Security Advisory

CVE-2025-14061

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-17 06:36:58
Last updated 2026-04-08 17:04:48
Assigner Wordfence
State PUBLISHED

Description

The Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the gdpr_delete_policy_data function in all versions up to, and including, 4.0.7. This makes it possible for unauthenticated attackers to permanently delete arbitrary posts, pages, attachments, and other post types by ID.