cleantalk
Vulnerabilities and Security Researches

Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics, CVE-2026-25407

CVE, Research URL

CVE-2026-25407

Home page URL

Security reports for Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics

Application

Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics

Published on
Feb 19, 2026
Research Description
Missing Authorization vulnerability in cookiebot Cookiebot cookiebot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cookiebot: from n/a through <= 4.6.4.
Affected versions
max 4.6.4.
Status
vulnerable
Previous vulnerability researches
Modern Polls (CVE-2025-46466) , Apr 26, 2025
New vulnerability
Complianz &#8211; GDPR/CCPA Cookie Consent (CVE-2025-11185) , Feb 27, 2026
HurryTimer &#8211; An Scarcity and Urgency Countdown Timer for WordPress &amp; WooCommerce (CVE-2026-24392) , Feb 27, 2026
Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics (CVE-2026-25407) , Feb 27, 2026
WP Activity Log (CVE-2026-25331) , Feb 27, 2026
Yoast Duplicate Post (CVE-2019-25314) , Feb 27, 2026