Business Open Hours Master Security & Risk Analysis
wordpress.org/plugins/business-open-hours-masterCreates an easy to manage list of open and closing business hours.
Is Business Open Hours Master Safe to Use in 2026?
Generally Safe
Score 85/100Business Open Hours Master has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "business-open-hours-master" v1.0.0 plugin exhibits a mixed security posture. On the positive side, it has no known vulnerabilities or CVEs, and it utilizes prepared statements for all SQL queries, indicating good database security practices. The attack surface is also limited, with only one shortcode identified and no AJAX handlers or REST API routes present in the static analysis results. However, there are significant concerns regarding output escaping and data sanitization. The static analysis reveals that 0% of the four total output instances are properly escaped, posing a risk of Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the taint analysis identified one flow with unsanitized paths, which, while not classified as critical or high severity in this instance, points to potential weaknesses in how data is handled. The complete absence of nonce checks and capability checks, coupled with the lack of authentication on the identified entry points (though the count is low), amplifies the risk associated with unescaped output and unsanitized data.
Key Concerns
- Unescaped output
- Taint flow with unsanitized path
- Missing nonce checks
- Missing capability checks
Business Open Hours Master Security Vulnerabilities
Business Open Hours Master Code Analysis
Output Escaping
Data Flow Analysis
Business Open Hours Master Attack Surface
Shortcodes 1
WordPress Hooks 9
Maintenance & Trust
Business Open Hours Master Maintenance & Trust
Maintenance Signals
Community Trust
Business Open Hours Master Alternatives
We’re Open!
opening-hours
Opening hours for your business, a joy to manage and highly customizable. Conditional excerpts; conditional/replacement text; Structured Data for SEO.
Business Hours Indicator
business-hours-indicator
Display opening hours and if you're currently open/closed, with countdown to next opening. Show or hide content only when open/closed & more!
Tap Chat
tap-chat
Lightweight WhatsApp chat button with welcome bubble, working hours, page controls. GDPR-friendly, no tracking.
Better Business Hours
better-business-hours
Easily set and display your business hours. A shortcode and widget are included so you can put it anywhere on your site.
WP Crontrol Hours
crontrol-hours
Take control of your CRON jobs by restricting them to your website's low traffic hours.
Business Open Hours Master Developer Profile
7 plugins · 460 total installs
How We Detect Business Open Hours Master
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/business-open-hours-master/css/business-open-hours-master-admin.css/wp-content/plugins/business-open-hours-master/css/jquery.ui.timepicker.css/wp-content/plugins/business-open-hours-master/js/business-open-hours-master-admin.js/wp-content/plugins/business-open-hours-master/js/jquery.ui.timepicker.js/wp-content/plugins/business-open-hours-master/assets/admin-icon.png/wp-content/plugins/business-open-hours-master/js/business-open-hours-master-admin.js/wp-content/plugins/business-open-hours-master/js/jquery.ui.timepicker.jsbusiness-open-hours-master/css/business-open-hours-master-admin.css?ver=business-open-hours-master/css/jquery.ui.timepicker.css?ver=business-open-hours-master/js/business-open-hours-master-admin.js?ver=business-open-hours-master/js/jquery.ui.timepicker.js?ver=HTML / DOM Fingerprints
ch_warningdata-bohm-idbohm_admin_localized