WordPress Plugin Vulnerabilities

WP Datepicker < 2.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

Description

The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdp_add_new_datepicker_ajax() function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update arbitrary options that can be used for privilege escalation. This was partially patched in 2.0.9 and 2.1.0, and fully patched in 2.1.1.

Affects Plugins

Plugin icon
wp-datepicker
Fixed in 2.1.1

References

CVE
CVE-2024-3895
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/45a42f20-a4d7-4c8e-a144-505a6723a2a0

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
8.8 (high)

Miscellaneous

Original Researcher
Lucio Sá
Verified
No
WPVDB ID
ed3e39f8-d738-4a81-9749-ec45b28d6baa

Timeline

Publicly Published
2024-04-23 (about 2 years ago)
Added
2024-04-23 (about 2 years ago)
Last Updated
2024-04-23 (about 2 years ago)

Other

Published
Title
Published
2024-03-07
Title
affiliate-toolkit – WordPress Affiliate Plugin < 3.5.5 - Missing Authorization via atkp_create_list
Published
2025-09-22
Title
VPSUForm < 3.2.21 - Missing Authorization
Published
2024-01-16
Title
SalesKing < 1.6.30 - Missing Authorization to Settings Change
Published
2024-04-22
Title
Secure Copy Content Protection and Content Locking < 3.7.2 - Missing Authorization
Published
2025-03-04
Title
Zass - WooCommerce Theme for Handmade Artists and Artisans <= 3.9.9.10 - Missing Authorization to Authenticated (Subscriber+) Demo Import