Skip to main content

Wp Cookie Choice

1 CVEs product

Monthly

CVE-2021-24595 MEDIUM This Month

The Wp Cookie Choice WordPress plugin through 1.1.0 is lacking any CSRF check when saving its options, and do not escape them when outputting them in attributes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress XSS Wp Cookie Choice
NVD WPScan
CVSS 3.1
6.5
EPSS
0.5%
EPSS 1% CVSS 6.5
MEDIUM This Month

The Wp Cookie Choice WordPress plugin through 1.1.0 is lacking any CSRF check when saving its options, and do not escape them when outputting them in attributes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress XSS +1
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy