Browse all 6 CVE security advisories affecting MotoPress. AI-powered Chinese analysis, POCs, and references for each vulnerability.
MotoPress is a WordPress plugin provider offering page builders and website management tools. Historically, vulnerabilities have included stored cross-site scripting (XSS), arbitrary file uploads leading to remote code execution (RCE), and privilege escalation flaws. Security researchers have identified multiple instances of insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the five CVEs on record highlight recurring patterns in sanitization and permission handling. The plugin's extensive functionality increases its attack surface, making regular security updates critical for users.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-28498 | WordPress Hotel Booking Lite Plugin <= 4.6.0 is vulnerable to Cross Site Request Forgery (CSRF) — Hotel Booking LiteCWE-352 | 4.3 | Medium | 2023-11-12 |
This page lists every published CVE security advisory associated with MotoPress. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.