[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBKTaXmHL-rHsIQsvCWulVMsZV3UKNtEXVvk0dh1mdUo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":78,"crawl_stats":37,"alternatives":86,"analysis":184,"fingerprints":415},"tarteaucitronjs","tarteaucitron.io","1.31.0","Amauri","https:\u002F\u002Fprofiles.wordpress.org\u002Famauric\u002F","\u003Cp>Get a compliant and accessible cookie banner\u003C\u002Fp>\n\u003Cp>Automatic service detection, colors switcher, texts customization.\u003C\u002Fp>\n\u003Cp>Free for 7 days, license required after the trial.\u003C\u002Fp>\n","Compliant and accessible cookie banner.",10000,222968,90,13,"2026-03-04T12:29:00.000Z","6.9.4","2.8","",[20,21,22,23],"cookie","gdpr","rgpd","tarteaucitron","https:\u002F\u002Ftarteaucitron.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftarteaucitronjs.zip",96,3,0,"2025-05-28 00:00:00","2026-03-15T15:16:48.613Z",[32,48,63],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-4955","tarteaucitronio-authenticated-contributor-stored-cross-site-scripting","tarteaucitron.io \u003C= 1.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting","The tarteaucitron.io plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'embed' shortcode in all versions up to, and including, 1.9.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.9.4","1.9.5","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-07-08 20:11:30",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd6e1335c-17f8-4162-95c1-7b6a9cc94c94?source=api-prod",42,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":37,"affected_versions":53,"patched_in_version":54,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":43,"published_date":58,"updated_date":59,"references":60,"days_to_patch":62},"CVE-2021-36889","tarteaucitronjs-cookies-legislation-gdpr-wordpress-plugin-cross-site-scripting","tarteaucitron.js – Cookies legislation & GDPR (WordPress plugin) \u003C= 1.6 - Cross-Site Scripting","Multiple Stored Authenticated Cross-Site Scripting (XSS) vulnerabilities were discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin (versions \u003C= 1.6).","\u003C=1.6","1.6.1","low",3.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:R\u002FS:C\u002FC:N\u002FI:L\u002FA:N","2021-12-17 14:06:00","2024-01-22 19:56:02",[61],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa832cd41-c7be-43b5-bee3-4489170cad79?source=api-prod",766,{"id":64,"url_slug":65,"title":66,"description":67,"plugin_slug":4,"theme_slug":37,"affected_versions":68,"patched_in_version":69,"severity":70,"cvss_score":71,"cvss_vector":72,"vuln_type":73,"published_date":74,"updated_date":59,"references":75,"days_to_patch":77},"CVE-2021-36887","tarteaucitronjs-cookies-legislation-gdpr-cross-site-request-forgery-to-cross-site-scripting","tarteaucitron.js – Cookies legislation & GDPR \u003C= 1.5.4 - Cross-Site Request Forgery to Cross-Site Scripting","Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin (versions \u003C= 1.5.4), vulnerable parameters \"tarteaucitronEmail\" and \"tarteaucitronPass\".","\u003C=1.5.4","1.6","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Cross-Site Request Forgery (CSRF)","2021-12-09 00:00:00",[76],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe28f0ff6-eee3-45bb-be7e-91e2349a91d5?source=api-prod",775,{"slug":79,"display_name":7,"profile_url":8,"plugin_count":80,"total_installs":81,"avg_security_score":82,"avg_patch_time_days":83,"trust_score":84,"computed_at":85},"amauric",2,14000,93,218,74,"2026-04-04T21:02:57.198Z",[87,112,128,147,164],{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":97,"num_ratings":98,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":107,"download_link":108,"security_score":109,"vuln_count":110,"unpatched_count":28,"last_vuln_date":111,"fetched_at":30},"axeptio-sdk-integration","Axeptio – Cookie Banner – GDPR Consent & Compliance with a friendly touch","2.6.1","Axeptio","https:\u002F\u002Fprofiles.wordpress.org\u002Faxeptio\u002F","\u003Cp>Transform your WordPress site’s \u003Cstrong>privacy management\u003C\u002Fstrong> into a smooth and compliant experience with Axeptio. Our plugin, crafted for seamless integration with WordPress, offers a turnkey solution for adhering to privacy standards without compromising user experience.\u003Cbr \u002F>\nWith a unique and many times copied cookie consent widget, Axeptio will ensure you gather your users consent while properly informing them about their rights.\u003Cbr \u002F>\nVery easy to install and configure, \u003Ca href=\"https:\u002F\u002Fwww.axept.io\" rel=\"nofollow ugc\">Axeptio\u003C\u002Fa> will be deployed on your site in just a few minutes.\u003Cbr \u002F>\nOnce the plugin is installed, you will need to configure it in the admin part of WordPress. More customization and consent log are available on our dashboard.\u003Cbr \u002F>\nWith a large customization palette, you can chose what colors, logos and texts you want to display on your widget. Axeptio also supports several languages.