cleantalk
Vulnerabilities and Security Researches

CookieYes – Cookie Banner for Cookie Consent (Easy to setup GDPR/CCPA Compliant Cookie Notice), CVE-2020-20633

CVE, Research URL

CVE-2020-20633

Home page URL

Security reports for CookieYes – Cookie Banner for Cookie Consent (Easy to setup GDPR/CCPA Compliant Cookie Notice)

Application

CookieYes – Cookie Banner for Cookie Consent (Easy to setup GDPR/CCPA Compliant Cookie Notice)

Published on
Aug 21, 2020
Research Description
ajax_policy_generator in admin/modules/cli-policy-generator/classes/class-policy-generator-ajax.php in GDPR Cookie Consent (cookie-law-info) 1.8.2 and below plugin for WordPress, allows authenticated stored XSS and privilege escalation.
Affected versions
Min -, max 1.8.3.
Status
vulnerable
Previous vulnerability researches
WP Cookie Law Info (CVE-2024-37557) , Jul 12, 2024
CookieYes – Cookie Banner for Cookie Consent (Easy to setup GDPR/CCPA Compliant Cookie Notice) , Feb 17, 2025
CookieYes – Cookie Banner for Cookie Consent (Easy to setup GDPR/CCPA Compliant Cookie Notice) (CVE-2020-20633) , Jun 07, 2024
New vulnerability
Wbcom Designs – Activity Link Preview For BuddyPress (CVE-2025-47548) , May 09, 2025
EasyMe Connect (CVE-2025-47609) , May 09, 2025
ELEX Product Feed for WooCommerce (CVE-2025-47643) , May 09, 2025
Meks Flexible Shortcodes (CVE-2025-47621) , May 09, 2025
Beds24 Online Booking (CVE-2025-47489) , May 09, 2025