Executive Summary

Informations
NameCVE-2019-16522First vendor Publication2019-10-16
VendorCveLast vendor Modification2019-10-16

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base ScoreNot DefinedAttack RangeNot Defined
Cvss Impact ScoreNot DefinedAttack ComplexityNot Defined
Cvss Expoit ScoreNot DefinedAuthenticationNot Defined
Calculate full CVSS 2.0 Vectors scores

Detail

The eu-cookie-law plugin through 3.0.6 for WordPress (aka EU Cookie Law (GDPR)) is susceptible to Stored XSS due to improper encoding of several configuration options in the admin area and the displayed cookie consent message. This affects Font Color, Background Color, and the Disable Cookie text. An attacker with high privileges can attack other users.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16522

Sources (Detail)

SourceUrl
MISC https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-0...
https://wordpress.org/plugins/eu-cookie-law/#developers

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2019-10-16 21:20:35
  • First insertion