WordPress EU Cookie Law plugin <= 3.0.6 - Stored Cross-Site Scripting (XSS) vulnerability
- EU Cookie Law (GDPR)
- Stored Cross-Site Scripting (XSS) vulnerability found by Tobias Fink (SBA Research) in WordPress EU Cookie Law plugin (versions <= 3.0.6).
- 17 October 2019 - we were unable to find a patched version of this plugin.
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
- Name CVE-2019-16522
- Disclosure date
- Tobias Fink (SBA Research)