Description
WordPress Plugin WP Datepicker is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently update arbitrary options. WordPress Plugin WP Datepicker version 2.1.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.1 or latest
References
Related Vulnerabilities
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-1133)
WordPress Plugin Visual Form Builder Cross-Site Scripting (3.0.3)
WordPress Plugin Email Verification for WooCommerce Unspecified Vulnerability (1.8.1)
Python Inefficient Regular Expression Complexity Vulnerability (CVE-2024-7592)