Exposição de Ghost
Blogs, CMS45
score de exposição
3.177
sites usam
0
em exploração
6
críticos
CVEs
23 resultadosCVE-2026-26980CRITICALGhost has a SQL Injection in its Content APIEPSS 70.0%CVE-2023-40028MEDIUMArbitrary file read via symlinks in GhostEPSS 57.8%CVE-2023-31133HIGHGhost vulnerable to disclosure of private API fieldsEPSS 45.7%CVE-2022-41697MEDIUMA user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can leaEPSS 20.2%CVE-2022-41654CRITICALAn authentication bypass vulnerability exists in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4. A specially-crafEPSS 18.9%CVE-2021-29484MEDIUMDOM XSS in Theme PreviewEPSS 7.9%CVE-2020-8134—Server-side request forgery (SSRF) vulnerability in Ghost CMS < 3.10.0 allows an attacker to scan local or external network or otherwise intEPSS 1.2%CVE-2022-47197CRITICALAn insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost EPSS 1.0%CVE-2021-39192MEDIUMPrivilege escalation: all users can access Admin-level API keysEPSS 1.0%CVE-2022-47194CRITICALAn insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost EPSS 0.8%CVE-2024-34559HIGHWordPress Ghost plugin <= 1.4.0 - Sensitive Data Exposure via Log File vulnerabilityEPSS 0.7%CVE-2022-47195CRITICALAn insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost EPSS 0.7%CVE-2022-47196CRITICALAn insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost EPSS 0.7%CVE-2026-22595HIGHGhost has Staff Token permission bypassEPSS 0.5%CVE-2025-9862MEDIUMGhost 6.0.6 - SSRF via oEmbed BookmarkEPSS 0.5%CVE-2026-22596MEDIUMGhost has SQL Injection in Members Activity FeedEPSS 0.4%CVE-2026-29053HIGHGhost Vulnerable to Remote Code Execution via Malicious ThemesEPSS 0.4%CVE-2026-22594HIGHGhost has Staff 2FA bypassEPSS 0.4%CVE-2024-43409MEDIUMGhost's improper authentication allows access to member information and actionsEPSS 0.3%CVE-2026-22597MEDIUMGhost has SSRF via External Media InlinerEPSS 0.3%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →