Text only | Text with Images

WordPress Community Forum

WordPress Support => WordPress Vulnerability => Topic started by: Kailash on Jun 15, 2022, 10:23 AM

Title: WordPress Real Cookie Banner plugin <= 2.18.1 - XSS Vulnerability
Post by: Kailash on Jun 15, 2022, 10:23 AM
WordPress Real Cookie Banner plugin <= 2.18.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Plugin name: Real Cookie Banner: GDPR (DSGVO) & ePrivacy Cookie Consent
Vulnerable versions: <= 2.18.1
Fixed in: 2.18.2
CVE ID: N/A
Classification: Cross Site Scripting (XSS)
Publicly disclosed: 2022-06-14

Vulnerability Details

Reflected Cross-Site Scripting (XSS) vulnerability discovered by WPScanTeam in WordPress Real Cookie Banner plugin (versions <= 2.18.1).

Solution

Update the WordPress Real Cookie Banner plugin to the latest available version (at least 2.18.2).

Plugin Link: https://wordpress.org/plugins/real-cookie-banner/
Text only | Text with Images