Medium 4.3
2026-02-19< 4.6.5
CVE-2026-25407
Cookiebot by Usercentrics – Automatic Cookie Banner for GDPR/CCPA & Google Consent Mode
Minimum safe version
4.6.5
Update to 4.6.5 or later to address 7 fixable vulnerabilities
Latest available4.7.0 ✓
Medium 4.3
2025-06-27< 4.5.9
CVE-2025-53197
Medium 4.3
2025-03-06< 4.4.2
WordPress Cookiebot Plugin <= 4.4.1 is vulnerable to Broken Access Control
N/A
2020-09-08< 3.6.1
Cookiebot | GDPR/CCPA Compliant Cookie Consent and Control <= 3.6.0 - Reflected Cross-Site Scripting
N/A
< 3.6.1
Cookiebot < 3.6.1 - Authenticated Reflected Cross-Site Scripting (XSS)
N/A
< 3.6.1
Cookiebot < 3.6.1 - CSRF & XSS
N/A
2020-09-09< 3.6.1
WordPress Cookiebot plugin <= 3.6.0 - Reflected Cross-Site Scripting (XSS) vulnerability