If you or someone you know is using the Contact Form 7 Datepicker plugin, take note that Wordfence discovered a stored Cross-Site Scripting (XSS) vulnerability in the plugin, which appears to be installed on over 100,000 sites. To be clear, Contact Form 7 itself is not affected by this vulnerability, but if you do have this additional plugin extension, you may want to remove it from your site(s).
