CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Ninjateam: >> Gdpr Ccpa Compliance & Cookie Consent Banner >> 1.6.1 Security Vulnerabilities

CVE-2025-24591

Missing Authorization vulnerability in NinjaTeam GDPR CCPA Compliance Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GDPR CCPA Compliance Support: from n/a through 2.7.1.

CVSS Score

4.3

EPSS Score

0.001

Published

2025-01-24

CVE-2024-5607

The GDPR CCPA Compliance & Cookie Consent Banner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions named ajaxUpdateSettings() in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify the plugin's settings, update page content, send arbitrary emails and inject malicious web scripts.

CVSS Score

5.4

EPSS Score

0.001

Published

2024-06-07

Page 1

Vulnerabilities

Vulnerable Software

Ninjateam: >> Gdpr Ccpa Compliance & Cookie Consent Banner >> 1.6.1 Security Vulnerabilities

Products

Pricing

Contact Us