Does Beautiful Cookie Consent Banner have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Beautiful Cookie Consent Banner compatible with WordPress 6.9.4?

According to WordPress.org data, Beautiful Cookie Consent Banner 4.9.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Beautiful Cookie Consent Banner compatible with PHP 7.0.0+?

Beautiful Cookie Consent Banner requires PHP 7.0.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Beautiful Cookie Consent Banner updated?

Beautiful Cookie Consent Banner was last updated on Dec 1, 2025. Frequent updates are generally a positive security signal.

What is Beautiful Cookie Consent Banner's security score?

Beautiful Cookie Consent Banner has a WP-Safety security score of 93/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Beautiful Cookie Consent Banner Security & Risk Analysis

wordpress.org/plugins/beautiful-and-responsive-cookie-consent

Free and beautiful Cookie Consent Banner to make your website compliant. Highly customizable and not loading any files from 3rd party servers.

40K active installs v4.9.2 PHP 7.0.0+ WP 4.0+ Updated Dec 1, 2025

cookie-bannercookie-consentcookie-consent-bannergdprgoogle-consent-mode-v2

A · Safe

CVEs total4

Unpatched0

Last CVEJul 1, 2025

Plugin page Download

Safety Verdict

Is Beautiful Cookie Consent Banner Safe to Use in 2026?

Generally Safe

Score 93/100

Beautiful Cookie Consent Banner has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

4 known CVEsLast CVE: Jul 1, 2025Updated 5mo ago

Risk Assessment

The plugin 'beautiful-and-responsive-cookie-consent' v4.9.2 exhibits a mixed security posture. Static analysis reveals a generally good application of security best practices, with a notable absence of dangerous functions, external HTTP requests, and critical taint flows. The presence of nonces, capability checks, and a high percentage of properly escaped outputs are positive indicators. However, the vulnerability history presents a significant concern. With 4 known CVEs, including 2 high and 2 medium severity vulnerabilities, the plugin has a past of security weaknesses. The types of common vulnerabilities (XSS and Missing Authorization) are serious and require careful attention. While there are currently no unpatched vulnerabilities, the historical pattern suggests a recurring need for diligent security patching.

Key Concerns

2 High Severity CVEs
2 Medium Severity CVEs
Flows with unsanitized paths
SQL queries not fully prepared
File operations present

Vulnerabilities

4 published

Beautiful Cookie Consent Banner Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

2 CVEs in 2023

2023

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

High

Medium

4 total CVEs

CVE-2025-49866medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Beautiful Cookie Consent Banner <= 4.6.1 - Reflected Cross-Site Scripting

Jul 1, 2025 Patched in 4.6.2 (8d)

CVE-2023-3388high · 7.2Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Beautiful Cookie Consent Banner <= 2.10.1 - Unauthenticated Stored Cross-Site Scripting

Jan 31, 2023 Patched in 2.10.2 (357d)

WF-aee6fea2-dbf6-4155-ba3f-f85ea3520504-beautiful-and-responsive-cookie-consenthigh · 7.3Missing Authorization

Beautiful Cookie Consent Banner <= 2.10.0 - Missing Authorization to Settings Update

Jan 31, 2023 Patched in 2.10.1 (357d)

CVE-2022-3823medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Beautiful Cookie Consent Banner <= 2.9.0 - Authenticated (Admin+) Stored Cross-Site Scripting

Nov 3, 2022 Patched in 2.9.1 (446d)

Version History

Beautiful Cookie Consent Banner Release Timeline

v4.9.2Current

v4.9.1

v4.9.0

v4.8.0

v4.7.0

v4.6.3

v4.6.2

v4.6.11 CVE

v4.6.01 CVE

v4.5.61 CVE

v4.5.51 CVE

v4.5.41 CVE

v4.5.31 CVE

v4.5.21 CVE

v4.5.11 CVE

v4.5.01 CVE

v4.4.01 CVE

v4.3.11 CVE

v4.3.01 CVE

v4.2.11 CVE

Code Analysis

Analyzed Mar 16, 2026

Beautiful Cookie Consent Banner Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