\u003C\u002Fp>\n\u003Ch3>\u003Ca href=\"https:\u002F\u002Fwww.axept.io\" rel=\"nofollow ugc\">★ Visit Axeptio ★\u003C\u002Fa>\u003C\u002Fh3>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cp>The plugin will download our SDK to display Axeptio on your website\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Quick and Easy Installation:\u003C\u002Fstrong> Integrate Axeptio into your WordPress site in just a few clicks with our streamlined setup. Simply enter your client ID, and you’re all set – the Axeptio code is automatically integrated.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multilingual Compatibility:\u003C\u002Fstrong> Axeptio works seamlessly with WPML and PolyLang, ensuring privacy management is tailored to all your users, no matter their language.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Extension Blocking:\u003C\u002Fstrong> Our advanced system of filters and hooks allows you to block extensions by default, ensuring full compliance and enhanced security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Connection to Vendor Database:\u003C\u002Fstrong> Simplify extension blocking with direct access to our comprehensive database.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Updates:\u003C\u002Fstrong> Stay always up-to-date with the latest features and improvements effortlessly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Customization:\u003C\u002Fstrong> Tailor the plugin’s appearance to match your brand with customization options for colors, logo, and text directly from your Axeptio backoffice.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dedicated Axeptio Support:\u003C\u002Fstrong> Access expert assistance for any questions or support needs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Tag Manager Integration:\u003C\u002Fstrong> Easily integrate Axeptio with Google Tag Manager for optimized tag management.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Configuration happens in the WordPress admin part where you can input your client ID and link your website to your Axeptio account\u003Cbr \u002F>\nUser consent and customization happens on our website directly\u003Cbr \u002F>\nAvailable in several languages\u003C\u002Fp>\n\u003Cp>NOTE: JUST INSTALLING THIS PLUG-IN DOES NOT MAKE YOUR SITE GDPR COMPLIANT. EACH WEBSITE USES DIFFERENT COOKIES, YOU MUST ENSURE THAT THE REQUIRED CONFIGURATION IS IN PLACE.\u003Cbr \u002F>\nPlease follow our documentation to configure and test your settings for Axeptio and WordPress.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Read all \u003Ca href=\"https:\u002F\u002Fsupport.axeptio.eu\u002Fen\" rel=\"nofollow ugc\">our documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Why Choose Axeptio for WordPress?\u003C\u002Fh3>\n\u003Cp>Axeptio is not just a plugin, it’s a complete solution that respects and strengthens your users’ trust. Whether you’re a blogger, an e-commerce site, or a business, Axeptio is the ideal choice for privacy management that’s simple, effective, and compliant with current standards.\u003C\u002Fp>\n","Axeptio is the best solution to make your website GDPR compatible and make your visitors smile!",8000,130866,100,4,"2025-06-16T17:19:00.000Z","6.8.5","5.0","7.4",[104,105,106,21,22],"axeptio","consent","cookies","https:\u002F\u002Fwww.axeptio.eu\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faxeptio-sdk-integration.2.6.1.zip",97,1,"2024-12-11 00:00:00",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":97,"num_ratings":80,"last_updated":122,"tested_up_to":100,"requires_at_least":123,"requires_php":102,"tags":124,"homepage":126,"download_link":127,"security_score":97,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"cookie-dough-compliance-and-consent-for-gdpr","Cookie Dough Compliance and Consent for GDPR","2.2.5","Ludwig You","https:\u002F\u002Fprofiles.wordpress.org\u002Fludwigyou\u002F","\u003Cp>Cookie Dough Compliance and Consent for GDPR allows you to add your site cookie consent form through a user-friendly interface.\u003C\u002Fp>\n\u003Cp>Unlike many other plugins, Cookie Dough Compliance and Consent for GDPR allows you to actually disable scripts if the user refuses cookies.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Simplify modal customization\u003C\u002Fli>\n\u003Cli>Modal text customization\u003C\u002Fli>\n\u003Cli>Up to 3 steps on your modal (welcome, required cookies and optional cookies)\u003C\u002Fli>\n\u003Cli>Preview mode in back office\u003C\u002Fli>\n\u003Cli>Added a delay before displaying the modal\u003C\u002Fli>\n\u003Cli>Feature to disable scripts if user refuses cookies\u003C\u002Fli>\n\u003Cli>Modal redisplay delays if user accepts all\u003C\u002Fli>\n\u003Cli>Delays in redisplaying the modal if the user does not accept all\u003C\u002Fli>\n\u003Cli>Ability to make the modal disappear after accepting it\u003C\u002Fli>\n\u003Cli>Cookie manager with ability to disable scripts by name directly through WordPress dequeue_script feature\u003C\u002Fli>\n\u003Cli>Ability to add a script only if the user accepts the cookie concerned\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>When you install the plugin the modal is directly deployed on your site. You can customize it in the back office.