The cookie-cat plugin on WordPress has recently been reviewed. It appears there are some issues to address with regards to unauthorized passing of cookie information from the client website to the cookie-cat server. We are working to resolve these issues.
A review of version 1.1 of the plugin, released June 2012, has just been performed.
The plugin has been marked with
This plugin is closed and is not visible to the public.
Only the plugin author and approved users of wordpress.org can see this message.
The issue is over the information that is passed from your server to the cookie-cat server.
- When using oik options > cookie cat you can choose to use the Load XML button to load an XML file that may contain a better mapping of cookies that are used by the active plugins in your site than the default file.
- The information that is passed to the server includes a list of the currently active cookie names, not content.
- The review suggests that this information can’t be passed unless it has been specifically authorised.
- We have asked what changes we need to make in order for the review to be passed and the plugin re-opened.
- Please note that the information that is passed to the cookie-cat server is held privately and only used to assist detection of plugins (and other code) that makes use of cookies.
- If you have used the cookie-cat plugin and are concerned with the information that is held please contact us. Contact cookie-cat
It’s a little ironic don’t you think?
According to the EU cookie law your website must tell site visitors what cookies it might be using but your website server is not allowed to tell another server what it's actually using unless it has your permission.