WP-Safety

CookieJar Security & Risk Analysis

wordpress.org/plugins/cookiejar

Cookie consent banner and basic compliance tools (GDPR/CCPA) with simple setup and accessible UI.

0 active installs v1.0.0 PHP 7.2+ WP 5.9+ Updated Nov 8, 2025
ccpaconsentcookiesgdprprivacy
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is CookieJar Safe to Use in 2026?

Generally Safe

Score 100/100

CookieJar has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The "cookiejar" v1.0.0 plugin exhibits a generally strong security posture, with most code signals indicating adherence to good security practices. The plugin demonstrates a high percentage of prepared statements for SQL queries and properly escaped output, which are crucial for preventing common web vulnerabilities. Furthermore, a large number of nonce and capability checks are in place, alongside the absence of known CVEs and critical taint analysis findings, suggesting a well-developed and secure codebase for its functionality.

However, a notable concern arises from the presence of two AJAX handlers that lack authentication checks. This represents a direct attack vector where unauthorized users could potentially interact with sensitive plugin functionalities without proper authorization. While the overall vulnerability history is clean, this specific oversight in the current static analysis warrants attention and mitigation. The plugin's strengths lie in its robust output escaping, SQL sanitization, and general lack of known vulnerabilities, but the identified unprotected AJAX endpoints are a clear weakness that should be addressed.

Key Concerns

  • Unprotected AJAX handlers
Vulnerabilities
None known

CookieJar Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

CookieJar Code Analysis

Dangerous Functions
0
Raw SQL Queries
6
38 prepared
Unescaped Output
4
454 escaped
Nonce Checks
43
Capability Checks
53
File Operations
14
External Requests
0
Bundled Libraries
0

SQL Query Safety

86% prepared44 total queries

Output Escaping

99% escaped458 total outputs
Data Flows
All sanitized

Data Flow Analysis

10 flows
ajax_save_banner_settings (admin\class-cookiejar-admin.php:2834)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

CookieJar Attack Surface

Entry Points44
Unprotected2

AJAX Handlers 43

authwp_ajax_cookiejar_recent_logsadmin\class-cookiejar-admin.php:19
authwp_ajax_cookiejar_reset_noticeadmin\class-cookiejar-admin.php:20
authwp_ajax_cookiejar_banner_settingsadmin\class-cookiejar-admin.php:21
authwp_ajax_cookiejar_save_banner_settingsadmin\class-cookiejar-admin.php:22
authwp_ajax_cookiejar_save_language_settingsadmin\class-cookiejar-admin.php:23
authwp_ajax_cookiejar_save_advanced_settingsadmin\class-cookiejar-admin.php:24
authwp_ajax_cookiejar_export_logsadmin\class-cookiejar-admin.php:25
authwp_ajax_cookiejar_clear_cacheadmin\class-cookiejar-admin.php:28
authwp_ajax_cookiejar_warm_cacheadmin\class-cookiejar-admin.php:29
authwp_ajax_cookiejar_health_checkadmin\class-cookiejar-admin.php:30
authwp_ajax_cookiejar_clear_logsadmin\class-cookiejar-admin.php:31
authwp_ajax_cookiejar_save_general_settingsadmin\class-cookiejar-admin.php:34
authwp_ajax_cookiejar_save_appearance_settingsadmin\class-cookiejar-admin.php:35
authwp_ajax_cookiejar_save_compliance_settingsadmin\class-cookiejar-admin.php:36
authwp_ajax_cookiejar_save_security_settingsadmin\class-cookiejar-admin.php:37
authwp_ajax_cookiejar_save_performance_settingsadmin\class-cookiejar-admin.php:38
authwp_ajax_cookiejar_save_integration_settingsadmin\class-cookiejar-admin.php:39
authwp_ajax_cookiejar_backup_settingsadmin\class-cookiejar-admin.php:40
authwp_ajax_cookiejar_restore_settingsadmin\class-cookiejar-admin.php:41
authwp_ajax_cookiejar_export_basic_reportadmin\class-cookiejar-admin.php:42
authwp_ajax_cookiejar_save_settingsadmin\class-cookiejar-admin.php:43
authwp_ajax_cookiejar_skip_wizardadmin\class-cookiejar-admin.php:44
authwp_ajax_cookiejar_save_wizardadmin\class-cookiejar-admin.php:45
authwp_ajax_cookiejar_complete_wizardadmin\class-cookiejar-admin.php:46
authwp_ajax_cookiejar_reset_wizardadmin\class-cookiejar-admin.php:47
authwp_ajax_cookiejar_force_wizard_menuadmin\class-cookiejar-admin.php:48
authwp_ajax_cookiejar_apply_defaultsadmin\class-cookiejar-admin.php:49
authwp_ajax_cookiejar_migrate_databaseadmin\class-cookiejar-admin.php:50
authwp_ajax_dwic_statsincludes\class-cookiejar-ajax.php:8
authwp_ajax_dwic_logincludes\class-cookiejar-ajax.php:9
noprivwp_ajax_dwic_logincludes\class-cookiejar-ajax.php:10
authwp_ajax_cookiejar_recent_logsincludes\class-cookiejar-ajax.php:11
authwp_ajax_cookiejar_trend_summaryincludes\class-cookiejar-ajax.php:12
authwp_ajax_cookiejar_status_hudincludes\class-cookiejar-ajax.php:13
authwp_ajax_cookiejar_save_wizardincludes\class-cookiejar-ajax.php:14
authwp_ajax_cookiejar_export_settingsincludes\class-cookiejar-ajax.php:15
authwp_ajax_cookiejar_import_settingsincludes\class-cookiejar-ajax.php:16
authwp_ajax_cookiejar_reset_defaultsincludes\class-cookiejar-ajax.php:17
authwp_ajax_cookiejar_complete_wizardincludes\class-cookiejar-wizard.php:23
authwp_ajax_cookiejar_skip_wizardincludes\class-cookiejar-wizard.php:24
authwp_ajax_cookiejar_save_wizardincludes\class-cookiejar-wizard.php:25
authwp_ajax_cookiejar_reset_wizardincludes\class-cookiejar-wizard.php:26
authwp_ajax_cookiejar_apply_defaultsincludes\class-cookiejar-wizard.php:27

