CVE-2021-24523

Daily Prayer Time < 2021.08.10 - Authenticated Stored XSS

EPSS 0.6%CWE-79

The Daily Prayer Time WordPress plugin before 2021.08.10 does not sanitise or escape some of its settings before outputting them in the page, leading to Authenticated Stored Cross-Site Scripting issues.

Affected products

Unknown · Daily Prayer Time

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://wpscan.com/vulnerability/832fe086-1d33-430b-bdb5-e444761576b2