Cross-site Scripting Vulnerability in WP Cookie Consent by WordPress
CVE-2025-46525
5.9MEDIUM
What is CVE-2025-46525?
A stored Cross-site Scripting (XSS) vulnerability exists in the WP Cookie Consent plugin, allowing malicious users to inject harmful scripts into web pages. This issue impacts users of WP Cookie Consent from its initial release up to version 1.0. When exploited, the vulnerability can lead to unauthorized data access, session hijacking, or the distribution of malware, posing significant risks to website integrity and user safety.
Affected Version(s)
WP Cookie Consent <= 1.0