Motopress Hotel Booking Lite — known CVE vulnerabilities
Every CVE whose affected-product data names Motopress Hotel Booking Lite, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-5991 — CVSS 9.8 (critical): The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper…
CVE-2023-28498 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in MotoPress Hotel Booking Lite plugin <= 4.6.0 versions.