CVE-2022-4752

The Opening Hours WordPress plugin through 2.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2022-4752

The Opening Hours WordPress plugin through 2.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2022-4752

The CVE-2022-4752 entry concerns the WordPress plugin Opening Hours (

CVE-2022-4752 Opening Hours <= 2.3.0 - Contributor+ Stored XSS via Shortcode

The Opening Hours WordPress plugin through 2.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress Plugin Opening Hours 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

WordPress Opening Hours Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Opening Hours Type Plugin Vulnerable versions = 2.3.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ba2ed69ebc49 Credits Unknown Required privilege Administrat...

WordPress Opening Hours Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Opening Hours Type Plugin Vulnerable versions = 2.3.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4752 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f20861b9bf46 Credits István Márton Required...

Drupal Opening Hours Module Cross-Site Scripting Vulnerability

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community. opening hours is one of the modules used to find stores or libraries that are open at a certain time. A cross-site scripting vulnerability exists in the Drupal Opening Hours module in...

Opening hours - Moderately Critical - XSS - SA-CONTRIB-2016-031

This module enables you to enter opening hours for locations in a highly detailed way. The module doesn't sufficiently escape input data from user input. This vulnerability is mitigated by the fact that an attacker must be able to edit opening hours by having a role with the permission “Edit...