[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f9wh0sZMFbidUbNBxvhU2uV5ivWIBKXMDNHMU8Iw1Zt0":3,"$fe8oGS1CS2uqRKa8iy1WltkjedEhKB8O9SZtcN-FwMCo":253,"$fzVi_r50_zS_KOzO8EWXxE3gzXjmBwjwGergaPqYKyC8":258},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":65,"crawl_stats":38,"alternatives":73,"analysis":162,"fingerprints":233},"cookie-bar","Cookie Bar","2.2","Brontobytes","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrontobytes\u002F","\u003Cp>A simple, lightweight WordPress plugin for displaying a discreet notification bar that is dismissable and the dismissal is saved by cookie. Perfect for implementing the EU cookie law (GDPR)!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The Cookie Bar plugin creates a small bar at the bottom of the website with a short customizable message about cookies and an accept button.\u003C\u002Fstrong> Once a visitor has accepted the Cookie Bar, it then disappears.\u003C\u002Fp>\n\u003Cp>Feel free to try out the plugin through our installation of \u003Ca href=\"https:\u002F\u002Fwww.brontobytes.com\u002Fblog\u002Fcookie-bar-free-wordpress-plugin\u002F\" rel=\"nofollow ugc\">Cookie Bar\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Troubleshooting: If you or your visitors are using an adblocker that can block cookie bars, the bar may not show up. Whitelist your website in your adblocker’s browser add-on\u002Fextension.\u003C\u002Fp>\n","Cookie Bar allows you to discreetly inform visitors that your website uses cookies.",10000,170978,98,22,"2025-10-29T18:54:00.000Z","6.8.5","3.8","",[20,21,4,22,23],"consent","cookie","cookie-compliance","cookies","https:\u002F\u002Fwww.brontobytes.com\u002Fblog\u002Fcookie-bar-free-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcookie-bar.2.2.zip",99,2,0,"2023-10-24 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[33,51],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":29,"updated_date":45,"references":46,"days_to_patch":48,"patch_diff_files":49,"patch_trac_url":38,"research_status":38,"research_verified":50,"research_rounds_completed":28,"research_plan":38,"research_summary":38,"research_vulnerable_code":38,"research_fix_diff":38,"research_exploit_outline":38,"research_model_used":38,"research_started_at":38,"research_completed_at":38,"research_error":38,"poc_status":38,"poc_video_id":38,"poc_summary":38,"poc_steps":38,"poc_tested_at":38,"poc_wp_version":38,"poc_php_version":38,"poc_playwright_script":38,"poc_exploit_code":38,"poc_has_trace":50,"poc_model_used":38,"poc_verification_depth":38},"CVE-2023-49836","cookie-bar-authenticatedadministrator-stored-cross-site-scripting","Cookie Bar \u003C= 2.0 - Authenticated(Administrator+) Stored Cross-Site Scripting","The Cookie Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C2.1","2.1","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F80afca9d-8f9c-412f-b2dd-f0078ec8173c?source=api-prod",91,[],false,{"id":52,"url_slug":53,"title":54,"description":55,"plugin_slug":4,"theme_slug":38,"affected_versions":56,"patched_in_version":57,"severity":41,"cvss_score":58,"cvss_vector":59,"vuln_type":44,"published_date":60,"updated_date":45,"references":61,"days_to_patch":63,"patch_diff_files":64,"patch_trac_url":38,"research_status":38,"research_verified":50,"research_rounds_completed":28,"research_plan":38,"research_summary":38,"research_vulnerable_code":38,"research_fix_diff":38,"research_exploit_outline":38,"research_model_used":38,"research_started_at":38,"research_completed_at":38,"research_error":38,"poc_status":38,"poc_video_id":38,"poc_summary":38,"poc_steps":38,"poc_tested_at":38,"poc_wp_version":38,"poc_php_version":38,"poc_playwright_script":38,"poc_exploit_code":38,"poc_has_trace":50,"poc_model_used":38,"poc_verification_depth":38},"CVE-2021-24653","cookie-bar-admin-stored-cross-site-scripting","Cookie Bar \u003C= 1.8.8 - Admin+ Stored Cross-Site Scripting","The Cookie Bar WordPress plugin through 1.8.8 doesn't properly sanitise the Cookie Bar Message setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed","\u003C=1.8.8","1.8.9",4.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2021-09-22 00:00:00",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F11401ad7-6064-475c-92f6-ce72a56e9a83?source=api-prod",853,[],{"slug":66,"display_name":7,"profile_url":8,"plugin_count":67,"total_installs":68,"avg_security_score":69,"avg_patch_time_days":70,"trust_score":71,"computed_at":72},"brontobytes",3,11500,100,472,79,"2026-05-19T18:32:07.251Z",[74,95,112,125,144],{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":18,"tags":89,"homepage":90,"download_link":91,"security_score":92,"vuln_count":93,"unpatched_count":93,"last_vuln_date":94,"fetched_at":30},"cookie-law-bar","Cookie Law Bar","1.2.1","richplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fwidgetpack\u002F","\u003Cp>A simple and lightweight cookie law WordPress plugin for show information that your website uses cookie. Perfect for implementation of EU cookie law!\u003C\u002Fp>\n\u003Cp>Online demo: \u003Ca href=\"http:\u002F\u002Fdemo.richplugins.com\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fdemo.richplugins.com\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Feel free to try our other widgets powered by \u003Ca href=\"https:\u002F\u002Fwidgetpack.com\u002F\" rel=\"nofollow ugc\">Widget Pack\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>It’s free\u003C\u002Fli>\n\u003Cli>Adaptive design\u003C\u002Fli>\n\u003Cli>Zero load time\u003C\u002Fli>\n\u003Cli>Smooth slide bottom or top bar\u003C\u002Fli>\n\u003Cli>Changeable: position, message, color, button text\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Chat support https:\u002F\u002Fwidgetpack.com\u002Fforum\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Email support contact@widgetpack.com\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Cookie Law Bar show bottom or top bar to inform users that your website uses cookie according to EU law.",2000,27218,90,4,"2017-11-28T19:18:00.000Z","4.7.33","2.8",[20,21,4,22,23],"https:\u002F\u002Fwidgetpack.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcookie-law-bar.1.2.1.zip",64,1,"2021-05-24 00:00:00",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":28,"num_ratings":28,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":18,"tags":108,"homepage":109,"download_link":110,"security_score":111,"vuln_count":28,"unpatched_count":28,"last_vuln_date":38,"fetched_at":30},"simple-cookie-law","Simple Cookie Law","0.0.1","snagysandor","https:\u002F\u002Fprofiles.wordpress.org\u002Fsnagysandor\u002F","\u003Cp>Simple Cookie Law\u003C\u002Fp>\n\u003Cp>A simple and lightweight cookie law plugin for show information that your website uses cookie. Don’t use Jquery, all elements build in HTML source and you can use transparent colors.\u003C\u002Fp>\n","Cookie law notification on your page.",10,5961,"2017-08-24T08:18:00.000Z","4.8.28","4.0",[20,21,4,22,23],"https:\u002F\u002Foktatas.nagysandor.org\u002Fsimple-cookie-law\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-cookie-law.0.0.1.zip",85,{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":28,"downloaded":120,"rating":28,"num_ratings":28,"last_updated":121,"tested_up_to":122,"requires_at_least":17,"requires_php":18,"tags":123,"homepage":18,"download_link":124,"security_score":111,"vuln_count":28,"unpatched_count":28,"last_vuln_date":38,"fetched_at":30},"zedna-cookies-bar","Zedna Cookies Bar","1.4.2","Radek Mezulanik","https:\u002F\u002Fprofiles.wordpress.org\u002Fzedna\u002F","\u003Cp>Small cookies bar to inform visitors that your website uses cookies without beign too disturbing.\u003Cbr \u002F>\nUser can setup colors of text, bar and button. You can also choose to show bar at the top or bottom of the page. You can also add custom css.\u003Cbr \u002F>\nAnd frontend is independent on jQuery.\u003C\u002Fp>\n","Lightweight cookies bar to inform visitors that your website uses cookies without beign too disturbing. Frontend is independent on jQuery.",1069,"2020-07-09T11:00:00.000Z","5.4.19",[20,21,4,22,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzedna-cookies-bar.zip",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":82,"downloaded":133,"rating":134,"num_ratings":135,"last_updated":136,"tested_up_to":137,"requires_at_least":17,"requires_php":18,"tags":138,"homepage":142,"download_link":143,"security_score":111,"vuln_count":28,"unpatched_count":28,"last_vuln_date":38,"fetched_at":30},"eu-cookie-law-compliance","EU Cookie Law Compliance","1.0.3","Damian Góra","https:\u002F\u002Fprofiles.wordpress.org\u002Fdamian-gora\u002F","\u003Cp>Relevant and universal banner informs visitors about the acceptance of cookies.\u003Cbr \u002F>\nIncludes 4 different flexible layouts, easy to customize.\u003Cbr \u002F>\nIf you are searching a great looking cookie law bar, your search ends here.