WordPress plugin Hide My WP Ghost 输入验证错误漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2016-10983

The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data...

CVE-2025-2056

The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function. This makes it possible for unauthenticated attackers to read the contents of specific file types on the server, which ca...

CVE-2025-2056

The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function. This makes it possible for unauthenticated attackers to read the contents of specific file types on the server, which ca...

CVE-2025-2056

CVE-2025-2056 affects the WP Ghost (Hide My WP Ghost) – Security & Firewall WordPress plugin. A path traversal flaw in showFile affects all versions up to and including 5.4.01, allowing unauthenticated attackers to read contents of certain server files containing sensitive information. The vulner...

CVE-2025-2056 WP Ghost <= 5.4.01 - Unauthenticated Limited File Read

The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function. This makes it possible for unauthenticated attackers to read the contents of specific file types on the server, which ca...

WordPress plugin WP Ghost 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-13794

The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Login Page Dislcosure in all versions up to, and including, 5.3.02. This is due to the plugin not properly restricting the /wp-register.php path. This makes it possible for unauthenticated attackers to...

CVE-2024-13794

The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Login Page Dislcosure in all versions up to, and including, 5.3.02. This is due to the plugin not properly restricting the /wp-register.php path. This makes it possible for unauthenticated attackers to...

Ghost < 1.5.0 - Unauthenticated Sensitive Information Exposure

Description The Ghost plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.0 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log...

WordPress plugin Ghost 日志信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A log information disclosur...

CVE-2024-34559 WordPress Ghost plugin <= 1.4.0 - Sensitive Data Exposure via Log File vulnerability

Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This issue affects Ghost: from n/a through 1.4.0...

CVE-2024-34559 WordPress Ghost plugin <= 1.4.0 - Sensitive Data Exposure via Log File vulnerability

Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This issue affects Ghost: from n/a through 1.4.0...

WordPress Ghost plugin <= 1.4.0 - Sensitive Data Exposure via Log File vulnerability

Sensitive Data Exposure via Log File vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Ghost versions = 1.4.0...

WordPress Ghost Plugin <= 1.4.0 is vulnerable to Sensitive Data Exposure

Software Ghost Type Plugin Vulnerable versions = 1.4.0 Fixed in 1.5.0 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-34559 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 149041968d48 Credits Joshua Chan Requir...

Command Execution Vulnerability in the ghost plugin of YMail Email System

E-Mail Email System is a mail system software developed by E-Mail. A command execution vulnerability exists in the ghost plugin of YMS Email System, which can be exploited by attackers to gain control of the server...

CVE-2016-10983

The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data...

Improper access control

The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data...

CVE-2016-10983

CVE-2016-10983 affects the Ghost WordPress plugin prior to 0.5.6. The issue is unauthenticated/unrestricted access to exported data via wp-admin/tools.php?ghostexport=true, enabling downloads of exported data. This is due to missing access control in the plugin. Impact is exposure of data through...

WordPress Ghost Plugin 0.5.5 未授权下载 ghost 文件

No description provided by source...