Does Smart Cookie Kit have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Smart Cookie Kit compatible with WordPress 5.6.17?

According to WordPress.org data, Smart Cookie Kit 2.3.2 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

How often is Smart Cookie Kit updated?

Smart Cookie Kit was last updated on Oct 6, 2023. Frequent updates are generally a positive security signal.

What is Smart Cookie Kit's security score?

Smart Cookie Kit has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Smart Cookie Kit Security & Risk Analysis

wordpress.org/plugins/smart-cookie-kit

Preventive blocking of third party cookies for GDPR/EU Cookie Law/ePrivacy. Translatable, cacheable, lightweight, powerful!

3K active installs v2.3.2 PHP + WP 4.6+ Updated Oct 6, 2023

bannercookiecookie-laweprivacygdpr

A · Safe

CVEs total1

Unpatched0

Last CVEOct 6, 2023

Plugin page Download

Safety Verdict

Is Smart Cookie Kit Safe to Use in 2026?

Generally Safe

Score 85/100

Smart Cookie Kit has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Oct 6, 2023Updated 2yr ago

Risk Assessment

The smart-cookie-kit plugin exhibits a mixed security posture. On the positive side, the static analysis reveals no critical security signals such as dangerous functions, raw SQL queries, or unsanitized paths in taint flows. It also has no known unpatched vulnerabilities. However, significant concerns arise from the complete lack of output escaping, meaning that all 59 identified outputs are vulnerable to Cross-Site Scripting (XSS) attacks. Furthermore, the absence of nonce checks and capability checks on any entry points (AJAX, REST API, shortcodes, cron jobs) leaves all potential attack vectors exposed to unauthorized or unauthenticated users. The vulnerability history shows a past medium severity XSS vulnerability, which, combined with the current lack of output escaping, suggests a persistent issue with handling user-supplied data safely.

Key Concerns

0% of outputs properly escaped
0 nonce checks found
0 capability checks found
1 medium severity CVE in history

Vulnerabilities

1 published

Smart Cookie Kit Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2023-45608medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Smart Cookie Kit <= 2.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Oct 6, 2023 Patched in 2.3.2 (109d)

Version History

Smart Cookie Kit Release Timeline

v2.3.2Current

v2.3.11 CVE

Smart Cookie Kit Security & Risk Analysis

Is Smart Cookie Kit Safe to Use in 2026?

Generally Safe

Key Concerns

Smart Cookie Kit Security Vulnerabilities

CVEs by Year

Severity Breakdown

Smart Cookie Kit Release Timeline

Smart Cookie Kit Code Analysis

SQL Query Safety

Output Escaping

Smart Cookie Kit Attack Surface

Smart Cookie Kit Maintenance & Trust

Maintenance Signals

Community Trust

Smart Cookie Kit Alternatives

Real Cookie Banner: GDPR & ePrivacy Cookie Consent

Cookie Banner for GDPR / CCPA – WPLP Cookie Consent

Concord – Cookie Banner & Full Privacy Platform for Cookie Consent & GDPR/CCPA Compliance

AppConsent CMP by SFBX

kjrocker Cookie Consent

Smart Cookie Kit Developer Profile

How We Detect Smart Cookie Kit

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Smart Cookie Kit