CVE-2021-24593
Business Hours Indicator < 2.3.5 - Authenticated Stored XSS
The Business Hours Indicator WordPress plugin before 2.3.5 does not sanitise or escape its 'Now closed message" setting when outputting it in the backend and frontend, leading to an Authenticated Stored Cross-Site Scripting issue
Affected products
Unknown · Business Hours IndicatorWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →