Vulnerabilities and security researches forcookies-and-content-security-policy cookies-and-content-security-policy

Aug 20, 2025

CVE, Research URL: CVE-2025-51529
Home page URL: Security reports for Cookies and Content Security Policy
Application: Cookies and Content Security Policy
Date: Aug 19, 2025
Research Description: Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content Security Policy plugin through version 2.29 allows remote attackers to cause a denial of service (database server resource exhaustion) via unlimited database write operations to the wp_ajax_nopriv_cacsp_insert_consent_data endpoint.
Affected versions: Min -, max -.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: CVE-2023-40662
Home page URL: Security reports for Cookies and Content Security Policy
Application: Cookies and Content Security Policy
Date: Nov 30, 2023
Research Description: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jonk @ Follow me Darling Cookies and Content Security Policy.This issue affects Cookies and Content Security Policy: from n/a through 2.15.
Affected versions: Min -, max -.
Status: vulnerable