Accesspressthemes: >> Wp Cookie User Info >> 1.0.6 Security Vulnerabilities
The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the id GET parameter before using it in a SQL statement, when retrieving the setting to edit in the admin dashboard, leading to an authenticated SQL Injection
CVSS Score
7.2
EPSS Score
0.008
Published
2022-01-24