CVE-2025-1485 – WordPress Real Cookie Banner Stored Cross-Site Scripting Vulnerability

June 2, 2025

CVE ID : CVE-2025-1485

Published : June 2, 2025, 6:15 a.m. | 1 hour, 6 minutes ago

Description : The Real Cookie Banner: GDPR & ePrivacy Cookie Consent WordPress plugin before 5.1.6, real-cookie-banner-pro WordPress plugin before 5.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3951 – WordPress WP-Optimize SQL Injection Vulnerability

Next Article CVE-2025-5431 – AssamLook CMS SQL Injection Vulnerability

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Anthropic researchers say next-generation AI models will reduce humans to “meat robots” in a spectrum of crazy futures

Xbox just quietly added two of the best RPGs of all time to Game Pass

7 reasons The Division 2 is a game you should be playing in 2025

Mastering TypeScript: How Complex Should Your Types Be?

Mastering TypeScript: How Complex Should Your Types Be?

IDMC – CDI Best Practices

PWC-IDMC Migration Gaps

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Anthropic researchers say next-generation AI models will reduce humans to “meat robots” in a spectrum of crazy futures

Xbox just quietly added two of the best RPGs of all time to Game Pass

CVE-2025-1485 – WordPress Real Cookie Banner Stored Cross-Site Scripting Vulnerability

CVE-2025-48906 – DSoftBus Authentication Bypass Vulnerability

CVE-2025-48907 – Apache IPC Deserialization Vulnerability

Why I recommend this Hisense model over the Samsung Frame TV – even if it wasn’t $1,000 cheaper

It took Microsoft this long to bring this important search box to Microsoft Store

Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware

A Coding Guide to Asynchronous Web Data Extraction Using Crawl4AI: An Open-Source Web Crawling and Scraping Toolkit Designed for LLM Workflows

Findlay Automotive Hit by Cybersecurity Attack, Investigation Ongoing

CVE-2025-3801 – Songquanpeng One-Api Cross Site Scripting Vulnerability

CVE-2025-5067 – Inappropriate implementation in Tab Strip in Googl

RansomHub affiliates linked to rival RaaS gangs

CVE-2025-1485 – WordPress Real Cookie Banner Stored Cross-Site Scripting Vulnerability

Related Posts