浏览 40+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-39484 | WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability | John Darrel | Hide My WP Ghost | - | - | 2026-04-08 08:30:11 | Deep Dive |
| CVE-2026-29784 | Ghost: Incomplete CSRF protections around OTC use | TryGhost | Ghost | High | 7.5 | 2026-03-07 15:30:38 | Deep Dive |
| CVE-2026-29053 | Ghost Vulnerable to Remote Code Execution via Malicious Themes | TryGhost | Ghost | High | 7.6 | 2026-03-05 05:51:41 | Deep Dive |
| CVE-2026-26365 | Akamai Ghost 环境问题漏洞 | Akamai | Ghost | Medium | 4.0 | 2026-02-23 00:00:00 | Deep Dive |
| CVE-2026-26980 | Ghost has a SQL Injection in its Content API | TryGhost | Ghost | Critical | 9.4 | 2026-02-20 01:00:52 | Deep Dive |
| CVE-2026-24778 | Ghost vulnerable to XSS via malicious Portal preview links | TryGhost | Ghost | High | 8.8 | 2026-01-27 21:57:45 | Deep Dive |
| CVE-2026-22597 | Ghost has SSRF via External Media Inliner | TryGhost | Ghost | 中危 | - | 2026-01-10 02:57:37 | Deep Dive |
| CVE-2026-22596 | Ghost has SQL Injection in Members Activity Feed | TryGhost | Ghost | Medium | 6.7 | 2026-01-10 02:57:20 | Deep Dive |
| CVE-2026-22595 | Ghost has Staff Token permission bypass | TryGhost | Ghost | High | 8.1 | 2026-01-10 02:57:08 | Deep Dive |
| CVE-2026-22594 | Ghost has Staff 2FA bypass | TryGhost | Ghost | High | 8.1 | 2026-01-10 02:56:47 | Deep Dive |
| CVE-2025-12342 | Serdar Bayram Ghost Hot Spot Login Auth.php sql injection | Serdar Bayram | Ghost Hot Spot | High | 7.3 | 2025-10-28 01:02:08 | Deep Dive |
| CVE-2025-41110 | Improper Authentication vulnerability in Ghost Robotics' Vision 60 | Ghost Robotics | Vision 60 | - | - | 2025-10-22 08:16:24 | Deep Dive |
| CVE-2025-41109 | Use of Hard-coded Credentials vulnerability in Ghost Robotics' Vision 60 | Ghost Robotics | Vision 60 | - | - | 2025-10-22 08:15:42 | Deep Dive |
| CVE-2025-41108 | Improper Authentication vulnerability in Ghost Robotics' Vision 60 | Ghost Robotics | Vision 60 | - | - | 2025-10-22 08:14:54 | Deep Dive |
| CVE-2025-9992 | Ghost Kit <= 3.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | nko | Ghost Kit – Page Builder Blocks, Motion Effects & Extensions | Medium | 6.4 | 2025-09-18 09:31:28 | Deep Dive |
| CVE-2025-9862 | Ghost 6.0.6 - SSRF via oEmbed Bookmark | Ghost | Ghost | - | - | 2025-09-17 15:02:02 | Deep Dive |
| CVE-2025-53567 | WordPress Ghost Kit <= 3.4.1 - Local File Inclusion Vulnerability | nK | Ghost Kit | High | 8.1 | 2025-08-20 08:03:11 | Deep Dive |
| CVE-2025-26909 | WordPress Hide My WP Ghost plugin <= 5.4.01 - Local File Inclusion to RCE vulnerability | John Darrel | Hide My WP Ghost | Critical | 9.6 | 2025-03-27 15:48:49 | Deep Dive |
| CVE-2025-2056 | WP Ghost <= 5.4.01 - Unauthenticated Limited File Read | johndarrel | WP Ghost (Hide My WP Ghost) – Security & Firewall | High | 7.5 | 2025-03-14 04:22:35 | Deep Dive |
| CVE-2024-13794 | Hide My WP Ghost – Security & Firewall <= 5.3.02 - Unauthenticated Login Page Disclosure | johndarrel | WP Ghost (Hide My WP Ghost) – Security & Firewall | Medium | 5.3 | 2025-02-12 07:35:39 | Deep Dive |