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>It is \u003Cstrong>fully adjustable\u003C\u002Fstrong>. You can fits bar for your own website’s style – change the background, text and buttons colors\u003C\u002Fli>\n\u003Cli>You can decide about \u003Cstrong>location of your cookies\u003C\u002Fstrong> – place the cookie bar in either the header or the footer\u003C\u002Fli>\n\u003Cli>You can choose \u003Cstrong>Cookie expiry days\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>You can edit \u003Cstrong>title and message\u003C\u002Fstrong> of your own cookies\u003C\u002Fli>\n\u003Cli>You can hide or show \u003Cstrong>refuse button\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>You can edit appearance and disappearance of \u003Cstrong>cookie bar effect\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>You can set the \u003Cstrong>duration time\u003C\u002Fstrong> and set \u003Cstrong>start time\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>The plugin is \u003Cstrong>Responsive Web Design\u003C\u002Fstrong> it means compatible with across a wide range of devices\u003C\u002Fli>\n\u003Cli>WPML compatible;\u003C\u002Fli>\n\u003C\u002Ful>\n","Elegant and responsive EU Cookie Law Compliance.",24037,96,9,"2019-04-27T20:30:00.000Z","5.1.22",[4,139,22,140,141],"cookie-categories","cookie-consent","cookie-law","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feu-cookie-law-compliance","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feu-cookie-law-compliance.1.0.3.zip",{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":28,"downloaded":152,"rating":28,"num_ratings":28,"last_updated":153,"tested_up_to":16,"requires_at_least":154,"requires_php":155,"tags":156,"homepage":158,"download_link":159,"security_score":160,"vuln_count":28,"unpatched_count":28,"last_vuln_date":38,"fetched_at":161},"zestard-cookie-consent","Zestard Cookie Consent","1.0.5","Zestard Technologies","https:\u002F\u002Fprofiles.wordpress.org\u002Fzestardtechnologies\u002F","\u003Cp>This plugin helps to set cookie bar into your website as per your style.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>Our plugin provide following featues:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Admin can add cookie details from the backend.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>If admin will click ‘Save Changes’ button without making any changes then default value will set for each field stores in database and according to it in front end cookie bar will show.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>This plugin adds a cookie bar to your website either in the header or footer so you can show your compliance status regarding the new EU Cookie Law.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>User can fully customize the style of cookie bar so it fits in with your existing website – change the colours, text etc.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>User can choose which button you want to add in your cookie bar from Admin.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>User can also choose link instead of button.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Display cookie bar in your website which is fully customizable.",1142,"2025-04-17T05:30:00.000Z","5.0","7.0",[4,140,23,157],"zestard","https:\u002F\u002Fwww.zestard.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzestard-cookie-consent.zip",92,"2026-04-06T09:54:40.288Z",{"attackSurface":163,"codeSignals":200,"taintFlows":220,"riskAssessment":221,"analyzedAt":232},{"hooks":164,"ajaxHandlers":196,"restRoutes":197,"shortcodes":198,"cronEvents":199,"entryPointCount":28,"unprotectedCount":28},[165,171,176,180,184,188,192],{"type":166,"name":167,"callback":168,"file":169,"line":170},"action","admin_menu","cookie_bar_menu","cookie-bar.php",18,{"type":172,"name":173,"callback":174,"priority":103,"file":169,"line":175},"filter","plugin_action_links","cookie_bar_settings_plugin_link",21,{"type":166,"name":177,"callback":178,"file":169,"line":179},"admin_init","cookie_bar_settings",212,{"type":166,"name":181,"callback":182,"file":169,"line":183},"wp_enqueue_scripts","cookie_bar_dependencies",235,{"type":166,"name":185,"callback":186,"file":169,"line":187},"plugins_loaded","loadTextDomain",259,{"type":166,"name":189,"callback":190,"file":169,"line":191},"admin_enqueue_scripts","cookie_bar_color_picker",266,{"type":166,"name":193,"callback":194,"priority":103,"file":169,"line":195},"wp_footer","cookie_bar",346,[],[],[],[],{"dangerousFunctions":201,"sqlUsage":202,"outputEscaping":204,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":219},[],{"prepared":28,"raw":28,"locations":203},[],{"escaped":205,"rawEcho":206,"locations":207},26,5,[208,211,213,215,217],{"file":169,"line":209,"context":210},195,"raw output",{"file":169,"line":212,"context":210},298,{"file":169,"line":214,"context":210},304,{"file":169,"line":216,"context":210},311,{"file":169,"line":218,"context":210},342,[],[],{"summary":222,"deductions":223},"The