Julio

**Name of the Vulnerable Software and Affected Versions** tarteaucitron.js – Cookies legislation & GDPR WordPress plugin versions <= 1.5.4 **Description** A Cross-Site Request Forgery (CSRF) issue has been found, which can lead to Cross-Site Scripting (XSS). The `tarteaucitronEmail` and `tarteaucitronPass` parameters are vulnerable. **Recommendations** For versions <= 1.5.4, update to a version greater than 1.5.4 to resolve the issue. As a temporary workaround, consider restricting access to the parameters `tarteaucitronEmail` and `tarteaucitronPass` to minimize the risk of exploitation.