VYPR
Vendor

Complianz

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2026-4019MedApr 29, 2026
    risk 0.27cvss 5.3epss 0.00

    The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to unauthorized data access in all versions up to, and including, 7.4.5 This is due to the REST API endpoint at /wp-json/complianz/v1/consent-area/{post_id}/{block_id} using __return_true as the…

  • CVE-2026-2389MedMar 26, 2026
    risk 0.25cvss 4.9epss 0.00

    The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 7.4.4.2. This is due to the `revert_divs_to_summary` function replacing `”` HTML entities with literal double-quote characters…

  • CVE-2025-1624Mar 16, 2025
    risk 0.00cvss epss 0.00

    The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example…

  • CVE-2025-1623Mar 16, 2025
    risk 0.00cvss epss 0.00

    The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example…

  • CVE-2025-1619Mar 16, 2025
    risk 0.00cvss epss 0.00

    The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example…

  • CVE-2025-2205Mar 12, 2025
    risk 0.00cvss epss 0.00

    The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.15.6 due to insufficient input sanitization and output…