CVE-2025-9992

The Ghost Kit – Page Builder Blocks, Motion Effects & Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom JS field in all versions up to, and including, 3.4.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...

PT-2025-38307

Name of the Vulnerable Software and Affected Versions Ghost Kit – Page Builder Blocks, Motion Effects & Extensions plugin for WordPress versions through 3.4.3 Description The Ghost Kit – Page Builder Blocks, Motion Effects & Extensions plugin for WordPress is susceptible to Stored Cross-Site...

WordPress plugin Ghost Kit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Ghost Kit <= 3.4.1 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin Ghost Kit versions = 3.4.1...