Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:8 a.m.11 views

CVE-2023-5991

The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server...

9.8CVSS7.1AI score0.03313EPSS
Exploits2
Circl
Circl
added 2023/12/26 8:26 p.m.8 views

CVE-2023-5991

creationtimestamp| type| source ---|---|--- 2023-12-26 20:26:55+00:00| seen| https://t.me/ctinow/159442 2024-01-02 23:16:52+00:00| seen| https://t.me/ctinow/162086...

9.8CVSS8.7AI score0.03313EPSS
Exploits2References2
OSV
OSV
added 2023/12/26 7:15 p.m.3 views

CVE-2023-5991

The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server...

9.8CVSS5.9AI score0.03313EPSS
Exploits2References1
NVD
NVD
added 2023/12/26 7:15 p.m.23 views

CVE-2023-5991

The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server...

9.8CVSS0.03313EPSS
Exploits2References1
CVE
CVE
added 2023/12/26 6:33 p.m.87 views

CVE-2023-5991

CVE-2023-5991 affects the Hotel Booking Lite WordPress plugin prior to 4.8.5. The issue arises from the plugin not validating user-supplied file paths and lacking proper CSRF/authorization checks, enabling unauthenticated attackers to download and delete arbitrary server files. Remediation is to ...

9.8CVSS9.7AI score0.03313EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder