Description
WordPress Plugin WP Datepicker is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently update arbitrary options. WordPress Plugin WP Datepicker version 2.1.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.1 or latest
References
Related Vulnerabilities
WordPress Plugin Shantz WordPress QOTD Cross-Site Request Forgery (1.2.2)
Oracle Application Server CVE-2007-5517 Vulnerability (CVE-2007-5517)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29212)
WordPress Plugin Rate my Post-WP Rating System Cross-Site Scripting (3.3.8)