Lucene search
K

132 matches found

Patchstack
Patchstack
added 2025/03/11 9:40 p.m.10 views

WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP jQuery Persian Datepicker versions = 0.1.0...

7.1CVSS8.2AI score0.00143EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/03/11 9:15 p.m.8 views

CVE-2025-28861

Cross-Site Request Forgery CSRF vulnerability in bhzad WP jQuery Persian Datepicker allows Stored XSS. This issue affects WP jQuery Persian Datepicker: from n/a through 0.1.0...

6.1CVSS5.8AI score0.00143EPSS
Exploits0References1
NVD
NVD
added 2025/03/11 9:15 p.m.10 views

CVE-2025-28861

Cross-Site Request Forgery CSRF vulnerability in bhzad WP jQuery Persian Datepicker wpjqp-datepicker allows Stored XSS.This issue affects WP jQuery Persian Datepicker: from n/a through = 0.1.0...

7.1CVSS0.00143EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/11 9:0 p.m.16 views

CVE-2025-28861 WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in bhzad WP jQuery Persian Datepicker wpjqp-datepicker allows Stored XSS.This issue affects WP jQuery Persian Datepicker: from n/a through = 0.1.0...

7.1CVSS0.00143EPSS
Exploits0References1
CVE
CVE
added 2025/03/11 9:0 p.m.58 views

CVE-2025-28861

CVE-2025-28861 is a CSRF-to-stored XSS vulnerability in the WordPress plugin WP jQuery Persian Datepicker (versions

7.1CVSS7.2AI score0.00143EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/11 9:0 p.m.8 views

CVE-2025-28861 WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in bhzad WP jQuery Persian Datepicker wpjqp-datepicker allows Stored XSS.This issue affects WP jQuery Persian Datepicker: from n/a through = 0.1.0...

7.1CVSS8.6AI score0.00143EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.4 views

WordPress plugin WP jQuery Persian Datepicker 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site request...

7.1CVSS8.4AI score0.00143EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 10:6 a.m.7 views

CVE-2024-3895

The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdpaddnewdatepickerajax function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS6.5AI score0.00911EPSS
Exploits0References1
NVD
NVD
added 2024/12/24 9:15 a.m.11 views

CVE-2024-12468

The WP Datepicker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpdpgetselecteddatepicker' parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

6.1CVSS0.00457EPSS
Exploits0References17
OSV
OSV
added 2024/12/24 9:15 a.m.4 views

CVE-2024-12468

The WP Datepicker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpdpgetselecteddatepicker' parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

6.1CVSS6AI score0.00457EPSS
Exploits0References17
Vulnrichment
Vulnrichment
added 2024/12/24 8:22 a.m.13 views

CVE-2024-12468 WP Datepicker <= 2.1.4 - Reflected Cross-Site Scripting

The WP Datepicker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpdpgetselecteddatepicker' parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

6.1CVSS6.4AI score0.00457EPSS
Exploits0References17
Cvelist
Cvelist
added 2024/12/24 8:22 a.m.17 views

CVE-2024-12468 WP Datepicker <= 2.1.4 - Reflected Cross-Site Scripting

The WP Datepicker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpdpgetselecteddatepicker' parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

6.1CVSS0.00457EPSS
Exploits0References17
CVE
CVE
added 2024/12/24 8:22 a.m.58 views

CVE-2024-12468

CVE-2024-12468 — WP Datepicker (WordPress) is a Reflected Cross-Site Scripting vulnerability in the WP Datepicker plugin via the wpdp_get_selected_datepicker parameter. It affects all versions up to 2.1.4 due to insufficient input sanitization and output escaping. The weakness allows unauthentica...

6.1CVSS6.5AI score0.00457EPSS
Exploits0References17Affected Software1
CNNVD
CNNVD
added 2024/12/24 12:0 a.m.4 views

WordPress plugin WP Datepicker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

6.1CVSS7.7AI score0.00457EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2024/12/24 12:0 a.m.8 views

PT-2024-17607 · WordPress · Wp Datepicker

Name of the Vulnerable Software and Affected Versions: WP Datepicker plugin for WordPress versions up to, and including, 2.1.4 Description: The issue is related to Reflected Cross-Site Scripting via the wpdp get selected datepicker parameter due to insufficient input sanitization and output...

6.1CVSS8.7AI score0.00457EPSS
Exploits0References23
OSV
OSV
added 2024/11/01 3:15 p.m.5 views

CVE-2024-47321

Missing Authorization vulnerability in Fahad Mahmood WP Datepicker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Datepicker: from n/a through 2.1.1...

9.8CVSS5.8AI score0.00404EPSS
Exploits0References1
NVD
NVD
added 2024/11/01 3:15 p.m.35 views

CVE-2024-47321

Missing Authorization vulnerability in Fahad Mahmood WP Datepicker wp-datepicker.This issue affects WP Datepicker: from n/a through = 2.1.1...

9.8CVSS0.00404EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/01 2:17 p.m.11 views

CVE-2024-47321 WordPress WP Datepicker plugin <= 2.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Fahad Mahmood WP Datepicker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Datepicker: from n/a through 2.1.1...

6.5CVSS6.5AI score0.00404EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.4 views

WordPress plugin WP Datepicker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS6.6AI score0.00404EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/16 1:27 p.m.4 views

Malicious code in ui-datepicker-week-end (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Rows per page
Query Builder