Hotel Booking Lite
Approved changes feed: RSS · Atom
cpe:2.3:a:motopress:hotel_booking_lite:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Motopress (6d317652-94c4-5c1f-ac88-5ca1ba2616b8) |
|---|---|
| Product | Hotel Booking Lite (f435259f-4bac-5250-b89e-e81a072c8699) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-5991 |
vulnerable | 2026-06-08 06:19:45.352787 |
Hotel Booking Lite < 4.8.5 - Unauthenticated Arbitrary File Download & Deletion
The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server
Published: 2023-12-26T18:33:14.275Z
Updated: 2024-08-02T08:14:25.157Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28498 |
vulnerable | 2026-06-08 06:01:10.990363 |
WordPress Hotel Booking Lite Plugin <= 4.6.0 is vulnerable to Cross Site Request Forgery (CSRF)
MEDIUM (4.3)
Cross-Site Request Forgery (CSRF) vulnerability in MotoPress Hotel Booking Lite plugin <= 4.6.0 versions.
Published: 2023-11-12T21:57:22.327Z
Updated: 2026-04-28T16:08:16.159Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.