Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 10:6 a.m.9 views

CVE-2024-3895

The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdpaddnewdatepickerajax function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS6.5AI score0.00911EPSS
Exploits0References1
NVD
NVD
added 2024/05/02 5:15 p.m.20 views

CVE-2024-3895

The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdpaddnewdatepickerajax function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS8.4AI score0.00911EPSS
Exploits0References4
CVE
CVE
added 2024/05/02 4:52 p.m.72 views

CVE-2024-3895

The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in wpdp_add_new_datepicker_ajax() across all versions up to 2.1.0. Authenticated attackers with subscriber-level access and above can update arbitrary options that may lead ...

8.8CVSS6.5AI score0.00911EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/04/24 12:0 a.m.12 views

WordPress WP Datepicker Plugin <= 2.1.0 is vulnerable to Privilege Escalation

Software WP Datepicker Type Plugin Vulnerable versions = 2.1.0 Fixed in 2.1.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-3895 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 9dd2e88f0ed7 Credits Lucio Sá...

8.8CVSS6.8AI score0.00911EPSS
Exploits0References3Affected Software1
Wordfence Blog
Wordfence Blog
added 2024/04/23 3:0 p.m.23 views

$493 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in WP Datepicker WordPress Plugin

🎉 Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On April 14th, 2024, during our Bug Extravaganza, we received a...

6.5CVSS6.8AI score0.00911EPSS
Exploits0
Rows per page
Query Builder