cleantalk
Vulnerabilities and Security Researches

Real Cookie Banner: GDPR & ePrivacy Cookie Consent, CVE-2025-1485

CVE, Research URL

CVE-2025-1485

Home page URL

Security reports for Real Cookie Banner: GDPR & ePrivacy Cookie Consent

Application

Real Cookie Banner: GDPR & ePrivacy Cookie Consent

Published on
Jun 02, 2025
Research Description
The Real Cookie Banner: GDPR & ePrivacy Cookie Consent WordPress plugin before 5.1.6, real-cookie-banner-pro WordPress plugin before 5.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Affected versions
Min -, max 5.1.6.
Status
vulnerable
Previous vulnerability researches
Able Player, accessible HTML5 media player (CVE-2025-46475) , Apr 26, 2025
Able Player, accessible HTML5 media player (CVE-2025-3752) , May 02, 2025
New vulnerability
MaxiBlocks Free Page Builder & Template Library (CVE-2025-47601) , Jun 06, 2025
MetalpriceAPI (CVE-2025-48140) , Jun 05, 2025
Broken Link Checker (CVE-2025-4047) , Jun 05, 2025
Staff Directory – Employee Directory for WordPress (CVE-2025-5531) , Jun 05, 2025
Faculty Staff and Student Directory Plugin – Campus Directory (CVE-2025-5532) , Jun 05, 2025