VYPR

Easy Cookies Policy

by WordPress

CVEs (1)

  • CVE-2021-24405MedJul 6, 2021
    risk 0.46cvss 6.5epss 0.11

    The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check when saving its settings, allowing any authenticated users (such as subscriber) to change them. If users can't register, this can be done through CSRF. Furthermore, the cookie banner…