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Go to the Cookie Dough screen in the WordPress admin\u003C\u002Fli>\n\u003Cli>Customize the modal\u003C\u002Fli>\n\u003Cli>Save the modal\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Other plugin by Webdeclic\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwebdeclic.com\" rel=\"nofollow ugc\">Webdeclic\u003C\u002Fa> is a French web agency based in Paris. We are specialized in the creation of websites and e-commerce sites. We are also the creator of the following plugins:\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmentions-legales-par-webdeclic\u002F\" rel=\"ugc\">Mentions Legales Par Webdeclic\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcookie-dough-compliance-and-consent-for-gdpr\u002F\" rel=\"ugc\">Cookie Dough Compliance and Consent for GDPR\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fquickwebp\u002F\" rel=\"ugc\">QuickWebP – Compress \u002F Optimize Images & Convert WebP | SEO Friendly\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Funiversal-honey-pot\u002F\" rel=\"ugc\">Universal Honey Pot\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclean-my-wp\u002F\" rel=\"ugc\">Clean My WP\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsearch\u002Fwebdeclic\u002F\" rel=\"ugc\">Show all plugins on WordPress.org\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Support us\u003C\u002Fh3>\n\u003Cp>⭐️ If you like this plugin, please give us a 5 star rating on WordPress.org. This will motivate us to develop new features and write other plugins. ⭐️\u003C\u002Fp>\n\u003Cp>☕️ If you want buy me a coffee, you can do it here : \u003Ca href=\"https:\u002F\u002Fbmc.link\u002Fludwig\" rel=\"nofollow ugc\">Buy me a coffee\u003C\u002Fa> ☕️\u003C\u002Fp>\n","Cookie Dough Compliance and Consent for GDPR is a GDPR cookie consent extension. Style your modal cookie.",500,5961,"2025-10-08T11:57:00.000Z","6.0.0",[105,106,21,125,22],"policy","https:\u002F\u002Fwebdeclic.com\u002Fprojets\u002Fcreation-de-lextension-wordpress-cookies-dough\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcookie-dough-compliance-and-consent-for-gdpr.2.2.5.zip",{"slug":129,"name":130,"version":131,"author":132,"author_profile":133,"description":134,"short_description":135,"active_installs":136,"downloaded":137,"rating":97,"num_ratings":80,"last_updated":138,"tested_up_to":139,"requires_at_least":101,"requires_php":140,"tags":141,"homepage":144,"download_link":145,"security_score":146,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"gdpr-settings-for-wc","GDPR Settings for WooCommerce","1.2.1","Santiago Alonso","https:\u002F\u002Fprofiles.wordpress.org\u002Fsalonsoweb\u002F","\u003Cp>Adapt your e-commerce to the GDPR rules.\u003C\u002Fp>\n\u003Cp>This plugin allows you to easily add a check box to the woocommerce checkout to obtain the consent of the users before sending them promotions.\u003C\u002Fp>\n\u003Cp>In addition, you can add the first layer of privacy before completing the checkout, as required by the RGPD.\u003C\u002Fp>\n\u003Ch3>GDPR Promo consent\u003C\u002Fh3>\n\u003Cp>With RGPD\u002FGPDR Settings for WooCommerce you can include an optional checkbox in your checkout to obtain your user’s consent for send news and promotions later.\u003C\u002Fp>\n\u003Cp>You can check the user consent in the admin order details and also in the admin new order email.\u003C\u002Fp>\n\u003Ch3>GDPR top privacy layer\u003C\u002Fh3>\n\u003Cp>According GDPR rules you need to include a simple extract about your privacy policies near to your place order button.\u003C\u002Fp>\n\u003Cp>With RGPD\u002FGPDR Settings for WC you can customize this first privacy layer easily too.\u003C\u002Fp>\n\u003Ch3>GDPR Settings tab\u003C\u002Fh3>\n\u003Cp>You can customize your GDPR texts under a new setting tab in the WooCommerce settings page\u003C\u002Fp>\n\u003Ch3>Plugin compatibility\u003C\u002Fh3>\n\u003Cp>RGPD\u002FGPDR Settings for WC will work with WooCommerce and all WordPress themes or any visual builder like Divi, Elementor, WPBakery, etc.\u003C\u002Fp>\n\u003Cp>This plugin use native WooCommerce hooks for total compatibility.\u003C\u002Fp>\n","Adapt your e-commerce to the GDPR rules. This plugin allows you to easily add a check box to the woocommerce checkout to obtain the consent of the us &hellip;",200,3446,"2021-08-02T12:53:00.000Z","5.8.13","5.2.4",[106,21,142,22,143],"privacy","woocommerce","https:\u002F\u002Fsalonsoweb.es","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgdpr-settings-for-wc.1.2.1.zip",85,{"slug":148,"name":149,"version":150,"author":151,"author_profile":152,"description":153,"short_description":154,"active_installs":28,"downloaded":155,"rating":28,"num_ratings":28,"last_updated":156,"tested_up_to":157,"requires_at_least":158,"requires_php":159,"tags":160,"homepage":162,"download_link":163,"security_score":146,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"advanced-cookies","HOB Advanced Cookies for WordPress","1.4.3","hoblucas","https:\u002F\u002Fprofiles.wordpress.org\u002Fhoblucas\u002F","\u003Cp>Be compliant with the Cookies and GDPR Legislation with HOB Advanced Cookies.\u003C\u002Fp>\n\u003Cp>HOB Advanced Cookies allows you to give your users the choice to block the usage of non-essential cookies such as facebook, twiiter, youtube… Your site will respect and be compliant with GDPR.\u003C\u002Fp>\n\u003Cp>What is GDPR?\u003Cbr \u002F>\nThe General Data Protection Regulation 2016\u002F679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also addresses the export of personal data outside the EU and EEA areas.\u003Cbr \u002F>\nUsage.\u003C\u002Fp>\n\u003Cp>HOB France Services is a digital communication agency based in Sophia Antipolis and Paris. Our teams are true experts of WordPress projects. Website creation, maintenance, extension development and training, we support our customers in all phases of the realization of their digital projects.\u003C\u002Fp>\n\u003Ch4>As featured on\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.assistance-wp.com\u002F\" title=\"Contacter le support WordPress en France\" rel=\"nofollow ugc\">Assistance-WP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsupport-wp.com\u002F\" title=\"Support Français pour les utilisateurs du cms WordPress\" rel=\"nofollow ugc\">Support-WP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhob-france.com\u002F\" title=\"Expert WordPress\" rel=\"nofollow ugc\">HOB FRANCE SERVICES\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Bring your site into compliance with the GDPR and Cookies legislation.",966,"2023-11-29T15:59:00.000Z","6.4.8","5.7","5.6",[161,20,21,22],"advancedcookies","https:\u002F\u002Fwww.hob-france.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-cookies.1.4.3.zip",{"slug":165,"name":166,"version":167,"author":168,"author_profile":169,"description":170,"short_description":171,"active_installs":172,"downloaded":173,"rating":26,"num_ratings":174,"last_updated":175,"tested_up_to":16,"requires_at_least":176,"requires_php":102,"tags":177,"homepage":179,"download_link":180,"security_score":181,"vuln_count":182,"unpatched_count":28,"last_vuln_date":183,"fetched_at":30},"complianz-gdpr","Complianz – GDPR\u002FCCPA Cookie Consent","7.4.4.2","Complianz","https:\u002F\u002Fprofiles.wordpress.org\u002Fcomplianz\u002F","\u003Cp>Complianz is a GDPR\u002FCCPA Cookie Banner plugin that supports GDPR, ePrivacy, DSGVO, TTDSG, LGPD, POPIA, APA, RGPD, CCPA\u002FCPRA and PIPEDA with a conditional Cookie Consent Banner and customized Cookie Policy based on the results of the built-in Cookie Scan.\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fvimeo.com\u002Fmanage\u002Fvideos\u002F1138872149\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch4>Cookie Consent Notice\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Configure a Cookie Notice for your specific region: European Union, United Kingdom, United States, Australia, South Africa, Brazil or Canada. Or use one Cookie Notice worldwide.\u003C\u002Fli>\n\u003Cli>Configure specific cookie consent per subregion, for example: European Union + TTDSG\u002FDSGVO\u002FCNIL or USA + specific states for CCPA\u002FCPRA\u002FCTDPA etc\u003C\u002Fli>\n\u003Cli>Cookie Consent and Conditional Cookie Notice with Custom CSS and Customizable Templates. WCAG Level AA and ADA Compliant.\u003C\u002Fli>\n\u003Cli>Banner Templates include: GDPR-friendly Cookie Wall – Accept\u002FDismiss – Consent per Category – Consent per Service\u003C\u002Fli>\n\u003Cli>Banner Templates also include; Dismiss on scroll, time on page or both based on legislation\u003C\u002Fli>\n\u003Cli>We aim to follow WCAG 2.1 AA guidelines and ADA best practices in the design of our cookie banners and legal documents to support accessibility.\u003C\u002Fli>\n\u003Cli>No jQuery Dependency\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Consent Management\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatically configures your website based on wizard questions, WordPress scans and dedicated service and plugin integrations.\u003C\u002Fli>\n\u003Cli>Blocks 3rd party cookies like Google Maps, Facebook, Instagram, AdSense, Hubspot, Recaptcha, Twitter, ActiveCampaign, and many more.\u003C\u002Fli>\n\u003Cli>Custom integrations for plugins, themes and services are automatically detected.\u003C\u002Fli>\n\u003Cli>Blocks iFrames, like YouTube, Vimeo, Dailymotion embedded videos and Social iFrames e.g. Instagram, Facebook et al.\u003C\u002Fli>\n\u003Cli>Shows placeholders for blocked iFrames. Stills from videos and individual placeholders per (social) service.\u003C\u002Fli>\n\u003Cli>Script Center to control scripts, iFrames and plugins per category or service. With dependency functionality and placeholders.\u003C\u002Fli>\n\u003Cli>Proof of Consent: User consent registration that respects the GDPR data minimization guideline.\u003C\u002Fli>\n\u003Cli>Periodical Cookie Scan for changes in Cookies, Plugins and 3rd Party services.\u003C\u002Fli>\n\u003Cli>Automatically detects if you need a Cookie Notice (also called a Cookie Banner or Pop-Up).\u003C\u002Fli>\n\u003Cli>Automatically anonymizes personal data for integrated statistics tools if needed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Privacy Laws & Guidelines\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Ready for GDPR, ePrivacy AVG, RGPD, LGPD, DSGVO, CNIL, PECR, UK DPA, UK GDPR, CCPA, COPPA, PIPEDA, CASL, POPIA, Privacy Act 1988, Australian Privacy Principles, The “Marco Civil” and the Brazilian General Data Protection Law.\u003C\u002Fli>\n\u003Cli>Differentiate between GDPR, ePrivacy and DSGVO\u002FCNIL or between CCPA\u002FDNSMPI and NRS 603A, if needed.\u003C\u002Fli>\n\u003Cli>We closely follow the latest developments in the ePrivacy regulation, the proposed Cookie Law for the European Union, and other legislation world-wide.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Legal Documents\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>A Cookie Policy; Generated by you with an easy wizard, drafted by an IT Law Firm.\u003C\u002Fli>\n\u003Cli>Do Not Sell My Personal Information: DNSMPI Page for CCPA\u002FCPRA – if required. (Now called Opt-out Preferences.)\u003C\u002Fli>\n\u003Cli>Terms and Conditions are available in a separate plugin: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomplianz-terms-conditions\u002F\" rel=\"ugc\">Complianz – Terms and Conditions\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Integrations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Detected Cookie Data is prefilled from cookiedatabase.org, with clear and transparent cookie descriptions, which are continuously updated.\u003C\u002Fli>\n\u003Cli>Integrated with WordPress Privacy features. Export and erase personal data from our dashboard.\u003C\u002Fli>\n\u003Cli>Implementation of Google Tag Manager, Google Analytics, Matomo, Matomo Tag Manager, Clicky, Yandex, Jetpack and Burst Statistics\u003C\u002Fli>\n\u003Cli>Categorize your Cookies with Tag Manager or our Script Center, if needed.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Integration with the \u003Ca href=\"https:\u002F\u002Fwpconsentapi.org\u002F\" rel=\"nofollow ugc\">WP Consent API\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Integrates seamlessly with Gutenberg, Elementor, Divi, Forminator, WPBakery, Monsterinsights, GADWP, Beehive, WPForms, Gravity Forms, HappyForms, Contact Form 7 \u003C5.4 (CF7), Woocommerce, Easy Digital Downloads, WP Google Maps, Google Maps Widget, Local Google Fonts, CAOS | Host Google Analytics Locally and other popular plugins.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>Tested with popular themes en page builders.\u003C\u002Fli>\n\u003Cli>Gutenberg Blocks enabled.\u003Cbr \u002F>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Complianz offers full support on the WordPress.org \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcomplianz-gdpr\u002F\" rel=\"ugc\">Forum\u003C\u002Fa>. Before starting a new thread, please check available documentation and other support threads. Leave a clear and concise description of your issue, and we will respond as soon as possible.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Useful Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcomplianz-gdpr\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FReally-Simple-Plugins\u002Fcomplianz-gdpr\u002F\" rel=\"nofollow ugc\">Github\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FReally-Simple-Plugins\u002Fcomplianz-integrations\" rel=\"nofollow ugc\">MU Plugins\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcomplianz.io\u002Fdocs\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcomplianz.io\u002Fdevelopers-guide-for-third-party-integrations\u002F\" rel=\"nofollow ugc\">Developer’s Guide\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcomplianz.io\u002Fdefinitions\u002F\" rel=\"nofollow ugc\">Legal Definitions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fcomplianz-gdpr\u002F\" rel=\"nofollow ugc\">Translate Complianz\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Premium Features\u003C\u002Fh3>\n\u003Cp>Complianz offers a Full Privacy Suite for WordPress on \u003Ca href=\"https:\u002F\u002Fcomplianz.io\" rel=\"nofollow ugc\">Complianz.io\u003C\u002Fa> with even more features:\u003C\u002Fp>\n\u003Ch4>Cookie Consent Notice\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Improve conversion with A\u002FB Testing: which cookie banner has the best consent ratio? Run tests and measure what works best for your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Consent Management\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Records of Consent: Keep record of your consent management changes and user’s consent registration. Integrates with Proof of Consent\u003C\u002Fli>\n\u003Cli>Respects the Do Not Track settings and Global Privacy Controls in end-users browsers.\u003C\u002Fli>\n\u003Cli>Geo IP Cookie Consent: Cookie Consent is different everywhere. Show the correct Cookie Notice based on IP location, but only if a banner is needed.\u003C\u002Fli>\n\u003Cli>Google Consent Mode – Use Consent Mode by Google with Google Tag Manager or Google Analytics. No further set-up needed.\u003C\u002Fli>\n\u003Cli>Integration with TCF v2.0. An IAB Europe Consent Framework for Publishers. Registered CMP ID: 332\u003C\u002Fli>\n\u003Cli>Data Request Forms and Registration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Privacy Laws & Guidelines\u003C\u002Fh4>\n\u003Cp>Simultaneously select USA, Canada, United Kingdom, Australia, South Africa, Brazil and the EU as targeted regions with conditional Consent and dedicated Cookie Banners.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Support for GDPR \u002F ePrivacy – European Union with Extension for Switzerland.\u003C\u002Fli>\n\u003Cli>Support for USA \u002F CCPA\u002FCPRA\u002FCPA\u002FCTDPA\u002FNRS 603A\u002FUCPA\u002FCDPA\u003C\u002Fli>\n\u003Cli>Support for UK-GDPR \u002F PECR and ICO Guidelines – United Kingdom.\u003C\u002Fli>\n\u003Cli>Support for PIPEDA and CASL – Canada.\u003C\u002Fli>\n\u003Cli>Support for Privacy Act 1988 & Australian Privacy Principles\u003C\u002Fli>\n\u003Cli>Support for POPIA, the South African Protection of Personal Information Act\u003C\u002Fli>\n\u003Cli>Supports The “Marco Civil” and the Brazilian General Data Protection Law (LGPD)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Legal Documents\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Privacy statements (EU, CA, UK, AU, ZA, BR & USA).\u003C\u002Fli>\n\u003Cli>Cookie policy (EU, UK, CA, AU, ZA, BR & USA).\u003C\u002Fli>\n\u003Cli>Impressum (Germany & Austria) & Imprint for world wide use.\u003C\u002Fli>\n\u003Cli>Disclaimer\u003C\u002Fli>\n\u003Cli>Terms & Conditions Integration\u003C\u002Fli>\n\u003Cli>Processing agreements (EU, UK, CA, AU, ZA, BR & USA).\u003C\u002Fli>\n\u003Cli>Dataleak reporting tools (EU, UK, CA, AU, ZA, BR & USA).\u003C\u002Fli>\n\u003Cli>Supports CCPA Consent and Legal documents.\u003C\u002Fli>\n\u003Cli>COPPA ready with Children’s Privacy Policy (USA)\u003C\u002Fli>\n\u003Cli>Children’s Privacy Policy (UK,CA & AU)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support & Updates\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Premium Support from our amazing team.\u003C\u002Fli>\n\u003Cli>Premium updates, new languages, features, regions and more to create the Ultimate Privacy Suite for WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>About Complianz\u003C\u002Fh3>\n\u003Cp>Check out other plugins developed by Really Simple Plugins as well: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Freally-simple-ssl\u002F\" rel=\"ugc\">Really Simple SSL\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Complianz is on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FReally-Simple-Plugins\u002Fcomplianz-gdpr\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> as well!\u003C\u002Fp>\n\u003Cp>IMPORTANT! Complianz | GDPR\u002FCCPA Cookie Consent can help you meet compliance requirements, but the user must ensure that all requirements are met.\u003C\u002Fp>\n\u003Cp>Complianz provides your Cookie Policy with comprehensive cookie descriptions, supplied by cookiedatabase.org, operated by Complianz B.V. The plugin sends the results of Complianz’ local or advanced website scan to Cookiedatabase.org, for the sole purpose of providing you with accurate descriptions and keeping them up-to-date on a regular basis. The advanced website scan can be initialized after authentication and consent for security purposes.\u003C\u002Fp>\n\u003Cp>We collect for research purposes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Cookie names\u003C\u002Fli>\n\u003Cli>Domain that provides the cookie names\u003C\u002Fli>\n\u003Cli>Plugin list on the domain\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more information:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Cookiedatabase.org – \u003Ca href=\"https:\u002F\u002Fcookiedatabase.org\u002Fplugin-use-of-cookiedatabase-org-privacy-terms\u002F\" rel=\"nofollow ugc\">Privacy Statement\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Cookiedatabase.org – \u003Ca href=\"https:\u002F\u002Fcookiedatabase.org\u002Fterms-of-use\u002F\" rel=\"nofollow ugc\">Terms and Conditions Database\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Cookiedatabase.org – \u003Ca href=\"https:\u002F\u002Fcookiedatabase.org\u002Fterms-of-use-api\u002F\" rel=\"nofollow ugc\">Terms of Use API\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For security purposes, we authenticate the advanced website scan with:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Email address\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The advanced website scan collects public data from the user’s site, stores it for one hour, and then discards it without analysis.