CVE-2023-5991

CRITICAL NUCLEI

Motopress Hotel Booking Lite < 4.8.5 - Path Traversal

Title source: rule

Description

The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server

Exploits (1)

github WORKING POC 4 stars

by halilkirazkaya · poc

https://github.com/halilkirazkaya/cve-poc-garage/tree/main/2023/CVE-2023-5991.md

View Code ZIP pw:eip

Nuclei Templates (1)

Hotel Booking Lite < 4.8.5 - Arbitrary File Download & Deletion

CRITICALVERIFIEDby s4e-io

Shodan: http.html:/wp-content/plugins/motopress-hotel-booking

FOFA: body=/wp-content/plugins/motopress-hotel-booking

References (1)

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/e9d35e36-1e60-4483-b8b3-5cbf08fcd49e

Scores

CVSS v3 9.8

EPSS 0.7832

EPSS Percentile 99.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-22

Status published

Products (1)

motopress/hotel_booking_lite < 4.8.5

Published Dec 26, 2023

Tracked Since Feb 18, 2026