Vulnerabilities and security researches forlegal-pages legal-pages

Jun 07, 2024

CVE, Research URL: CVE-2024-32451
Home page URL: Security reports for Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Application: Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Date: Apr 15, 2024
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in wpWax Legal Pages.This issue affects Legal Pages: from n/a through 1.4.2.
Affected versions: max 1.3.9.
Status: vulnerable

CVE, Research URL: 084dab8c7b45c08dac1d8e949f0312502db1625f
Home page URL: Security reports for Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Application: Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Date: Aug 21, 2015
Research Description: Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator [legal-pages] < 1.3.9 WordPress Legal Pages Plugin <= 1.0.1 - Cross Site Scripting (XSS) Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Update the plugin.
Affected versions: max 1.3.9.
Status: vulnerable

CVE, Research URL: CVE-2023-47824
Home page URL: Security reports for Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Application: Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Date: Nov 23, 2023
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in wpWax Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator plugin <= 1.3.8 versions.
Affected versions: max 1.3.9.
Status: vulnerable

CVE, Research URL: CVE-2023-50886
Home page URL: Security reports for Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Application: Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Date: Mar 15, 2024
Research Description: Cross-Site Request Forgery (CSRF), Incorrect Authorization vulnerability in wpWax Legal Pages.This issue affects Legal Pages: from n/a through 1.3.7.
Affected versions: max 1.3.8.
Status: vulnerable

May 21, 2025

CVE, Research URL: CVE-2025-48242
Home page URL: Security reports for Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Application: Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Date: May 19, 2025
Research Description: Missing Authorization vulnerability in wpWax Legal Pages allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Legal Pages: from n/a through 1.4.5.
Affected versions: max 1.4.6.
Status: vulnerable

Dec 11, 2025

CVE, Research URL: CVE-2025-66077
Home page URL: Security reports for Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Application: Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Date: Nov 21, 2025
Research Description: Missing Authorization vulnerability in wpWax Legal Pages legal-pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Legal Pages: from n/a through <= 1.4.6.
Affected versions: max 1.4.6.
Status: vulnerable