Description
WordPress Plugin WP Datepicker is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently update arbitrary options. WordPress Plugin WP Datepicker version 2.1.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.1 or latest
References
Related Vulnerabilities
WordPress Plugin VIDEO GALLERY 'upload1.php' Arbitrary File Upload (1.3)
WordPress Plugin PowerPress Podcasting by Blubrry Cross-Site Scripting (10.0.1)
WordPress Plugin Malware Scanner Privilege Escalation (4.7.2)
WordPress Plugin WP-Lister Lite for Amazon Directory Traversal (0.9.6.35)
WordPress Plugin WP-PostRatings '[ratings]' Shortcode SQL Injection (1.61)