gdpr_ccpa_compliance_%5C%26_cookie_consent_banner

gdpr_ccpa_compliance_\&_cookie_consent_banner

Source -

NVD

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2025-24591

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-8.8||HIGH

EPSS-0.25% / 48.68%

7 Day CHG~0.00%

Published-24 Jan, 2025 | 17:24

Updated-01 Apr, 2026 | 17:17

WordPress GDPR CCPA Compliance & Cookie Consent Banner plugin <= 2.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR CCPA Compliance Support: from n/a through <= 2.7.1.

Vendor-NinjaTeam

Product-gdpr_ccpa_compliance_\&_cookie_consent_banner GDPR CCPA Compliance Support

CWE ID-CWE-862

Missing Authorization

CVE-2024-5607

Assigner-Wordfence

View Details

Assigner-Wordfence

CVSS Score-5.4||MEDIUM

EPSS-0.26% / 49.91%

7 Day CHG~0.00%

Published-07 Jun, 2024 | 02:39

Updated-08 Apr, 2026 | 19:21

GDPR CCPA Compliance & Cookie Consent Banner <= 2.7.0 - Missing Authorization to Settings Update and Stored Cross-Site Scripting

The GDPR CCPA Compliance & Cookie Consent Banner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions named ajaxUpdateSettings() in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify the plugin's settings, update page content, send arbitrary emails and inject malicious web scripts.

Vendor-NinjaTeam

Product-gdpr_ccpa_compliance_\&_cookie_consent_banner GDPR CCPA Compliance & Cookie Consent Banner

CWE ID-CWE-862

Missing Authorization