Question about a certain cookie


I have found this cookie: “wp_cerber_vtab_activeundefined”

Could you please let me know, for my cookie declaration, what is the expiration date, what is the exact function and whether the purpose is “functional”, “preference” or “statistics”?

I have set that Cerber cookies get the prefix “technicallynecessarybycerber”, so I know that it is not a problem with them, I just explaind that there would be many like that on my website and gave all the necessary information. But this cookie did not automatically receive the prefix, and I could not find any information about it, neither in nor elsewhere nline.

I would appreciate very much if you could give me these information and thank you in advance!

By the way, I wanted to name the cookie in the title of this post, but its name was, according to the forum system, “too long”…


This is not a cookie. It’s a piece of data stored in the browser’s local storage. It is used in the WP Cerber admin UI and contains the ID of the last opened tab in some WP Cerber settings. For instance, it is used on the “User Policies” admin page.

The most important difference between data stored in a browser’s local storage and cookies is that cookies are automatically included with every HTTP request to their corresponding domain, making them useful for authentication and maintaining user session states. In contrast, local storage data is purely client-side, must be explicitly accessed via JavaScript, and can be sent to the server in the body of requests if needed.

Hi Garry, Thank you for your reply.

It showed up in Complianz under cookies. Thank you for explaining it to me.

However, the use of local storage must also find consideration in one’s privacy and / or cookie policy, I believe. So am I correct to assume that that information will stay there until the Cache is cleaned by the user? Or how long will it?

And may I ask what the function / purpose of that is? Why is it necessary to store something like that in the user’s browser? Is it technically necessary? If not, would it not be necessary to get consent first - and how could that be done, if it was not a cookie and therefore perhaps not covered by cookie consent solutions (or is it, as Complianz seems to treat it as one?)?

In some countries, storing something like this without consent might really be an issue, so where possible I think trying to avoid it is best?

Edit: Actually, as I am the only administrator and you said it is for the administrative UI, I do not need to name it in my privacy documents. However, those who enable access to others, might still have to declare it, perhaps.