{"vulnerability": "cve-2025-26909", "sightings": [{"uuid": "5a3690d8-161e-450b-988f-05c3b4e32a60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "https://t.me/fattah_iriii/412", "content": "https://github.com/ZeroDayx/CVE-2025-26909\n(PoC) for detecting vulnerabilities in WordPress plugins, specifically targeting the \"Hide My WP\"", "creation_timestamp": "2025-03-29T00:12:59.000000Z"}, {"uuid": "6eed5e8e-d4e1-46c3-944e-c5799f553b07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "https://t.me/liwaamohammad/3499", "content": "https://github.com/issamjr/CVE-2025-26909-Scanner\n\nAdvanced scanner and PoC for CVE-2025-26909 in Hide My WP Ghost\n#github #exploit", "creation_timestamp": "2025-06-24T22:52:04.000000Z"}, {"uuid": "0a025fc5-1d0d-4012-b7c2-d1397925d330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "Telegram/pNTteL-Xx8i8chGncpiIBXbULPUr3pQKBk06IlAIn1UZCI0", "content": "", "creation_timestamp": "2025-06-23T11:00:06.000000Z"}, {"uuid": "c8ff598f-199d-4b9a-96c5-b5fecf7fc826", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "Telegram/19EMVZIHpcnMlAoFeCqFg_0vg5TINRuzyp1l3_kYKW1wZpE", "content": "", "creation_timestamp": "2025-06-22T21:00:05.000000Z"}, {"uuid": "27a972fd-b880-49f5-93bc-3a5d98b77811", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/8406", "content": "#exploit\n1. CVE-2024-55963:\nUnauth RCE in Default-Install of Appsmith\nhttps://rhinosecuritylabs.com/research/cve-2024-55963-unauthenticated-rce-in-appsmith\n\n2. CVE-2025-26909:\nLFI to RCE in WP Ghost Plugin\nhttps://github.com/zerodayx/cve-2025-26909\n\n3. CVE-2025-27840:\nVulnerability in ESP32 Microcontrollers\nhttps://github.com/demining/Bluetooth-Attacks-CVE-2025-27840", "creation_timestamp": "2025-03-31T18:38:27.000000Z"}, {"uuid": "0ed6112b-51c7-432c-886f-f7ae8838fa76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "Telegram/KggYeN27jZ-a4rfgVHT2MGe0BAzOSuPW6YEwI7pxp7JEmks", "content": "", "creation_timestamp": "2025-03-29T08:00:08.000000Z"}, {"uuid": "70104312-55e7-430e-820a-944113a16502", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11988", "content": "#exploit\n1. CVE-2024-55963:\nUnauth RCE in Default-Install of Appsmith\nhttps://rhinosecuritylabs.com/research/cve-2024-55963-unauthenticated-rce-in-appsmith\n\n2. CVE-2025-26909:\nLFI to RCE in WP Ghost Plugin\nhttps://github.com/zerodayx/cve-2025-26909\n\n3. CVE-2025-27840:\nVulnerability in ESP32 Microcontrollers\nhttps://github.com/demining/Bluetooth-Attacks-CVE-2025-27840", "creation_timestamp": "2025-03-31T12:29:08.000000Z"}, {"uuid": "ba9456fe-eb7a-490b-802f-87d1f2f0953e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3ll4bloqu6s2d", "content": "", "creation_timestamp": "2025-03-24T07:52:41.713341Z"}, {"uuid": "472fddda-3de5-41ec-8063-6f8533ef79f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/41471", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aAdvanced scanner and PoC for CVE-2025-26909 in Hide My WP Ghost\nURL\uff1ahttps://github.com/issamjr/CVE-2025-26909-Scanner\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-22T16:02:41.000000Z"}, {"uuid": "62d9be5e-7412-4e21-a56c-dd83a4d79083", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "seen", "source": "https://t.me/ViralCyber/11776", "content": "\ud83d\udd34 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc RCE \u062f\u0631 \u0627\u0641\u0632\u0648\u0646\u0647 \u06cc WP Ghost\n\n\u0627\u0641\u0632\u0648\u0646\u0647 \u06cc WP Ghost \u06cc\u0627 Hide My WP Ghost\u060c \u06cc\u06a9 \u0627\u0641\u0632\u0648\u0646\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0631\u0627\u06cc \u0648\u0631\u062f\u067e\u0631\u0633 \u0647\u0633\u062a\u0634 \u06a9\u0647 \u0628\u0627 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0631\u062f\u0646 \u0644\u0627\u06cc\u0647 \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc\u060c \u0628\u0627\u0639\u062b \u0627\u0645\u0646 \u0634\u062f\u0646 \u0633\u0627\u06cc\u062a \u0648\u0631\u062f\u067e\u0631\u0633\u06cc \u0634\u0645\u0627 \u0645\u06cc\u0634\u0647.\n\n\u0627\u062e\u06cc\u0631\u0627 \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc RCE \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2025-26909 \u0648 \u0627\u0645\u062a\u06cc\u0627\u0632 9.6 \u0648 \u0634\u062f\u062a \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 \u0627\u0648\u0646 \u06af\u0632\u0627\u0631\u0634 \u0648 \u0627\u0635\u0644\u0627\u062d \u0634\u062f\u0647. \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0648\u0639 LFI \u0648 \u062f\u0631 \u062a\u0627\u0628\u0639 showFile \u0647\u0633\u062a\u0634 \u06a9\u0647 \u0627\u0645\u06a9\u0627\u0646 RCE \u0631\u0648 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0628\u062f\u0648\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u0645\u06cc\u062f\u0647.\n\n\u0628\u0631\u0627\u06cc \u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u0628\u0627\u06cc\u062f \u0648\u06cc\u0698\u06af\u06cc Change Paths \u0631\u0648\u06cc \u062d\u0627\u0644\u062a Lite \u06cc\u0627 Ghost \u062a\u0646\u0638\u06cc\u0645 \u0634\u062f\u0647 \u0628\u0627\u0634\u0647 \u06a9\u0647 \u0628\u0635\u0648\u0631\u062a \u067e\u06cc\u0634 \u0641\u0631\u0636 \u0646\u06cc\u0633\u062a.