132 matches found
WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP jQuery Persian Datepicker versions = 0.1.0...
CVE-2025-28861
Cross-Site Request Forgery CSRF vulnerability in bhzad WP jQuery Persian Datepicker allows Stored XSS. This issue affects WP jQuery Persian Datepicker: from n/a through 0.1.0...
CVE-2025-28861
Cross-Site Request Forgery CSRF vulnerability in bhzad WP jQuery Persian Datepicker wpjqp-datepicker allows Stored XSS.This issue affects WP jQuery Persian Datepicker: from n/a through = 0.1.0...
CVE-2025-28861 WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in bhzad WP jQuery Persian Datepicker wpjqp-datepicker allows Stored XSS.This issue affects WP jQuery Persian Datepicker: from n/a through = 0.1.0...
CVE-2025-28861
CVE-2025-28861 is a CSRF-to-stored XSS vulnerability in the WordPress plugin WP jQuery Persian Datepicker (versions
CVE-2025-28861 WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in bhzad WP jQuery Persian Datepicker wpjqp-datepicker allows Stored XSS.This issue affects WP jQuery Persian Datepicker: from n/a through = 0.1.0...
WordPress plugin WP jQuery Persian Datepicker 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site request...
CVE-2024-3895
The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdpaddnewdatepickerajax function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber-level access and...
CVE-2024-12468
The WP Datepicker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpdpgetselecteddatepicker' parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...
CVE-2024-12468
The WP Datepicker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpdpgetselecteddatepicker' parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...
CVE-2024-12468 WP Datepicker <= 2.1.4 - Reflected Cross-Site Scripting
The WP Datepicker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpdpgetselecteddatepicker' parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...
CVE-2024-12468 WP Datepicker <= 2.1.4 - Reflected Cross-Site Scripting
The WP Datepicker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpdpgetselecteddatepicker' parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...
CVE-2024-12468
CVE-2024-12468 — WP Datepicker (WordPress) is a Reflected Cross-Site Scripting vulnerability in the WP Datepicker plugin via the wpdp_get_selected_datepicker parameter. It affects all versions up to 2.1.4 due to insufficient input sanitization and output escaping. The weakness allows unauthentica...
WordPress plugin WP Datepicker 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...
PT-2024-17607 · WordPress · Wp Datepicker
Name of the Vulnerable Software and Affected Versions: WP Datepicker plugin for WordPress versions up to, and including, 2.1.4 Description: The issue is related to Reflected Cross-Site Scripting via the wpdp get selected datepicker parameter due to insufficient input sanitization and output...
CVE-2024-47321
Missing Authorization vulnerability in Fahad Mahmood WP Datepicker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Datepicker: from n/a through 2.1.1...
CVE-2024-47321
Missing Authorization vulnerability in Fahad Mahmood WP Datepicker wp-datepicker.This issue affects WP Datepicker: from n/a through = 2.1.1...
CVE-2024-47321 WordPress WP Datepicker plugin <= 2.1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Fahad Mahmood WP Datepicker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Datepicker: from n/a through 2.1.1...
WordPress plugin WP Datepicker 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
Malicious code in ui-datepicker-week-end (npm)
--- -= Per source details. Do not edit below this line.=-...