漏洞描述
WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Ghost 1.4.0 版本及之前版本存在日志信息泄露漏洞,该漏洞源于存在敏感信息泄露漏洞。
WordPress plugin Ghost 日志信息泄露漏洞
PoC代码
暂无相关漏洞推荐
-
CVE-2021-29484: Ghost CMS <=4.32 - Cross-Site Scripting POC
2025-08-01 | Ghost CMSGhost CMS 4.0.0 to 4.3.2 contains a DOM cross-site scripting vulnerability. An unused endpoint added... -
CVE-2023-32235: Ghost CMS < 5.42.1 - Path Traversal POC
2025-08-01 | Ghost CMSGhost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's f... -
CVE-2024-6420: Hide My WP Ghost < 5.2.02 - Hidden Login Page Disclosure POC
2025-08-01 | Hide My WP GhostThe Hide My WP Ghost plugin does not prevent redirects to the login page via the auth_redirect WordP... -
CVE-2020-1938: Ghostcat - Apache Tomcat - AJP File Read/Inclusion Vulnerability POC
2025-09-01 | Apache TomcatWhen using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to... -
SourceCodester Pet Grooming Management Software SQL注入漏洞 无POC
2025-09-22 00:22:31 | SourceCodester Pet Grooming Management SoftwareSourceCodester Pet Grooming Management Software是SourceCodester开源的一个宠物美容管理系统。 SourceCodester Pet Groo...