Search Results | AttackerKB

5 Total Results

Displaying 1-5 of 5

Attacker Value

Unknown

CVE-2025-1467

Disclosure Date: February 23, 2025 (last updated February 24, 2025)

Versions of the package tarteaucitronjs before 1.17.0 are vulnerable to Cross-site Scripting (XSS) via the getElemWidth() and getElemHeight(). This is related to [SNYK-JS-TARTEAUCITRONJS-8366541](https://security.snyk.io/vuln/SNYK-JS-TARTEAUCITRONJS-8366541)

Attacker Value

Unknown

CVE-2023-3620

Disclosure Date: July 11, 2023 (last updated February 25, 2025)

Cross-site Scripting (XSS) - Stored in GitHub repository amauric/tarteaucitron.js prior to v1.13.1.

Attacker Value

Unknown

CVE-2022-33155

Disclosure Date: July 12, 2022 (last updated February 24, 2025)

The ameos_tarteaucitron (aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible) extension before 1.2.23 for TYPO3 allows XSS.

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2021-36889

Disclosure Date: December 17, 2021 (last updated February 23, 2025)

Multiple Stored Authenticated Cross-Site Scripting (XSS) vulnerabilities were discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin (versions <= 1.6).

Attack Vector: Network Privileges: High User Interaction: Required

Attacker Value

Unknown

CVE-2021-36887

Disclosure Date: December 09, 2021 (last updated February 23, 2025)

Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin (versions <= 1.5.4), vulnerable parameters "tarteaucitronEmail" and "tarteaucitronPass".

Attack Vector: Network Privileges: None User Interaction: Required

5 Total Results

Displaying 1-5 of 5

Unknown

CVE-2025-1467

Unknown

CVE-2023-3620

Unknown

CVE-2022-33155

Unknown

CVE-2021-36889

Unknown

CVE-2021-36887

Quick Cookie Notification