← Back

Wp Cookie Choice

wp_cookie_choice

Vendor: Wp Cookie Choice Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-24595
1Wp Cookie Choice Project
1Wp Cookie Choice
Jun 17, 2026
Oct 18, 2021
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
The Wp Cookie Choice WordPress plugin through 1.1.0 is lacking any CSRF check when saving its options, and do not escape them when outputting them in attributes. As a result, an attacker could make a logged in admin chan...Show more
The Wp Cookie Choice WordPress plugin through 1.1.0 is lacking any CSRF check when saving its options, and do not escape them when outputting them in attributes. As a result, an attacker could make a logged in admin change them to arbitrary values including XSS payloads via a CSRF attack.Show less