RSS   Vulnerabilities for 'Business hours indicator'   RSS

2021-08-30
 
CVE-2021-24593

CWE-79
 

 
The Business Hours Indicator WordPress plugin before 2.3.5 does not sanitise or escape its 'Now closed message" setting when outputting it in the backend and frontend, leading to an Authenticated Stored Cross-Site Scripting issue

 


Copyright 2024, cxsecurity.com

 

Back to Top