89 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

67% prepared3 total queries

Output Escaping

86% escaped103 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

save_settings (class\class-nsc_bar_save_form_fields.php:66)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Beautiful Cookie Consent Banner Attack Surface

Entry Points2

Unprotected0

REST API Routes 1

POST/wp-json/beautiful-and-responsive-cookie-consent/v1/admin-noticesclass\class-nsc_bar_rest_api.php:12

Shortcodes 1

[cc_show_cookie_banner_nsc_bar] class\class-nsc_bar_frontend.php:66

WordPress Hooks 29

actionadmin_noticesclass\class-nsc_bar_admin_error.php:28

actionadmin_menuclass\class-nsc_bar_admin_settings.php:21

actionadmin_enqueue_scriptsclass\class-nsc_bar_admin_settings.php:22

actionadmin_enqueue_scriptsclass\class-nsc_bar_admin_settings.php:23

actionadmin_enqueue_scriptsclass\class-nsc_bar_admin_settings.php:24

actionwp_enqueue_scriptsclass\class-nsc_bar_frontend.php:64

actionadmin_noticesclass\class-nsc_bar_input_validation.php:495

actionnetwork_admin_noticesclass\class-nsc_bar_input_validation.php:496

filterwp_get_consent_typeclass\class-nsc_bar_integrations.php:19

filternsc_bar_return_filter_configured_cookie_nameclass\class-nsc_bar_return_filter.php:12

filternsc_bar_return_filter_dataLayer_banner_init_scriptclass\class-nsc_bar_return_filter.php:13

filternsc_bar_return_filter_banner_config_arrayclass\class-nsc_bar_return_filter.php:14

filternsc_bar_return_filter_cookie_settingclass\class-nsc_bar_return_filter.php:15

filternsc_bar_return_filter_user_consent_valuesclass\class-nsc_bar_return_filter.php:16

actionplugins_loadednsc_bar-cookie-consent.php:50

actionrest_api_initnsc_bar-cookie-consent.php:56

actionplugins_loadednsc_bar-cookie-consent.php:64

actionplugins_loadednsc_bar-cookie-consent.php:66

actionadmin_initnsc_bar-cookie-consent.php:72

actionsend_headersnsc_bar-cookie-consent.php:76

actionsend_headersnsc_bar-cookie-consent.php:77

actionsend_headersnsc_bar-cookie-consent.php:78

actionsend_headersnsc_bar-cookie-consent.php:79

actionwp_print_scriptsnsc_bar-cookie-consent.php:84

filterstyle_loader_tagnsc_bar-cookie-consent.php:86

filterscript_loader_tagnsc_bar-cookie-consent.php:87

filterrocket_excluded_inline_js_contentnsc_bar-cookie-consent.php:104

filterrocket_defer_inline_exclusionsnsc_bar-cookie-consent.php:105

actionplugins_loadednsc_bar-cookie-consent.php:108

Maintenance & Trust

Beautiful Cookie Consent Banner Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 1, 2025

PHP min version7.0.0

Downloads1.4M

Community Trust

Rating90/100

Number of ratings91

Active installs40K

Alternatives

Beautiful Cookie Consent Banner Alternatives

eCookies by HostRiver – Google Consent Mode v2 and GDPR Cookie Banner Integration

ecookies-by-hostriver

Quickly activate Google Consent Mode v2 to ensure GDPR compliance for your site, also compatible with PixelYourSite plugin

40 No CVEs

CookieYes – Cookie Banner for Cookie Consent (Easy to setup GDPR/CCPA Compliant Cookie Notice)

cookie-law-info

100

Easily set up cookie banner or notice in WordPress, and policy pages for compliance with global cookie laws (GDPR, DSGVO, RGPD, CCPA/CPRA, etc).

1.0M 1 CVE

GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice for CCPA, EU Cookie Law

gdpr-cookie-compliance

Cookie notice banner for GDPR, CCPA, EU cookie law, data protection and privacy regulations and other cookie law and consent notice requirements on yo …

300K 9 CVEs

Cookiebot by Usercentrics – Automatic Cookie Banner for GDPR/CCPA & Google Consent Mode

cookiebot

Install your cookie banner in minutes. Automatically scan and block cookies to comply with the GDPR, CCPA, Google Consent Mode v2. Free plan option.

100K 4 CVEs

Real Cookie Banner: GDPR & ePrivacy Cookie Consent

real-cookie-banner

Obtain GDPR (DSGVO/RGPD) and ePrivacy Directive (TDDDG/TTDSG, LOPD-GDD, DTA) compliant consents in your cookie banner. More than just a cookie notice!

100K 4 CVEs

Developer Profile

Beautiful Cookie Consent Banner Developer Profile

Nikel

5 plugins · 40K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

406 days

View full developer profile

Detection Fingerprints

How We Detect Beautiful Cookie Consent Banner

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/beautiful-and-responsive-cookie-consent/admin/js/cookietypes.v2.js/wp-content/plugins/beautiful-and-responsive-cookie-consent/admin/js/iframeResizer/iframeResizer.min.js/wp-content/plugins/beautiful-and-responsive-cookie-consent/admin/js/bootstrap.bundle.min.js/wp-content/plugins/beautiful-and-responsive-cookie-consent/admin/js/admin.cookie-banner.min.js/wp-content/plugins/beautiful-and-responsive-cookie-consent/admin/css/bootstrap.min.css/wp-content/plugins/beautiful-and-responsive-cookie-consent/admin/css/admin.cookie-banner.css

Script Paths

Version Parameters

/wp-content/plugins/beautiful-and-responsive-cookie-consent/admin/js/cookietypes.v2.js?ver=/wp-content/plugins/beautiful-and-responsive-cookie-consent/admin/js/iframeResizer/iframeResizer.min.js?ver=/wp-content/plugins/beautiful-and-responsive-cookie-consent/admin/js/bootstrap.bundle.min.js?ver=/wp-content/plugins/beautiful-and-responsive-cookie-consent/admin/js/admin.cookie-banner.min.js?ver=/wp-content/plugins/beautiful-and-responsive-cookie-consent/admin/css/bootstrap.min.css?ver=/wp-content/plugins/beautiful-and-responsive-cookie-consent/admin/css/admin.cookie-banner.css?ver=

HTML / DOM Fingerprints

CSS Classes

nsc-cookie-banner

HTML Comments

Data Attributes

data-nsc-bar-iddata-nsc-bar-type

JS Globals

nscBarAdminJsVars

REST Endpoints

/wp-json/nsc_bar/v1/save_settings

FAQ

Beautiful Cookie Consent Banner Security & Risk Analysis

Is Beautiful Cookie Consent Banner Safe to Use in 2026?

Generally Safe

Key Concerns

Beautiful Cookie Consent Banner Security Vulnerabilities

CVEs by Year

Severity Breakdown

Beautiful Cookie Consent Banner Release Timeline

Beautiful Cookie Consent Banner Code Analysis

SQL Query Safety

Output Escaping

Data Flow Analysis

Beautiful Cookie Consent Banner Attack Surface

REST API Routes 1

Shortcodes 1

Beautiful Cookie Consent Banner Maintenance & Trust

Maintenance Signals

Community Trust

Beautiful Cookie Consent Banner Alternatives

eCookies by HostRiver – Google Consent Mode v2 and GDPR Cookie Banner Integration

CookieYes – Cookie Banner for Cookie Consent (Easy to setup GDPR/CCPA Compliant Cookie Notice)

GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice for CCPA, EU Cookie Law

Cookiebot by Usercentrics – Automatic Cookie Banner for GDPR/CCPA & Google Consent Mode

Real Cookie Banner: GDPR & ePrivacy Cookie Consent

Beautiful Cookie Consent Banner Developer Profile

How We Detect Beautiful Cookie Consent Banner

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Beautiful Cookie Consent Banner