CVE-2023-5991
Hotel Booking Lite < 4.8.5 - Unauthenticated Arbitrary File Download & Deletion
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server
El complemento Hotel Booking Lite WordPress anterior a 4.8.5 no valida las rutas de archivos proporcionadas a través de la entrada del usuario, y tampoco tiene CSRF ni controles de autorización adecuados, lo que permite a usuarios no autenticados descargar y eliminar archivos arbitrarios en el servidor.
The Hotel Booking Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the maybeDownload() function and insufficient path validation in all versions up to 4.8.5 (exclusive). This makes it possible for unauthenticated to retrieve and delete arbitrary files which can be leveraged for remote code execution.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-11-07 CVE Reserved
- 2023-12-01 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://wpscan.com/vulnerability/e9d35e36-1e60-4483-b8b3-5cbf08fcd49e | 2024-08-02 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Motopress Search vendor "Motopress" | Hotel Booking Lite Search vendor "Motopress" for product "Hotel Booking Lite" | < 4.8.5 Search vendor "Motopress" for product "Hotel Booking Lite" and version " < 4.8.5" | wordpress |
Affected
|