6 matches found
CVE-2025-2056
The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function. This makes it possible for unauthenticated attackers to read the contents of specific file types on the server, which ca...
CVE-2025-2056
The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function. This makes it possible for unauthenticated attackers to read the contents of specific file types on the server, which ca...
CVE-2025-2056
CVE-2025-2056 affects the WP Ghost (Hide My WP Ghost) – Security & Firewall WordPress plugin. A path traversal flaw in showFile affects all versions up to and including 5.4.01, allowing unauthenticated attackers to read contents of certain server files containing sensitive information. The vulner...
CVE-2025-2056 WP Ghost <= 5.4.01 - Unauthenticated Limited File Read
The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function. This makes it possible for unauthenticated attackers to read the contents of specific file types on the server, which ca...
CVE-2024-13794
The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Login Page Dislcosure in all versions up to, and including, 5.3.02. This is due to the plugin not properly restricting the /wp-register.php path. This makes it possible for unauthenticated attackers to...
CVE-2024-13794
The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Login Page Dislcosure in all versions up to, and including, 5.3.02. This is due to the plugin not properly restricting the /wp-register.php path. This makes it possible for unauthenticated attackers to...