VYPR

Ghost

by WordPress

Source repositories

CVEs (3)

  • CVE-2024-34559HigMay 14, 2024
    risk 0.49cvss 7.5epss 0.01

    Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This issue affects Ghost: from n/a through 1.4.0.

  • CVE-2025-2056Mar 14, 2025
    risk 0.00cvss epss 0.01

    The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function. This makes it possible for unauthenticated attackers to read the contents of specific file types…

  • CVE-2016-10983Sep 17, 2019
    risk 0.00cvss epss 0.02

    The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data.