Vulnerability Details CVE-2021-24590
The Cookie Notice & Consent Banner for GDPR & CCPA Compliance WordPress plugin before 1.7.2 does not properly sanitize inputs to prevent injection of arbitrary HTML within the plugin's design customization options.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.1%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2021-24590
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:-
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.0.0
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.1.0
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.2.0
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.3.0
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.4.0
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.4.1
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.5.1
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.6.1
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.6.2
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.6.3
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.6.4
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.6.5
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.6.6
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.6.7
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.6.8
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.6.9
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.7.0
-
cpe:2.3:a:gdprinfo:cookie_notice_&_consent_banner_for_gdpr_&_ccpa_compliance:1.7.1