Wp Datepicker@* Security Vulnerabilities and Issues — Wp Datepicker@* CVE List

Lucene search

AndroidbubblesWp Datepicker*

4 matches found

CVE•added 2024/05/02 5:15 p.m.•47 views

CVE-2024-3895

The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdp_add_new_datepicker_ajax() function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber-level access an...

8.8CVSS6.5AI score0.00203EPSS

CVE•added 2024/12/24 9:15 a.m.•38 views

CVE-2024-12468

The WP Datepicker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpdp_get_selected_datepicker' parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inj...

6.1CVSS6.5AI score0.00324EPSS

CVE•added 2024/11/01 3:15 p.m.•36 views

CVE-2024-47321

Missing Authorization vulnerability in Fahad Mahmood WP Datepicker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Datepicker: from n/a through 2.1.1.

9.8CVSS7.2AI score0.00217EPSS

CVE•added 2024/10/06 12:15 p.m.•35 views

CVE-2024-44042

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Datepicker allows Stored XSS.This issue affects WP Datepicker: from n/a through 2.1.1.

5.9CVSS6.1AI score0.00073EPSS