cleantalk
Vulnerabilities and Security Researches

Cookie Notice & Compliance for GDPR / CCPA, CVE-2025-67554

CVE, Research URL

CVE-2025-67554

Home page URL

Security reports for Cookie Notice & Compliance for GDPR / CCPA

Application

Cookie Notice & Compliance for GDPR / CCPA

Published on
Dec 09, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Humanityco Cookie Notice & Compliance for GDPR / CCPA cookie-notice allows Stored XSS.This issue affects Cookie Notice & Compliance for GDPR / CCPA: from n/a through <= 2.5.8.
Affected versions
max 2.5.9.
Status
vulnerable
Previous vulnerability researches
Product Category Showcase for WooCommerce (667fdaf13fdec4b024da541ed2dc18942c8e265d) , Jun 06, 2024
Product Category Showcase for WooCommerce (CVE-2022-47150) , Jun 13, 2026
New vulnerability
Total Upkeep – WordPress Backup Plugin plus Restore &amp; Migrate by BoldGrid (CVE-2020-36848) , Jun 13, 2026
POST SMTP &#8211; The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications (CVE-2025-67563) , Jun 13, 2026
POST SMTP &#8211; The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications (CVE-2025-12887) , Jun 13, 2026
POST SMTP &#8211; The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications (CVE-2023-33999) , Jun 13, 2026
Ultimate Post Kit Addons For Elementor &#8211; (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post (CVE-2023-33999) , Jun 13, 2026