Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wplegalpages — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting wplegalpages. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Wplegalpages is a WordPress plugin designed to help website owners create legal pages and documents. Historically, it has been vulnerable to multiple security issues including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation vulnerabilities. These flaws often stem from insufficient input validation and improper access controls. The plugin has accumulated 9 CVE records, with some vulnerabilities allowing attackers to execute arbitrary code or gain elevated privileges. While no major public incidents have been widely documented, the consistent pattern of security issues across multiple versions indicates ongoing challenges in secure development practices.

Top products by wplegalpages: Cookie Banner for GDPR / CCPA – WPLP Cookie Consent Privacy Policy Generator – WPLP Legal Pages
CVE IDTitleCVSSSeverityPublished
CVE-2025-11754 Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.1.2 - Missing Authorization to Sensitive Information Exposure — Cookie Banner for GDPR / CCPA – WPLP Cookie ConsentCWE-862 7.5 High2026-02-19
CVE-2025-14061 Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.0.7 - Missing Authorization to Unauthenticated Arbitrary Post Deletion — Cookie Banner for GDPR / CCPA – WPLP Cookie ConsentCWE-862 5.3 Medium2025-12-17
CVE-2025-11816 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.5.1 - Missing Authorization to Unauthenticated API Disconnect — Privacy Policy Generator – WPLP Legal PagesCWE-862 5.3 Medium2025-11-01
CVE-2025-8565 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.4.3 - Missing Authorization to Authenticated (Contributor+) Arbitrary Plugin Installation — Privacy Policy Generator – WPLP Legal PagesCWE-862 8.1 High2025-09-18
CVE-2024-12636 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.2.7 - Cross-Site Request Forgery — Privacy Policy Generator – WPLP Legal PagesCWE-352 4.3 Medium2024-12-25
CVE-2024-11724 Cookie Consent for WP – Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) <= 3.6.5 - Missing Authorization to Authenticated (Subscriber+) Whitelist Script — Cookie Banner for GDPR / CCPA – WPLP Cookie ConsentCWE-862 4.3 Medium2024-12-12
CVE-2024-4869 WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header — Cookie Banner for GDPR / CCPA – WPLP Cookie ConsentCWE-79 7.2 High2024-06-25
CVE-2024-3599 WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.0.2 - Missing Authorization to Unauthenticated Arbitrary Post Deletion — Cookie Banner for GDPR / CCPA – WPLP Cookie ConsentCWE-862 5.3 Medium2024-05-02
CVE-2023-4968 WPLegalPages <= 2.9.2 - Authenticated (Author+) Stored Cross-Site Scripting via Shortcode — Privacy Policy Generator – WPLP Legal PagesCWE-79 5.5 Medium2023-10-20

This page lists every published CVE security advisory associated with wplegalpages. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.