CVE Published
Jul 03, 2026 - 01:28 cve.org
MEDIUM 4.9

DescriptionCVE.org

The Cookie Banner for GDPR / CCPA - WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 's' parameter in all versions up to, and including, 4.3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

AnalysisAI

SQL injection in the Cookie Banner for GDPR/CCPA - WPLP Cookie Consent WordPress plugin (all versions up to and including 4.3.5) enables authenticated administrators to append arbitrary SQL clauses to existing queries via the unescaped 's' search parameter in the admin data-request table interface. The vulnerable code spans at least four distinct query paths in class-wpl-data-req-table.php (lines 322, 377, 492, and 513), each failing to sanitize or properly prepare user-supplied input before use in database queries. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain WordPress admin credentials
Delivery
Authenticate to WP Admin panel
Exploit
Navigate to GDPR data-request table interface
Execution
Inject SQL payload via 's' search parameter
Impact
Extract sensitive database records via UNION-based injection

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid WordPress user account holding administrator-level privileges or higher (PR:H per CVSS vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 4.9 with vector AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N accurately reflects the primary tension in this vulnerability: the network-accessible attack surface and high confidentiality impact are substantially offset by the administrator-level privilege requirement (PR:H). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained WordPress administrator credentials - through phishing, credential stuffing, or insider threat - logs into the WP Admin panel and navigates to the GDPR data-request management table provided by the plugin. The attacker appends a SQL UNION SELECT payload to the 's' search parameter (e.g., injecting into the query at lines 322, 377, 492, or 513 of class-wpl-data-req-table.php), extracting sensitive records such as WordPress user hashes, email addresses, or stored PII from the database without triggering visible application errors. …
Remediation A code fix was committed to the plugin's WordPress Subversion repository under changeset 3593450 (https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3593450%40gdpr-cookie-consent&new=3593450%40gdpr-cookie-consent); however, the exact patched release version is not independently confirmed from available data - administrators should consult the Wordfence advisory at https://www.wordfence.com/threat-intel/vulnerabilities/id/572bfa82-92f5-4801-8710-0626ca563a6c and the WordPress plugin directory to identify the first released version incorporating this changeset, then upgrade immediately. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-41469 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy