Termageddon: Cookie Consent & Privacy Compliance Security & Risk Analysis

wordpress.org/plugins/termageddon-usercentrics

The most comprehensive cookie consent solution for WordPress. Automatically show consent banners based on visitor location with smart geolocation targ …

6K active installs v1.9.6 PHP 7.2+ WP 5.0+ Updated Apr 6, 2026
ccpacookie-consentcpragdprprivacy
99
A · Safe
CVEs total1
Unpatched0
Last CVESep 22, 2025
Download
Safety Verdict

Is Termageddon: Cookie Consent & Privacy Compliance Safe to Use in 2026?

Generally Safe

Score 99/100

Termageddon: Cookie Consent & Privacy Compliance has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Sep 22, 2025Updated 3mo ago
Risk Assessment

The termageddon-usercentrics plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and has a relatively high percentage of properly escaped output. The absence of critical or high severity taint flows and dangerous functions is also encouraging. However, a significant concern arises from the attack surface, with 4 out of 5 entry points lacking authentication checks. This presents a considerable risk for unauthorized actions or data manipulation.

Key Concerns

  • Unprotected AJAX handlers
  • Medium severity vulnerability history
  • Moderate output escaping issues
Vulnerabilities
1 published

Termageddon: Cookie Consent & Privacy Compliance Security Vulnerabilities

CVEs by Year

1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-58026medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Termageddon: Cookie Consent & Privacy Compliance <= 1.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Sep 22, 2025 Patched in 1.8.2 (5d)
Version History

Termageddon: Cookie Consent & Privacy Compliance Release Timeline

v1.9.6Current
v1.9.5
v1.9.4
v1.9.3
v1.9.2
v1.9.1
v1.9.0
v1.8.2
v1.8.11 CVE
v1.8.01 CVE
v1.7.21 CVE
v1.7.11 CVE
v1.7.01 CVE
v1.6.21 CVE
v1.6.11 CVE
v1.6.01 CVE
v1.5.41 CVE
v1.5.21 CVE
v1.5.11 CVE
v1.5.01 CVE
Code Analysis
Analyzed Mar 16, 2026

Termageddon: Cookie Consent & Privacy Compliance Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
28
98 escaped
Nonce Checks
1
Capability Checks
4
File Operations
3
External Requests
1
Bundled Libraries
0

Output Escaping

78% escaped126 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

1 flows
<class-termageddon-usercentrics-admin> (admin\class-termageddon-usercentrics-admin.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

Termageddon: Cookie Consent & Privacy Compliance Attack Surface

Entry Points5
Unprotected4

AJAX Handlers 4

authwp_ajax_uc_geolocation_lookupincludes\class-termageddon-usercentrics.php:353
noprivwp_ajax_uc_geolocation_lookupincludes\class-termageddon-usercentrics.php:354
authwp_ajax_uc_geolocation_lookupincludes\class-termageddon-usercentrics.php:374
noprivwp_ajax_uc_geolocation_lookupincludes\class-termageddon-usercentrics.php:375

Shortcodes 1

[uc-privacysettings] includes\class-termageddon-usercentrics.php:289
WordPress Hooks 15
actionadmin_enqueue_scriptsadmin\class-termageddon-usercentrics-admin.php:167
filtercron_schedulesincludes\class-termageddon-usercentrics.php:277
filterquery_varsincludes\class-termageddon-usercentrics.php:280
actiontermageddon_usercentrics_maxmind_downloadincludes\class-termageddon-usercentrics.php:286
actionadmin_enqueue_scriptsincludes\class-termageddon-usercentrics.php:344
actionadmin_menuincludes\class-termageddon-usercentrics.php:348
actionadmin_initincludes\class-termageddon-usercentrics.php:350
actionwp_enqueue_scriptsincludes\class-termageddon-usercentrics.php:368
actioninitincludes\class-termageddon-usercentrics.php:371
actionwp_headincludes\class-termageddon-usercentrics.php:378
actionwp_footerincludes\class-termageddon-usercentrics.php:386
actionwp_enqueue_scriptsincludes\class-termageddon-usercentrics.php:394
filterscript_loader_tagincludes\class-termageddon-usercentrics.php:401
actionwp_footerpublic\class-termageddon-usercentrics-public.php:91
actioninittermageddon-usercentrics.php:99

Scheduled Events 1

termageddon_usercentrics_maxmind_download
Maintenance & Trust

Termageddon: Cookie Consent & Privacy Compliance Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 6, 2026
PHP min version7.2
Downloads124K

Community Trust

Rating100/100
Number of ratings4
Active installs6K
Developer Profile

Termageddon: Cookie Consent & Privacy Compliance Developer Profile

termageddon

2 plugins · 6K total installs

94
trust score
Avg Security Score
92/100
Avg Patch Time
5 days
View full developer profile
Detection Fingerprints

How We Detect Termageddon: Cookie Consent & Privacy Compliance

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/termageddon-usercentrics/admin/css/termageddon-usercentrics-admin.min.css/wp-content/plugins/termageddon-usercentrics/admin/js/termageddon-usercentrics-admin.min.js
Version Parameters
termageddon-usercentrics-admin.min.css?ver=termageddon-usercentrics-admin.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
termageddon-multiselecttermageddon-singleselect
Data Attributes
data-termageddon-id
JS Globals
Termageddon_Usercentrics
Shortcode Output
[termageddon_consent]
FAQ

Frequently Asked Questions about Termageddon: Cookie Consent & Privacy Compliance