Does GDPR Cookie Notice have any unpatched vulnerabilities?

Yes — GDPR Cookie Notice currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is GDPR Cookie Notice compatible with WordPress 5.7.15?

According to WordPress.org data, GDPR Cookie Notice 1.2.0 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

Is GDPR Cookie Notice compatible with PHP 5.4.0+?

GDPR Cookie Notice requires PHP 5.4.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is GDPR Cookie Notice updated?

GDPR Cookie Notice was last updated on Sep 23, 2021. Frequent updates are generally a positive security signal.

What is GDPR Cookie Notice's security score?

GDPR Cookie Notice has a WP-Safety security score of 64/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GDPR Cookie Notice Security & Risk Analysis

wordpress.org/plugins/gdpr-cookie-notice

GDPR Cookie Notice allow you to get GDPR Cookie Consent as per EU GDPR/Cookie Law regulations. Show cookie notice to your own website.

100 active installs v1.2.0 PHP 5.4.0+ WP 3.5+ Updated Sep 23, 2021

cookie-consentcookie-laweu-cookie-laweu-privacy-directivegdpr

C · Use Caution

CVEs total1

Unpatched1

Last CVEApr 1, 2025

Plugin page Download

Safety Verdict

Is GDPR Cookie Notice Safe to Use in 2026?

Use With Caution

Score 64/100

GDPR Cookie Notice has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Apr 1, 2025Updated 4yr ago

Risk Assessment

The static analysis of 'gdpr-cookie-notice' v1.2.0 reveals a generally good security posture in several key areas. The plugin exhibits no identified dangerous functions, no direct SQL queries (all use prepared statements), no file operations, and no external HTTP requests, which significantly reduces the attack surface. Furthermore, the absence of shortcodes, cron events, and REST API routes with permission callbacks, coupled with the lack of AJAX handlers, suggests a limited entry point for attackers. However, the complete absence of nonce checks and capability checks across all entry points is a significant concern, indicating a potential weakness in authorization and session validation.

Key Concerns

Unpatched medium severity CVE
Missing nonce checks on entry points
Missing capability checks on entry points
33% of outputs not properly escaped

Vulnerabilities

GDPR Cookie Notice Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-31765medium · 5.3Missing Authorization

GDPR Cookie Notice <= 1.2.0 - Missing Authorization

Apr 1, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

GDPR Cookie Notice Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

67% escaped6 total outputs

Attack Surface

GDPR Cookie Notice Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionadmin_menusrc\Admin.php:11

actionadmin_initsrc\Admin.php:13

actionadmin_noticessrc\Cookie_Notice.php:18

actionwp_enqueue_scriptssrc\Cookie_Notice.php:24

actioninitsrc\Cookie_Notice.php:26

Maintenance & Trust

GDPR Cookie Notice Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedSep 23, 2021

PHP min version5.4.0

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

GDPR Cookie Notice Alternatives

Cookie Banner for GDPR / CCPA – WPLP Cookie Consent

gdpr-cookie-consent

WPLP Cookie Consent helps WordPress website owners display cookie consent banners, manage user preferences, and control third-party scripts in line wi …

10K 10 CVEs