WP-Safety

Cookie Law Authorization Security & Risk Analysis

wordpress.org/plugins/multimediamonster-cookie-law-authorization

Show a floating box on every page that make visitors required to choose a qookie level.

10 active installs v1.4.4 PHP + WP 4.0+ Updated May 2, 2016
cookie-lawcookie-levelscookies
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Cookie Law Authorization Safe to Use in 2026?

Generally Safe

Score 85/100

Cookie Law Authorization has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago
Risk Assessment

The multimediamonster-cookie-law-authorization plugin exhibits a concerning security posture due to a significant number of unprotected AJAX endpoints. While the plugin does not appear to have a history of known vulnerabilities, the static analysis reveals critical weaknesses that could be exploited. The presence of three unprotected AJAX handlers represents a direct pathway for attackers to interact with the plugin without proper authentication, potentially leading to unauthorized actions or information disclosure. Furthermore, the taint analysis indicating flows with unsanitized paths, although not classified as critical or high severity, suggests potential vulnerabilities in how data is processed. The low percentage of properly escaped output further exacerbates this risk, as it increases the likelihood of cross-site scripting (XSS) attacks. Despite the absence of dangerous functions and external HTTP requests, and the use of prepared statements for most SQL queries, these strengths are overshadowed by the numerous entry points lacking essential security checks. The plugin's vulnerability history being clear is a positive sign, but it does not negate the immediate risks identified in the current version's code.

Key Concerns

  • Unprotected AJAX handlers
  • Unsanitized paths in taint analysis
  • Low percentage of properly escaped output
  • Missing capability checks on AJAX handlers
Vulnerabilities
None known

Cookie Law Authorization Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Cookie Law Authorization Release Timeline

v1.2
v1.1
v1.0
Code Analysis
Analyzed Mar 16, 2026

Cookie Law Authorization Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
6 prepared
Unescaped Output
80
2 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

86% prepared7 total queries

Output Escaping

2% escaped82 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
add_admin_page (classes\class-mmm-cla-admin-pages.php:9)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Cookie Law Authorization Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 3

authwp_ajax_admin_actions_ajaxmultimediamonster-cookie-law-authorization.php:71
authwp_ajax_insert_ipmultimediamonster-cookie-law-authorization.php:90
noprivwp_ajax_insert_ipmultimediamonster-cookie-law-authorization.php:91
WordPress Hooks 15
actioninitclasses\class-mmm-cla-register.php:18
actioninitclasses\class-mmm-cla-register.php:39
actionadmin_initmultimediamonster-cookie-law-authorization.php:64
actionadmin_menumultimediamonster-cookie-law-authorization.php:65
actionadmin_initmultimediamonster-cookie-law-authorization.php:66
actionadmin_initmultimediamonster-cookie-law-authorization.php:67
actioninitmultimediamonster-cookie-law-authorization.php:69
actioninitmultimediamonster-cookie-law-authorization.php:70
filterplugin_action_linksmultimediamonster-cookie-law-authorization.php:74
filterset-screen-optionmultimediamonster-cookie-law-authorization.php:75
actionwp_headmultimediamonster-cookie-law-authorization.php:87
actionwp_enqueue_scriptsmultimediamonster-cookie-law-authorization.php:88
actionwp_enqueue_scriptsmultimediamonster-cookie-law-authorization.php:89
actionwp_footermultimediamonster-cookie-law-authorization.php:92
actioninitmultimediamonster-cookie-law-authorization.php:93
Maintenance & Trust

Cookie Law Authorization Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33
Last updatedMay 2, 2016
PHP min version
Downloads4K

Community Trust

Rating60/100
Number of ratings1
Active installs10
Alternatives

Cookie Law Authorization Alternatives

Italy Cookie Choices (for EU Cookie Law & Cookie Notice)

Italy Cookie Choices (for EU Cookie Law & Cookie Notice)

italy-cookie-choices

A
85

The most complete cookie consent to easily comply with the european cookie law, display cookie notice and block third party cookie without degrading w …

10K No CVEs
WF Cookie Consent

WF Cookie Consent

wf-cookie-consent

A
92

The wunderfarm-way to show how your website complies with the EU Cookie Law - very easy, 100% responsive and with multi-language support!

10K 1 CVE
EU Cookies Bar for WordPress

EU Cookies Bar for WordPress

eu-cookies-bar

A
100

Ensure GDPR (General Data Protection Regulation) compliance (EU Cookie Law) with our straightforward cookie bar

9K No CVEs
Civic Cookie Control

Civic Cookie Control

civic-cookie-control-8

A
99

This plugin enables you to comply with the UK and EU law on cookies.

2K 1 CVE
Ilmenite Cookie Consent

Ilmenite Cookie Consent

ilmenite-cookie-consent

A
85

A simple, developer-friendly WordPress plugin with minimum bloat that lets visitors know that the site is using cookies.

2K No CVEs
Developer Profile

Cookie Law Authorization Developer Profile

mmmrenske

3 plugins · 90 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Cookie Law Authorization

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/multimediamonster-cookie-law-authorization/assets/css/backend/backend-styles.css/wp-content/plugins/multimediamonster-cookie-law-authorization/assets/css/frontend/frontend-styles.css/wp-content/plugins/multimediamonster-cookie-law-authorization/assets/js/backend/backend-scripts.js/wp-content/plugins/multimediamonster-cookie-law-authorization/assets/js/frontend/frontend-scripts.js
Script Paths
/wp-content/plugins/multimediamonster-cookie-law-authorization/assets/js/backend/backend-scripts.js/wp-content/plugins/multimediamonster-cookie-law-authorization/assets/js/frontend/frontend-scripts.js
Version Parameters
multimediamonster-cookie-law-authorization/assets/css/backend/backend-styles.css?ver=multimediamonster-cookie-law-authorization/assets/css/frontend/frontend-styles.css?ver=multimediamonster-cookie-law-authorization/assets/js/backend/backend-scripts.js?ver=multimediamonster-cookie-law-authorization/assets/js/frontend/frontend-scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes
mmm_cla_settings_pagemmm_cla_settings_containermmm_cla_general_settingsmmm_cla_button_color_inputmmm_cla_modal_wrappermmm_cla_modal_contentmmm_cla_modal_headermmm_cla_modal_body+9 more
HTML Comments
<!-- MultiMediaMonster Cookie Law Authorization --><!-- THIS PLUGIN HAS BEEN MADE BY MULTIMEDIAMONSTER --><!-- Cookie law authorization --><!-- THIS PLUGIN WAS MADE BY MULTIMEDIAMONSTER -->+2 more
Data Attributes
data-mmm-cla-plugin-name="Cookie law authorization"data-mmm-cla-settings-url="
JS Globals
mmm_cla_ajax_object
REST Endpoints
/wp-json/mmm-cla/v1/settings/wp-json/mmm-cla/v1/log-consent
Shortcode Output
[mmm_cla_manage_cookies]
FAQ

Frequently Asked Questions about Cookie Law Authorization