WordPress JS Multi Hotel Plugin <= 2.2.1 - Multiple Vulnerabilities

Because of these vulnerabilities, the attackers can obtain the installation path via a request to widget.php, functions.php, myCalendar.php, show_image.php, refreshDate.php, phpthumb/thumb_plugins/gd_reflection.inc.php or phpthumb/GdThumb.inc.php in includes/.

Solution

           Update the plugin.