CVE-2023-5991

CRITICAL NUCLEI

Hotel Booking Lite < 4.8.5 - Unauthenticated Path Traversal and Arbitrary File Deletion

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-5991. PoCs published by halilkirazkaya. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository contains functional exploit code for multiple CVEs, including CVE-2023-5991, demonstrating vulnerabilities such as remote file inclusion, path traversal, and unauthorized file deletion. Each PoC includes HTTP requests or commands to exploit the respective vulnerabilities.

Description

The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server

Exploits (1)

github WORKING POC 4 stars

by halilkirazkaya · poc

https://github.com/halilkirazkaya/cve-poc-garage/tree/main/2023/CVE-2023-5991.md

View Code ZIP pw:eip

The repository contains functional exploit code for multiple CVEs, including CVE-2023-5991, demonstrating vulnerabilities such as remote file inclusion, path traversal, and unauthorized file deletion. Each PoC includes HTTP requests or commands to exploit the respective vulnerabilities.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Various (WordPress plugins, QNAP Photo Station, IBM Data Risk Manager, etc.)

No auth needed

Prerequisites: Network access to the target system · Specific software versions as listed in the PoCs

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 27, 2026 Full analysis →

Nuclei Templates (1)

Hotel Booking Lite < 4.8.5 - Arbitrary File Download & Deletion

CRITICALVERIFIEDby s4e-io

Shodan: http.html:/wp-content/plugins/motopress-hotel-booking

FOFA: body=/wp-content/plugins/motopress-hotel-booking

References (1)

Core 1

Core References

Exploit, Third Party Advisory exploit vdb-entry technical-description

https://wpscan.com/vulnerability/e9d35e36-1e60-4483-b8b3-5cbf08fcd49e

Scores

CVSS v3 9.8

EPSS 0.0331

EPSS Percentile 87.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-22

Status published

Products (1)

motopress/hotel_booking_lite < 4.8.5

Published Dec 26, 2023

Tracked Since Feb 18, 2026