Lucene search
+L

1814 matches found

Cvelist
Cvelist
added 2026/06/26 2:53 p.m.45 views

CVE-2026-57651 WordPress Ghost Kit plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in Ghost Kit = 3.6.0 versions...

6.5CVSS0.0013EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:53 p.m.7 views

EUVD-2026-39766

Contributor Cross Site Scripting XSS in Ghost Kit = 3.6.0 versions...

6.5CVSS5.8AI score0.0013EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:53 p.m.12 views

CVE-2026-57651

The CVE-2026-57651 entry documents a Cross Site Scripting (XSS) vulnerability in the WordPress Ghost Kit plugin versions ≤ 3.6.0. The issue is described consistently across sources as Ghost Kit XSS, with a CVSS v3.1 base score of 6.5 (Medium) and an attack vector of Network, user interaction requ...

6.5CVSS5.8AI score0.0013EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/26 1:15 p.m.7 views

WordPress Ghost Kit plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Ghost Kit versions = 3.6.0...

6.5CVSS5.8AI score0.0013EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/24 7:17 p.m.12 views

CVE-2026-53947

Ghost is a Node.js content management system. From 5.18.0 until 6.21.1, a discrepancy in responses from the members signin endpoints made it possible for an unauthenticated attacker to determine whether a given email address belongs to a registered member of a Ghost site. This vulnerability is...

5.3CVSS0.00206EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 7:17 p.m.11 views

CVE-2026-53946

Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, when re-rendering posts, Ghost would refetch missing image dimensions by issuing an outbound HTTP request to the URL stored on an image card — without restricting that URL to trusted image hosts. An authenticated staff user...

5.4CVSS0.00122EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 7:17 p.m.10 views

CVE-2026-53950

@tryghost/activitypub is Ghost’s social/federation client app. Prior to 3.1.0, the ActivityPub client in Ghost was vulnerable to JavaScript injection on posts shared by a maliciously customised ActivityPub server. This vulnerability is fixed in 3.1.0...

7.5CVSS0.00204EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 7:17 p.m.11 views

CVE-2026-53945

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, Ghost’s private-IP check for outbound HTTP requests could be bypassed via DNS rebinding, allowing an attacker to coerce the Ghost server into reaching hosts on internal networks through features that issue external fetches. Th...

4CVSS0.0014EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 7:17 p.m.12 views

CVE-2026-53948

Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, insufficient validation of the client-supplied Content-Type on Ghost's Admin API file upload endpoint allowed uploaded files to be served from the site with an attacker-chosen content type on S3/GCS storage backends. On...

5.4CVSS0.00133EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 7:17 p.m.10 views

CVE-2026-53944

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, when making an external request, it is possible to bypass the IP filter that ensures the request isn't going to an internal service using an IPv6 literal which maps to a private IPv4 address. This vulnerability is fixed in...

5.8CVSS0.00197EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 7:17 p.m.11 views

CVE-2026-53943

Ghost is a Node.js content management system. From until 6.37.0, when Ghost is behind a shared caching layer that results in cached content being shared between different visitors, an unauthenticated user could send an x-ghost-preview header that altered the rendered frontend response. In affecte...

9.6CVSS0.00244EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 6:13 p.m.47 views

CVE-2026-53943

The CVE-2026-53943 entry describes a Ghost CMS vulnerability where, on sites behind a shared caching layer, an unauthenticated user can send an x-ghost-preview header that poisons cached responses, altering rendered frontend output. In affected configurations, this cached, request-specific previe...

9.6CVSS5.9AI score0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 6:13 p.m.29 views

CVE-2026-53943 Ghost: Cache-poisoning XSS in Ghost frontend via x-ghost-preview header

Ghost is a Node.js content management system. From until 6.37.0, when Ghost is behind a shared caching layer that results in cached content being shared between different visitors, an unauthenticated user could send an x-ghost-preview header that altered the rendered frontend response. In affecte...

9.6CVSS0.00244EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 6:13 p.m.4 views

CVE-2026-53943 Ghost: Cache-poisoning XSS in Ghost frontend via x-ghost-preview header

Ghost is a Node.js content management system. From until 6.37.0, when Ghost is behind a shared caching layer that results in cached content being shared between different visitors, an unauthenticated user could send an x-ghost-preview header that altered the rendered frontend response. In affecte...

9.6CVSS6AI score0.00244EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 6:10 p.m.5 views

CVE-2026-53944

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, when making an external request, it is possible to bypass the IP filter that ensures the request isn't going to an internal service using an IPv6 literal which maps to a private IPv4 address. This vulnerability is fixed in...

5.8CVSS5.9AI score0.00197EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/24 6:10 p.m.29 views

CVE-2026-53944 Ghost: Private IP filtering bypass to make server-side requests to internal services

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, when making an external request, it is possible to bypass the IP filter that ensures the request isn't going to an internal service using an IPv6 literal which maps to a private IPv4 address. This vulnerability is fixed in...

5.8CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 6:10 p.m.15 views

CVE-2026-53944

Affected software: Ghost CMS (Node.js) versions 6.0.9 through 6.21.1. Vulnerability: When Ghost makes an external request, an IPv6 literal can map to a private IPv4 address, bypassing the internal IP filter and potentially reaching internal services. Root cause: IP-filter bypass via IPv6-to-IPv4 ...

5.8CVSS5.9AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 6:10 p.m.4 views

CVE-2026-53944 Ghost: Private IP filtering bypass to make server-side requests to internal services

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, when making an external request, it is possible to bypass the IP filter that ensures the request isn't going to an internal service using an IPv6 literal which maps to a private IPv4 address. This vulnerability is fixed in...

5.8CVSS6AI score0.00197EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 6:9 p.m.5 views

CVE-2026-53945

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, Ghost’s private-IP check for outbound HTTP requests could be bypassed via DNS rebinding, allowing an attacker to coerce the Ghost server into reaching hosts on internal networks through features that issue external fetches. Th...

4CVSS5.9AI score0.0014EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/24 6:9 p.m.30 views

CVE-2026-53945 Ghost: Server-side request forgery via DNS rebinding in external request handling

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, Ghost’s private-IP check for outbound HTTP requests could be bypassed via DNS rebinding, allowing an attacker to coerce the Ghost server into reaching hosts on internal networks through features that issue external fetches. Th...

4CVSS0.0014EPSS
Exploits0References1
Rows per page
Query Builder