Does wCookie have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is wCookie compatible with WordPress 6.9.4?

According to WordPress.org data, wCookie 1.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is wCookie compatible with PHP 7.4+?

wCookie requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is wCookie updated?

wCookie was last updated on Mar 20, 2026. Frequent updates are generally a positive security signal.

What is wCookie's security score?

wCookie has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

wCookie Security & Risk Analysis

wordpress.org/plugins/wcookie

Display a customizable cookie notice with flexible positions, HTML support, and responsive design.

0 active installs v1.0 PHP 7.4+ WP 5.0+ Updated Mar 20, 2026

consentcookiecookie-noticegdprprivacy

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is wCookie Safe to Use in 2026?

Generally Safe

Score 100/100

wCookie has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "wcookie" v1.1 plugin exhibits a generally strong security posture based on the provided static analysis. There are no identified dangerous functions, SQL queries are exclusively handled with prepared statements, and there are no file operations or external HTTP requests, all of which are excellent practices. The presence of a nonce check is also a positive indicator. However, a significant concern is the relatively low percentage of properly escaped output (45%). This means a substantial portion of user-facing data within the plugin might not be adequately sanitized, potentially leading to Cross-Site Scripting (XSS) vulnerabilities if user-controlled data is displayed without proper escaping.

The plugin has no recorded vulnerability history, which is a positive sign suggesting a track record of security. Combined with the absence of critical or high-severity issues in the taint analysis and the limited attack surface identified, this paints a picture of a plugin that, thus far, has been developed with security in mind. The primary weakness lies in the output escaping, which requires attention to mitigate potential XSS risks.

Key Concerns

Low output escaping percentage

Vulnerabilities

None known

wCookie Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

wCookie Release Timeline

v1.0Current

Code Analysis

Analyzed Apr 16, 2026

wCookie Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

10 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

45% escaped22 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

wcookie_cookieConfigurationSave (wcookie.php:118)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

wCookie Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionwp_footerwcookie.php:29

actionadmin_enqueue_scriptswcookie.php:85

actionwp_enqueue_scriptswcookie.php:92

actionadmin_menuwcookie.php:108

actionadmin_post_cookie_configurationwcookie.php:114

Maintenance & Trust

wCookie Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 20, 2026

PHP min version7.4

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

wCookie Alternatives

Complianz – GDPR/CCPA Cookie Consent

complianz-gdpr

Configure your Cookie Banner, Cookie Consent and Cookie Policy with our Wizard and Cookies Scan.

1.0M 11 CVEs

Cookiebot by Usercentrics – Automatic Cookie Banner for GDPR/CCPA & Google Consent Mode

cookiebot

Install your cookie banner in minutes. Automatically scan and block cookies to comply with the GDPR, CCPA, Google Consent Mode v2. Free plan option.

100K 4 CVEs

Simple GDPR Cookie Compliance

simple-gdpr-cookie-compliance

Simple GDPR Cookie Compliance is a simple plugin that helps to display cookie notice on your WordPress website.

5K 1 CVE

Mini WP GDPR

mini-wp-gdpr

100

A lightweight and easy-to-use tool to help you with your GDPR compliance tasks.

100 No CVEs

Icegram Cookie Manager – Simple Cookie Consent & Compliance Banner

icegram-cookie-manager

100

Add personalized cookie information and link to your WordPress privacy policy page.

0 No CVEs

Developer Profile

wCookie Developer Profile

Joomla Service Provider

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect wCookie

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wcookie/css/wcookie.css

Script Paths

/wp-content/plugins/wcookie/js/wcookie.js

HTML / DOM Fingerprints

CSS Classes

cookie_containercookie_container_topcookie_container_bottomcookie_container_leftcookie_container_rightcookie_container_floatingcookie_container_roundedcookie_btn+2 more

Data Attributes

onclick="wcookie_set_wCookie();"

JS Globals

wcookie_set_wCookie

FAQ