\u003C\u002Fp>\n\u003Cp>For more information:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Advanced website scan Complianz.io – \u003Ca href=\"https:\u002F\u002Fcomplianz.io\u002Flegal\u002Fprivacy-statement\u002F\" rel=\"nofollow ugc\">Privacy Statement\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Advanced website scan Complianz.io – \u003Ca href=\"https:\u002F\u002Fcomplianz.io\u002Flegal\u002Fterms-of-use\u002F\" rel=\"nofollow ugc\">Terms of Use API\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcomplianz.io\u002Fsupport\u002F\" rel=\"nofollow ugc\">Contact\u003C\u002Fa> us if you have any questions, issues, or suggestions. Complianz | GDPR\u002FCCPA Cookie Consent is developed by \u003Ca href=\"https:\u002F\u002Fcomplianz.io\" rel=\"nofollow ugc\">Complianz B.V.\u003C\u002Fa>.\u003C\u002Fp>\n","Configure your Cookie Banner, Cookie Consent and Cookie Policy with our Wizard and Cookies Scan.",1000000,26472953,1608,"2025-12-16T13:49:00.000Z","5.9",[105,20,178,21,142],"cookie-notice","https:\u002F\u002Fwww.wordpress.org\u002Fplugins\u002Fcomplianz-gdpr","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomplianz-gdpr.7.4.4.2.zip",92,10,"2026-03-25 00:00:00",{"attackSurface":185,"codeSignals":281,"taintFlows":319,"riskAssessment":399,"analyzedAt":414},{"hooks":186,"ajaxHandlers":277,"restRoutes":278,"shortcodes":279,"cronEvents":280,"entryPointCount":28,"unprotectedCount":28},[187,193,196,200,207,212,215,219,223,227,231,234,238,242,246,248,251,254,257,260,263,266,269,274],{"type":188,"name":189,"callback":190,"file":191,"line":192},"action","admin_menu","tarteaucitron_settings","Admin.php",5,{"type":188,"name":194,"callback":195,"file":191,"line":182},"admin_enqueue_scripts","tarteaucitron_admin_css",{"type":188,"name":197,"callback":198,"file":191,"line":199},"admin_notices","closure",191,{"type":201,"name":202,"callback":203,"priority":204,"file":205,"line":206},"filter","the_content","tarteaucitron_display_sidebars",50,"Sidebars.php",79,{"type":188,"name":208,"callback":209,"file":210,"line":211},"init","tarteaucitron_load_textdomain","tarteaucitron.php",20,{"type":188,"name":208,"callback":213,"file":210,"line":214},"_tarteaucitron_init",70,{"type":188,"name":216,"callback":217,"file":210,"line":218},"plugins_loaded","tarteaucitron_load_widget",77,{"type":188,"name":220,"callback":221,"priority":110,"file":210,"line":222},"wp_head","tarteaucitronForceLocale",115,{"type":188,"name":224,"callback":225,"file":210,"line":226},"admin_bar_menu","tarteaucitron_toolbar",128,{"type":188,"name":228,"callback":229,"priority":97,"file":210,"line":230},"admin_print_styles","_tarteaucitron_admin_bar_css",137,{"type":188,"name":232,"callback":229,"priority":97,"file":210,"line":233},"wp_print_styles",138,{"type":201,"name":235,"callback":236,"file":210,"line":237},"embed_oembed_html","tarteaucitronjs_oembed_dataparse",153,{"type":201,"name":239,"callback":240,"file":210,"line":241},"autoptimize_filter_js_exclude","tarteaucitron_ao_exclude",205,{"type":201,"name":243,"callback":244,"file":210,"line":245},"litespeed_optimize_js_excludes","tarteaucitron_js_exclude",217,{"type":201,"name":247,"callback":244,"file":210,"line":83},"rocket_exclude_js",{"type":201,"name":249,"callback":244,"file":210,"line":250},"rocket_minify_excluded_external_js",219,{"type":201,"name":252,"callback":244,"file":210,"line":253},"wp-optimize-minify-default-exclusions",220,{"type":201,"name":255,"callback":244,"file":210,"line":256},"perfmatters_delayed_scripts",221,{"type":201,"name":258,"callback":244,"file":210,"line":259},"sgo_js_minify_exclude",222,{"type":201,"name":261,"callback":244,"file":210,"line":262},"flying_press_exclude_from_minify:js",223,{"type":201,"name":264,"callback":244,"file":210,"line":265},"flying_press_exclude_from_defer:js",224,{"type":201,"name":267,"callback":244,"file":210,"line":268},"wpassetcleanup_exclude_loaded_js",225,{"type":188,"name":270,"callback":271,"file":272,"line":273},"sidebar_admin_setup","tarteaucitron_register","Widgets.php",105,{"type":188,"name":275,"callback":198,"file":272,"line":276},"widgets_init",108,[],[],[],[],{"dangerousFunctions":282,"sqlUsage":283,"outputEscaping":285,"fileOperations":28,"externalRequests":27,"nonceChecks":27,"capabilityChecks":80,"bundledLibraries":318},[],{"prepared":28,"raw":28,"locations":284},[],{"escaped":98,"rawEcho":286,"locations":287},17,[288,291,292,293,295,297,299,301,303,305,306,307,309,310,312,314,316],{"file":191,"line":289,"context":290},22,"raw output",{"file":191,"line":214,"context":290},{"file":191,"line":84,"context":290},{"file":191,"line":294,"context":290},125,{"file":191,"line":296,"context":290},129,{"file":191,"line":298,"context":290},162,{"file":191,"line":300,"context":290},167,{"file":191,"line":302,"context":290},175,{"file":191,"line":304,"context":290},181,{"file":210,"line":294,"context":290},{"file":272,"line":211,"context":290},{"file":272,"line":308,"context":290},21,{"file":272,"line":289,"context":290},{"file":272,"line":311,"context":290},46,{"file":272,"line":313,"context":290},48,{"file":272,"line":315,"context":290},55,{"file":272,"line":317,"context":290},58,[],[320,337,373,391],{"entryPoint":321,"graph":322,"unsanitizedCount":110,"severity":40},"tarteaucitronForceLocale (tarteaucitron.php:116)",{"nodes":323,"edges":334},[324,329],{"id":325,"type":326,"label":327,"file":210,"line":328},"n0","source","$_SERVER",119,{"id":330,"type":331,"label":332,"file":210,"line":294,"wp_function":333},"n1","sink","echo() [XSS]","echo",[335],{"from":325,"to":330,"sanitized":336},false,{"entryPoint":338,"graph":339,"unsanitizedCount":28,"severity":55},"tarteaucitron_config_page (Admin.php:18)",{"nodes":340,"edges":367},[341,344,347,351,353,356,361,365],{"id":325,"type":326,"label":342,"file":191,"line":343},"$_POST['tarteaucitronEmail']",33,{"id":330,"type":331,"label":345,"file":191,"line":343,"wp_function":346},"update_option() [Settings Manipulation]","update_option",{"id":348,"type":326,"label":349,"file":191,"line":350},"n2","$_POST['tarteaucitronPass']",34,{"id":352,"type":331,"label":345,"file":191,"line":350,"wp_function":346},"n3",{"id":354,"type":326,"label":327,"file":191,"line":355},"n4",103,{"id":357,"type":331,"label":358,"file":191,"line":359,"wp_function":360},"n5","wp_remote_get() [SSRF]",104,"wp_remote_get",{"id":362,"type":326,"label":363,"file":191,"line":364},"n6","$_SERVER['SERVER_NAME']",150,{"id":366,"type":331,"label":332,"file":191,"line":296,"wp_function":333},"n7",[368,370,371,372],{"from":325,"to":330,"sanitized":369},true,{"from":348,"to":352,"sanitized":369},{"from":354,"to":357,"sanitized":369},{"from":362,"to":366,"sanitized":369},{"entryPoint":374,"graph":375,"unsanitizedCount":28,"severity":55},"\u003CAdmin> (Admin.php:0)",{"nodes":376,"edges":386},[377,378,379,380,381,383,384,385],{"id":325,"type":326,"label":342,"file":191,"line":343},{"id":330,"type":331,"label":345,"file":191,"line":343,"wp_function":346},{"id":348,"type":326,"label":349,"file":191,"line":350},{"id":352,"type":331,"label":345,"file":191,"line":350,"wp_function":346},{"id":354,"type":326,"label":382,"file":191,"line":355},"$_SERVER (x2)",{"id":357,"type":331,"label":358,"file":191,"line":359,"wp_function":360},{"id":362,"type":326,"label":363,"file":191,"line":364},{"id":366,"type":331,"label":332,"file":191,"line":296,"wp_function":333},[387,388,389,390],{"from":325,"to":330,"sanitized":369},{"from":348,"to":352,"sanitized":369},{"from":354,"to":357,"sanitized":369},{"from":362,"to":366,"sanitized":369},{"entryPoint":392,"graph":393,"unsanitizedCount":28,"severity":55},"\u003Ctarteaucitron> (tarteaucitron.php:0)",{"nodes":394,"edges":397},[395,396],{"id":325,"type":326,"label":327,"file":210,"line":328},{"id":330,"type":331,"label":332,"file":210,"line":294,"wp_function":333},[398],{"from":325,"to":330,"sanitized":369},{"summary":400,"deductions":401},"The \"tarteaucitronjs\" v1.31.0 plugin exhibits a mixed security posture. On the positive side, the static analysis reveals a very small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events, and importantly, all identified SQL queries utilize prepared statements. The presence of nonce and capability checks, though limited, is also a good sign. However, a significant concern arises from the output escaping, with only 19% of outputs being properly escaped. This low rate indicates a high potential for Cross-Site Scripting (XSS) vulnerabilities, which aligns with the plugin's vulnerability history.  Furthermore, the taint analysis shows one flow with unsanitized paths, which, while not classified as critical or high, still represents a potential security weakness that could be exploited. The plugin's vulnerability history, with 3 known CVEs including high and medium severity issues related to XSS and CSRF, reinforces the concerns about input sanitization and output escaping. The most recent vulnerability in 2025 suggests a continued pattern of such issues. While the current version has no unpatched vulnerabilities and a contained attack surface, the recurring nature of XSS and CSRF in its history, coupled with poor output escaping, warrants caution.",[402,405,407,409,411],{"reason":403,"points":404},"Low percentage of properly escaped output",15,{"reason":406,"points":182},"Taint flow with unsanitized paths",{"reason":408,"points":404},"Known high severity CVE in history",{"reason":410,"points":182},"Known medium severity CVE in history",{"reason":412,"points":413},"Recurring XSS and CSRF vulnerability types",8,"2026-03-16T17:42:00.886Z",{"wat":416,"direct":426},{"assetPaths":417,"generatorPatterns":420,"scriptPaths":421,"versionParams":423},[418,419],"\u002Fwp-content\u002Fplugins\u002Ftarteaucitronjs\u002Fcss\u002Fuser.css","\u002Fwp-content\u002Fplugins\u002Ftarteaucitronjs\u002Fcss\u002Fadmin-bar.min.css",[],[422],"https:\u002F\u002Fcdntag.tarteaucitron.io\u002Fload.js",[424,425],"tarteaucitronjs\u002Fcss\u002Fuser.css?ver=","tarteaucitronjs\u002Fcss\u002Fadmin-bar.min.css?ver=",{"cssClasses":427,"htmlComments":431,"htmlAttributes":433,"restEndpoints":440,"jsGlobals":441,"shortcodeOutput":443},[428,429,430],"youtube_player","vimeo_player","dailymotion_player",[432],"\u003C!--cloudflare-no-transform-->",[434,435,436,437,438,439],"videoID","theme","rel","controls","showinfo","autoplay",[],[442],"tarteaucitron.job",[]]