EPSS
Percentile
81.0%
Unauthenticated Arbitrary File Upload vulnerability leading to Remote Code Execution (RCE) discovered by Harald Eilertsen in WordPress Business Hours Pro plugin (versions <= 5.5.0).
No patched version is available. Deactivate and delete.
codecanyon.net/item/business-hours-pro-wordpress-plugin/9414879
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24240