CVE-2023-5991
Published: 26 December 2023
Summary
CVE-2023-5991 is a critical-severity Path Traversal (CWE-22) vulnerability in Motopress Hotel Booking Lite. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 1.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
The Hotel Booking Lite WordPress plugin before version 4.8.5 is affected by a path traversal vulnerability (CWE-22) that stems from missing validation of user-supplied file paths together with absent CSRF and authorization checks. The flaw carries a CVSS 3.1 score of 9.8 and permits unauthenticated remote interaction with arbitrary server files.
An attacker with no credentials can supply crafted paths to download or delete any file accessible to the web server process. Successful exploitation can result in disclosure of sensitive configuration or database files and in destructive modification of plugin or core WordPress assets, enabling further compromise of the site.
The referenced WPScan advisory identifies the issue in builds prior to 4.8.5 and indicates that updating to the fixed release eliminates the vulnerable code paths. The associated EPSS score has remained elevated, with a current value of 0.7832 and a recorded peak of 0.8014, reflecting sustained exploitation interest after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-58258
Vulnerability details
The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.