\n\n\u0647\u0645\u0647 \u06cc \u0646\u0633\u062e\u0647 \u0647\u0627 \u062a\u0627 5.4.01 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0647\u0633\u062a\u0646 \u0648 5.4.02 \u0646\u0633\u062e\u0647 \u06cc \u0627\u0635\u0644\u0627\u062d \u0634\u062f\u0647 \u0647\u0633\u062a\u0634./ \u0645\u0646\u0628\u0639\n\n#\u0648\u0631\u062f\u067e\u0631\u0633 #\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc_\u0627\u0645\u0646\u06cc\u062a\u06cc \n#Wordpress #CVE \n\n\ud83c\udd94 @onhex_ir\n\u27a1\ufe0f ALL Link", "creation_timestamp": "2025-03-21T16:12:19.000000Z"}, {"uuid": "edcdff11-88a7-4cab-ae18-83330ccc2953", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/1427", "content": "https://github.com/ZeroDayx/CVE-2025-26909\n(PoC) for detecting vulnerabilities in WordPress plugins, specifically targeting the \"Hide My WP\"", "creation_timestamp": "2025-03-28T14:47:21.000000Z"}, {"uuid": "e786f977-481e-42f2-8a62-bbf5d7e6f63e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114207745267994188", "content": "", "creation_timestamp": "2025-03-22T19:31:39.372577Z"}, {"uuid": "e6feaaba-d6cc-4692-9894-71d053065d88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:45.000000Z"}, {"uuid": "71059da8-ccf5-4c16-a26d-3a3a0fb68a33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/26192", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-26909\nURL\uff1ahttps://github.com/ZeroDayx/CVE-2025-26909\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-28T13:41:11.000000Z"}, {"uuid": "40d4dcc7-a1fb-45dd-971f-77caab8470f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9126", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26909\n\ud83d\udd25 CVSS Score: 9.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in John Darrel Hide My WP Ghost allows PHP Local File Inclusion.This issue affects Hide My WP Ghost: from n/a through 5.4.01.\n\ud83d\udccf Published: 2025-03-27T15:48:49.350Z\n\ud83d\udccf Modified: 2025-03-27T16:17:01.613Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/hide-my-wp/vulnerability/wordpress-hide-my-wp-ghost-plugin-5-4-01-local-file-inclusion-to-rce-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-27T16:26:48.000000Z"}, {"uuid": "170e2d09-d518-48f8-ac07-7b3d93064150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/789", "content": "https://github.com/ZeroDayx/CVE-2025-26909\n(PoC) for detecting vulnerabilities in WordPress plugins, specifically targeting the \"Hide My WP\"", "creation_timestamp": "2025-03-28T14:47:52.000000Z"}, {"uuid": "17809c0f-4f43-4920-abe4-ddcb1f677046", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3335", "content": "#exploit\n1. CVE-2024-55963:\nUnauth RCE in Default-Install of Appsmith\nhttps://rhinosecuritylabs.com/research/cve-2024-55963-unauthenticated-rce-in-appsmith\n\n2. CVE-2025-26909:\nLFI to RCE in WP Ghost Plugin\nhttps://github.com/zerodayx/cve-2025-26909\n\n3. CVE-2025-27840:\nVulnerability in ESP32 Microcontrollers\nhttps://github.com/demining/Bluetooth-Attacks-CVE-2025-27840", "creation_timestamp": "2025-03-31T18:38:27.000000Z"}, {"uuid": "e1ff123c-2465-42bf-8d1a-bca56713c0dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "Telegram/AzPQc8BypPug0v3haYvH4n5j-0vLxsu-ng01TlwKe66ObjQ", "content": "", "creation_timestamp": "2025-03-28T22:00:05.000000Z"}, {"uuid": "29b8a72c-1f53-4171-9f06-156db2326ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "seen", "source": "https://bsky.app/profile/defendopsdiaries.bsky.social/post/3lksy4lhxbi2y", "content": "", "creation_timestamp": "2025-03-20T15:09:11.265613Z"}, {"uuid": "46072c26-89fe-472f-b223-74e173966017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3ll4xcxt6o42h", "content": "", "creation_timestamp": "2025-03-24T14:21:29.153337Z"}, {"uuid": "f3d96afb-8a3d-4e10-a4f8-b820d20f2bf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lktc5muitq2q", "content": "", "creation_timestamp": "2025-03-20T18:08:42.944081Z"}, {"uuid": "22c9549e-71e0-4ddf-82e0-d20d4a6aaf47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lleqim3r2b2o", "content": "", "creation_timestamp": "2025-03-27T16:40:39.406376Z"}, {"uuid": "87a362cf-3320-4dec-bd06-5ffc83e61a4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:59.000000Z"}, {"uuid": "4a85fc0a-462d-4859-a7d3-8515d3bb3c62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/26191", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-26909\nURL\uff1ahttps://github.com/ZeroDayx/poc\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-28T13:36:16.000000Z"}, {"uuid": "e5e150db-950f-4c85-970c-2b2e29661378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26909", "type": "published-proof-of-concept", "source": "Telegram/qaiUzY0jU3lsWkLczH5jpfSLcodDVE0N-CXW3vtlinmUY8k", "content": "", "creation_timestamp": "2026-04-01T21:29:15.000000Z"}]}