cleantalk
Vulnerabilities and Security Researches

tarteaucitron.js – Cookies legislation & GDPR, CVE-2021-36889

CVE, Research URL

CVE-2021-36889

Home page URL

Security reports for tarteaucitron.js – Cookies legislation & GDPR

Application

tarteaucitron.js – Cookies legislation & GDPR

Published on
Dec 21, 2021
Research Description
Multiple Stored Authenticated Cross-Site Scripting (XSS) vulnerabilities were discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin (versions <= 1.6).
Affected versions
Min -, max 1.6.1.
Status
vulnerable
Previous vulnerability researches
tarteaucitron.js &#8211; Cookies legislation &amp; GDPR (CVE-2025-4955) , Jun 30, 2025
tarteaucitron.js &#8211; Cookies legislation &amp; GDPR (CVE-2021-36889) , Jun 07, 2024
tarteaucitron.js &#8211; Cookies legislation &amp; GDPR (CVE-2021-36887) , Jun 07, 2024
New vulnerability
PT Project Notebooks &#8211; Take Meeting minutes, create budgets, track task management, and more (CVE-2025-5304) , Jun 30, 2025
WP SoundSystem (CVE-2025-6258) , Jun 30, 2025
Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes (CVE-2025-49973) , Jun 30, 2025
Post Carousel Slider for Elementor (CVE-2025-3863) , Jun 30, 2025
WP User Stylesheet Switcher (CVE-2025-52792) , Jun 30, 2025