Browse all 4 CVE security advisories affecting johndarrel. AI-powered Chinese analysis, POCs, and references for each vulnerability.
JohnDarrel operates primarily in web application development and deployment, with a core focus on custom business solutions. Historically, vulnerabilities associated with this entity include remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and misconfigured access controls. Security characteristics reveal a pattern of insufficient patch management and inadequate security testing protocols. While no major public incidents have been documented, the four CVEs on record indicate consistent security weaknesses in authentication mechanisms and session handling, suggesting a need for enhanced secure coding practices and regular security audits to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-2056 | WP Ghost <= 5.4.01 - Unauthenticated Limited File Read — WP Ghost (Hide My WP Ghost) – Security & FirewallCWE-23 | 7.5 | High | 2025-03-14 |
| CVE-2024-13794 | Hide My WP Ghost – Security & Firewall <= 5.3.02 - Unauthenticated Login Page Disclosure — WP Ghost (Hide My WP Ghost) – Security & FirewallCWE-693 | 5.3 | Medium | 2025-02-12 |
| CVE-2024-10825 | Hide My WP Ghost – Security & Firewall <= 5.3.01 - Reflected Cross-Site Scripting via URL — WP Ghost (Hide My WP Ghost) – Security & FirewallCWE-79 | 6.1 | Medium | 2024-11-15 |
| CVE-2022-4537 | Hide My WP Ghost – Security Plugin <= 5.0.18 - IP Address Spoofing to Protection Mechanism Bypass — WP Ghost (Hide My WP Ghost) – Security & FirewallCWE-348 | 6.5 | Medium | 2023-05-09 |
This page lists every published CVE security advisory associated with johndarrel. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.