Iubenda Iubenda-cookie-law-solution — known CVE vulnerabilities
Every CVE whose affected-product data names Iubenda Iubenda-cookie-law-solution, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-3911 — CVSS 8.8 (high): The iubenda WordPress plugin before 3.3.3 does does not have authorisation and CSRF in an AJAX action, and does not ensure that the options…
CVE-2020-12742 — CVSS 6.1 (medium): The iubenda-cookie-law-solution plugin before 2.3.5 for WordPress does not restrict URL sanitization to http protocols.