VYPR

Cookie Bar

by Oveleon

CVEs (2)

  • CVE-2023-49836MedDec 14, 2023
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brontobytes Cookie Bar allows Stored XSS.This issue affects Cookie Bar: from n/a through 2.0.

  • CVE-2021-24653Oct 25, 2021
    risk 0.00cvss epss 0.01

    The Cookie Bar WordPress plugin before 1.8.9 doesn't properly sanitise the Cookie Bar Message setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed