CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
The iubenda WordPress plugin before 3.3.3 does does not have authorisation and CSRF in an AJAX action, and does not ensure that the options to be updated belong to the plugin as long as they are arrays. As a result, any...Show more |
1Iubenda 1Iubenda Cookie Law Solution Jun 17, 2026 May 13, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The iubenda-cookie-law-solution plugin before 2.3.5 for WordPress does not restrict URL sanitization to http protocols. |