CVE-2024-47321

Missing Authorization vulnerability in Fahad Mahmood WP Datepicker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Datepicker: from n/a through 2.1.1...

CVE-2024-44042

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Fahad Mahmood WP Datepicker allows Stored XSS.This issue affects WP Datepicker: from n/a through 2.1.1...

WordPress WP Datepicker plugin <= 2.1.0 - Authenticated (Subscriber+) Arbitrary Options Update to Privilege Escalation vulnerability

Authenticated Subscriber+ Arbitrary Options Update to Privilege Escalation vulnerability discovered by Lucio Sá in WordPress Plugin WP Datepicker versions = 2.1.0...