Browse all 8 CVE security advisories affecting Ghost Foundation. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ghost Foundation develops the Ghost open-source publishing platform for blogs and online publications. Historically, vulnerabilities have included remote code execution, cross-site scripting (XSS), and privilege escalation, often stemming from improper input validation and access control issues. Notable security characteristics include regular security audits and a vulnerability disclosure program. While no major public incidents have been widely reported, the platform's CVE history reflects common web application risks, particularly in template handling and API endpoints. The project maintains active security practices, with recent patches addressing authentication bypass and content injection flaws, demonstrating ongoing efforts to address its eight recorded CVEs.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-34559 | WordPress Ghost plugin <= 1.4.0 - Sensitive Data Exposure via Log File vulnerability — GhostCWE-532 | 7.5 | High | 2024-05-09 |
| CVE-2022-43441 | node-sqlite3 安全漏洞 — node-sqlite3CWE-915 | 8.1 | High | 2023-03-16 |
| CVE-2022-47195 | Ghost Foundation Ghost 跨站脚本漏洞 — GhostCWE-453 | 5.4 | - | 2023-01-19 |
| CVE-2022-47196 | Ghost Foundation Ghost 安全漏洞 — GhostCWE-453 | 5.4 | - | 2023-01-19 |
| CVE-2022-47197 | Ghost Foundation Ghost 跨站脚本漏洞 — GhostCWE-453 | 5.4 | - | 2023-01-19 |
| CVE-2022-47194 | Ghost Foundation Ghost 安全漏洞 — GhostCWE-453 | 5.4 | - | 2023-01-19 |
| CVE-2022-41654 | Ghost CMS访问控制错误漏洞 — GhostCWE-284 | 8.1 | - | 2022-12-23 |
| CVE-2022-41697 | Ghost CMS 安全漏洞 — GhostCWE-204 | 5.3 | - | 2022-12-23 |
This page lists every published CVE security advisory associated with Ghost Foundation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.