static analysis of the \"cookie-bar\" plugin v2.2 reveals a generally positive security posture, with no identified critical or high severity code signals like dangerous functions, raw SQL queries, or file operations. The plugin also demonstrates good practices in output escaping, with 84% of identified outputs being properly escaped. Furthermore, the absence of any identified taint flows with unsanitized paths or critical\u002Fhigh severity issues is a strong indicator of secure coding. However, the complete lack of nonces and capability checks on any entry points, coupled with the absence of any identified entry points in the static analysis, raises a concern. This might indicate a very limited attack surface, but it could also mean that the static analysis missed potential entry points, or that the plugin relies heavily on WordPress core for authorization, which might not always be sufficient for all contexts.\n\nThe vulnerability history shows two medium severity CVEs, both related to Cross-site Scripting (XSS). While there are no currently unpatched vulnerabilities, the pattern of XSS vulnerabilities suggests that input sanitization or output encoding might be an area that requires ongoing vigilance. The most recent vulnerability was in October 2023, indicating that issues have been identified relatively recently. Despite the lack of critical issues in the static analysis, the past XSS vulnerabilities are a significant weakness that needs to be considered in the overall risk assessment. The plugin demonstrates strengths in avoiding direct SQL injection and dangerous functions but exhibits a weakness in its past susceptibility to XSS and the potential for insufficient authorization checks on its (currently unidentified) entry points.",[224,226,228,230],{"reason":225,"points":103},"Two medium severity XSS vulnerabilities in history",{"reason":227,"points":206},"No nonce checks on any entry points",{"reason":229,"points":206},"No capability checks on any entry points",{"reason":231,"points":85},"84% of output escaped, indicates 16% not","2026-03-16T17:44:30.536Z",{"wat":234,"direct":239},{"assetPaths":235,"generatorPatterns":236,"scriptPaths":237,"versionParams":238},[],[],[],[],{"cssClasses":240,"htmlComments":246,"htmlAttributes":247,"restEndpoints":249,"jsGlobals":250,"shortcodeOutput":252},[241,242,243,244,245],"cookie_bar_btn_bg_colour","cookie_bar_btn_font_colour","cookie_bar_bar_bg_colour","cookie_bar_bar_font_colour","cookie_bar_days_to_expire",[],[248],"data-default-color",[],[251],"jQuery",[],{"error":254,"url":255,"statusCode":256,"statusMessage":257,"message":257},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcookie-bar\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":85,"versions":259},[260,265,271,279],{"version":6,"download_url":25,"svn_tag_url":261,"released_at":38,"has_diff":50,"diff_files_changed":262,"diff_lines":38,"trac_diff_url":263,"vulnerabilities":264,"is_current":254},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcookie-bar\u002Ftags\u002F2.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcookie-bar%2Ftags%2F2.1&new_path=%2Fcookie-bar%2Ftags%2F2.2",[],{"version":40,"download_url":266,"svn_tag_url":267,"released_at":38,"has_diff":50,"diff_files_changed":268,"diff_lines":38,"trac_diff_url":269,"vulnerabilities":270,"is_current":50},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcookie-bar.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcookie-bar\u002Ftags\u002F2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcookie-bar%2Ftags%2F2.0&new_path=%2Fcookie-bar%2Ftags%2F2.1",[],{"version":272,"download_url":273,"svn_tag_url":274,"released_at":38,"has_diff":50,"diff_files_changed":275,"diff_lines":38,"trac_diff_url":276,"vulnerabilities":277,"is_current":50},"2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcookie-bar.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcookie-bar\u002Ftags\u002F2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcookie-bar%2Ftags%2F1.8.9&new_path=%2Fcookie-bar%2Ftags%2F2.0",[278],{"id":34,"url_slug":35,"title":36,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":40},{"version":57,"download_url":280,"svn_tag_url":281,"released_at":38,"has_diff":50,"diff_files_changed":282,"diff_lines":38,"trac_diff_url":38,"vulnerabilities":283,"is_current":50},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcookie-bar.1.8.9.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcookie-bar\u002Ftags\u002F1.8.9\u002F",[],[284],{"id":34,"url_slug":35,"title":36,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":40}]