Skip to main content

Easy Cookies Policy

1 CVEs product

Monthly

CVE-2021-24405 MEDIUM POC THREAT This Month

The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check when saving its settings, allowing any authenticated users (such as subscriber) to change them. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress XSS Authentication Bypass Easy Cookies Policy
NVD WPScan Exploit-DB
CVSS 3.1
6.5
EPSS
10.7%
EPSS 11% CVSS 6.5
MEDIUM POC THREAT This Month

The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check when saving its settings, allowing any authenticated users (such as subscriber) to change them. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress XSS +2
NVD WPScan Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy