CVE-2025-11186 | Cookie Notice & Compliance for GDPR CCPA Plugin up to 2.5.8 on WordPress Shortcode cookies_accepted cross site scripting

Inserito da Angelo Barbosa | Nov 21, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in Cookie Notice & Compliance for GDPR CCPA Plugin up to 2.5.8 on WordPress. Affected by this issue is the function cookies_accepted of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-11186. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-11186 | Cookie Notice & Compliance for GDPR CCPA Plugin up to 2.5.8 on WordPress Shortcode cookies_accepted cross site scripting

Post correlati

CVE-2023-51070 | QStar Archive Solutions 3-0 Build 7 Patch 0 SMB Setting access control

CVE-2023-35867 | Bosch BVMS API Answer unknown vulnerability

CVE-2024-48837 | Dell SmartFabric OS10 Software 10.5.4.x/10.5.5.x/10.5.6.x unnecessary privileges (dsa-2024-425)

CVE-2024-49377 | OctoPrint up to 1.10.2 cross site scripting (GHSA-xvxq-g8hw-fx4g)