Does LuckyWP Cookie Notice (GDPR) have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is LuckyWP Cookie Notice (GDPR) compatible with WordPress 6.7.5?

According to WordPress.org data, LuckyWP Cookie Notice (GDPR) 1.2.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is LuckyWP Cookie Notice (GDPR) compatible with PHP 5.6.20+?

LuckyWP Cookie Notice (GDPR) requires PHP 5.6.20 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is LuckyWP Cookie Notice (GDPR) updated?

LuckyWP Cookie Notice (GDPR) was last updated on Dec 11, 2024. Frequent updates are generally a positive security signal.

What is LuckyWP Cookie Notice (GDPR)'s security score?

LuckyWP Cookie Notice (GDPR) has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

LuckyWP Cookie Notice (GDPR) Security & Risk Analysis

wordpress.org/plugins/luckywp-cookie-notice-gdpr

The plugin allows you to notify visitors about the use of cookies (necessary to comply with the GDPR in the EU).

10K active installs v1.2.1 PHP 5.6.20+ WP 4.7+ Updated Dec 11, 2024

cookiecookie-laweu-cookie-lawgdprnotice

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is LuckyWP Cookie Notice (GDPR) Safe to Use in 2026?

Generally Safe

Score 92/100

LuckyWP Cookie Notice (GDPR) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "luckywp-cookie-notice-gdpr" plugin v1.2.1 exhibits a concerning security posture despite a clean vulnerability history. The static analysis reveals a significant attack surface with 3 AJAX handlers, all of which lack authentication checks. This means any unauthenticated user could potentially interact with these AJAX endpoints. While the plugin shows good practices by using prepared statements for SQL queries and has no recorded vulnerabilities, the lack of output escaping for all identified outputs is a major red flag. Combined with the unsanitized paths identified in the taint analysis, this suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities. The absence of nonce checks on AJAX handlers further exacerbates this risk. The plugin's vulnerability history is positive, indicating that previous versions may have been more secure or that potential issues have been addressed. However, the current code analysis highlights significant weaknesses that warrant immediate attention, particularly the unprotected AJAX endpoints and the widespread lack of output escaping.

Key Concerns

AJAX handlers without authentication checks
No output escaping
Unsanitized paths in taint analysis
No nonce checks

Vulnerabilities

None known

LuckyWP Cookie Notice (GDPR) Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

LuckyWP Cookie Notice (GDPR) Release Timeline

v1.2.1Current

v1.2

v1.1.1

v1.1.0

v1.0.0

Code Analysis

Analyzed Mar 16, 2026

LuckyWP Cookie Notice (GDPR) Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped35 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

showTabs (core\wp\Settings.php:400)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

LuckyWP Cookie Notice (GDPR) Attack Surface

Entry Points3

Unprotected3

AJAX Handlers 3

authwp_ajax_lwpcng_rateadmin\controllers\RateController.php:18

authwp_ajax_lwpcng_rate_show_lateradmin\controllers\RateController.php:19

authwp_ajax_lwpcng_rate_hideadmin\controllers\RateController.php:20

WordPress Hooks 14

actionadmin_menuadmin\Admin.php:20

actionadmin_enqueue_scriptsadmin\Admin.php:21

actioninitadmin\controllers\RateController.php:13

actionadmin_noticesadmin\controllers\RateController.php:15

filterinstall_plugins_nonmenu_tabsadmin\controllers\SettingsController.php:19

filterinstall_plugins_table_api_args_luckywpadmin\controllers\SettingsController.php:23

actionwp_loadedcore\admin\AdminController.php:20

actionplugins_loadedcore\base\BasePlugin.php:61

actionadmin_initcore\wp\Settings.php:92

actionwp_footerfront\Front.php:28

actionwp_enqueue_scriptsfront\Front.php:29

actionwp_headfront\Front.php:33

actionwp_body_openfront\Front.php:36

actionwp_footerfront\Front.php:39

Maintenance & Trust

LuckyWP Cookie Notice (GDPR) Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedDec 11, 2024

PHP min version5.6.20

Downloads40K

Community Trust

Rating100/100

Number of ratings57

Active installs10K

Alternatives

LuckyWP Cookie Notice (GDPR) Alternatives

Cookie Banner for GDPR / CCPA – WPLP Cookie Consent

gdpr-cookie-consent

WPLP Cookie Consent helps WordPress website owners display cookie consent banners, manage user preferences, and control third-party scripts in line wi …

10K 10 CVEs

EU Cookie Policy

eu-cookie-policy

EU Cookie Policy is one of the simplest and most popular cookie notification plugins out there. EU Cookie Policy plugin helps your website to comply w …

30 No CVEs

Light Weight Cookie Popup

light-weight-cookie-popup

Light Weight Cookie Popup allows you to inform to users that your site uses cookies and to comply with the EU cookie law regulations.

10 No CVEs

Italy Cookie Choices (for EU Cookie Law & Cookie Notice)

italy-cookie-choices

The most complete cookie consent to easily comply with the european cookie law, display cookie notice and block third party cookie without degrading w …

10K No CVEs

EU Cookies Bar for WordPress

eu-cookies-bar

100

Ensure GDPR (General Data Protection Regulation) compliance (EU Cookie Law) with our straightforward cookie bar

9K No CVEs

Developer Profile

LuckyWP Cookie Notice (GDPR) Developer Profile

LuckyWP

5 plugins · 119K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

174 days

View full developer profile

Detection Fingerprints

How We Detect LuckyWP Cookie Notice (GDPR)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/luckywp-cookie-notice-gdpr/admin/assets/main.min.css/wp-content/plugins/luckywp-cookie-notice-gdpr/admin/assets/main.min.js/wp-content/plugins/luckywp-cookie-notice-gdpr/admin/assets/rate.min.css/wp-content/plugins/luckywp-cookie-notice-gdpr/admin/assets/rate.min.js/wp-content/plugins/luckywp-cookie-notice-gdpr/front/assets/main.min.css/wp-content/plugins/luckywp-cookie-notice-gdpr/front/assets/main.min.js

Script Paths

/wp-content/plugins/luckywp-cookie-notice-gdpr/admin/assets/main.min.js/wp-content/plugins/luckywp-cookie-notice-gdpr/admin/assets/rate.min.js/wp-content/plugins/luckywp-cookie-notice-gdpr/front/assets/main.min.js

Version Parameters

luckywp-cookie-notice-gdpr/admin/assets/main.min.css?ver=luckywp-cookie-notice-gdpr/admin/assets/main.min.js?ver=luckywp-cookie-notice-gdpr/admin/assets/rate.min.css?ver=luckywp-cookie-notice-gdpr/admin/assets/rate.min.js?ver=luckywp-cookie-notice-gdpr/front/assets/main.min.css?ver=luckywp-cookie-notice-gdpr/front/assets/main.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

lwpcng-notice-cookie-wrapperlwpcng-notice-cookie-contentlwpcng-notice-cookie-button

Data Attributes

data-lwpcng-id

JS Globals

lwpcngRate

FAQ