Shortcodes 1

[dwic_policy_table] includes\class-dwic-shortcodes.php:7
WordPress Hooks 31
actionadmin_menuadmin\class-cookiejar-admin.php:14
actionadmin_enqueue_scriptsadmin\class-cookiejar-admin.php:15
actionadmin_footeradmin\class-cookiejar-admin.php:52
actionadmin_menuadmin\class-dwic-admin.php:10
actionadmin_initadmin\class-dwic-admin.php:11
actionadmin_enqueue_scriptsadmin\class-dwic-admin.php:12
actionadmin_post_dwic_exportadmin\class-dwic-admin.php:13
actionadmin_noticesadmin\class-dwic-admin.php:14
actionadmin_initadmin\class-dwic-admin.php:15
actionadmin_noticescookiejar.php:46
filteradmin_body_classcookiejar.php:139
actionplugins_loadedcookiejar.php:242
filterplugin_row_metacookiejar.php:260
actionwp_enqueue_scriptsfrontend\class-dwic-frontend.php:12
actionwp_footerfrontend\class-dwic-frontend.php:13
actionwp_footerfrontend\class-dwic-frontend.php:14
actionwp_headfrontend\class-dwic-frontend.php:15
actionwp_enqueue_scriptsfrontend\class-dwic-frontend.php:16
filterscript_loader_tagfrontend\class-dwic-frontend.php:17
actionwp_headfrontend\class-dwic-frontend.php:18
actioninitfrontend\class-dwic-frontend.php:19
actionwp_enqueue_scriptsinc\class-cookiejar.php:15
actionwp_footerinc\class-cookiejar.php:16
actionadmin_menuinc\settings-page.php:17
actionadmin_initinc\settings-page.php:18
actionadmin_menuincludes\class-cookiejar-wizard.php:18
actionadmin_enqueue_scriptsincludes\class-cookiejar-wizard.php:19
actionadmin_initincludes\class-cookiejar-wizard.php:20
actionadmin_noticesincludes\class-dwic-health.php:13
actionadmin_initincludes\class-dwic-health.php:15
actiondwic_run_scannerincludes\class-dwic-scanner.php:14

Scheduled Events 1

dwic_run_scanner
Maintenance & Trust

CookieJar Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 8, 2025
PHP min version7.2
Downloads191

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

CookieJar Alternatives

Cookie Notice & Compliance for GDPR / CCPA

Cookie Notice & Compliance for GDPR / CCPA

cookie-notice

A
95

Cookie Notice allows you to you elegantly inform users that your site uses cookies and helps you comply with GDPR, CCPA and other data privacy laws.

900K 6 CVEs
TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA

TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA

auto-terms-of-service-and-privacy-policy

A
100

All-in-One compliance solution from TermsFeed: Generator of Privacy Policy, T&Cs, Affiliate Disclaimers and Cookie Consent Notice Banner.

90K No CVEs
Termly – GDPR/CCPA Cookie Consent Banner

Termly – GDPR/CCPA Cookie Consent Banner

uk-cookie-consent

A
99

Our easy to use cookie consent plugin can assist in your GDPR, CCPA, and ePrivacy Directive compliance efforts.

90K 2 CVEs
Pressidium Cookie Consent

Pressidium Cookie Consent

pressidium-cookie-consent

A
100

Lightweight, user-friendly and customizable cookie consent banner to help you comply with the EU GDPR cookie law and CCPA regulations.

10K No CVEs
Termageddon: Cookie Consent & Privacy Compliance

Termageddon: Cookie Consent & Privacy Compliance

termageddon-usercentrics

A
99

The most comprehensive cookie consent solution for WordPress. Automatically show consent banners based on visitor location with smart geolocation targ …

6K 1 CVE
Developer Profile

CookieJar Developer Profile

Kenneth “Demetrius” Weaver

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect CookieJar

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cookiejar/admin/css/cookiejar-admin.css/wp-content/plugins/cookiejar/admin/js/cookiejar-admin.js/wp-content/plugins/cookiejar/frontend/css/cookiejar-frontend.css/wp-content/plugins/cookiejar/frontend/js/cookiejar-frontend.js
Script Paths
/wp-content/plugins/cookiejar/admin/js/cookiejar-admin.js/wp-content/plugins/cookiejar/frontend/js/cookiejar-frontend.js
Version Parameters
cookiejar/admin/css/cookiejar-admin.css?ver=cookiejar/admin/js/cookiejar-admin.js?ver=cookiejar/frontend/css/cookiejar-frontend.css?ver=cookiejar/frontend/js/cookiejar-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
cookiejar-tier-basic
Data Attributes
data-cookiejar-consent
JS Globals
window.cookiejar_config
FAQ

Frequently Asked Questions about CookieJar