Webtoffee Gdpr_cookie_consent
2 CVEs affecting Webtoffee Gdpr_cookie_consent. Latest disclosed: 2025-05-15. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-8286 | Medium | 6.5 | 2025-05-15 | The webtoffee-gdpr-cookie-consent WordPress plugin before 2.6.1 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in a… |
CVE-2024-8397 | Medium | 5.4 | 2025-05-15 | The webtoffee-gdpr-cookie-consent WordPress plugin before 2.6.1 does not properly sanitize and escape the IP headers when logging them, allowing visitors to co… |