Skip to main content

Beautiful Cookie Consent Banner

2 CVEs product

Monthly

CVE-2023-3388 HIGH POC PATCH THREAT Act Now

The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via the 'nsc_bar_content_href' parameter in versions up to, and including, 2.10.1 due to insufficient. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 59.1%.

XSS WordPress Beautiful Cookie Consent Banner
NVD VulDB
CVSS 3.1
7.2
EPSS
59.1%
Threat
4.7
CVE-2022-3823 MEDIUM This Month

The Beautiful Cookie Consent Banner WordPress plugin before 2.9.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Beautiful Cookie Consent Banner
NVD WPScan
CVSS 3.1
4.8
EPSS
0.5%
EPSS 59% 4.7 CVSS 7.2
HIGH POC PATCH THREAT Act Now

The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via the 'nsc_bar_content_href' parameter in versions up to, and including, 2.10.1 due to insufficient. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 59.1%.

XSS WordPress Beautiful Cookie Consent Banner
NVD VulDB
EPSS 0% CVSS 4.8
MEDIUM This Month

The Beautiful Cookie Consent Banner WordPress plugin before 2.9.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Beautiful Cookie Consent Banner
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy