Primary

Context

WordPress Hide My WP Ghost Open Redirection Vulnerability

Vulnerability

Patched

A URL redirection vulnerability allowing untrusted site redirects (open redirect) has been identified in the WordPress plugin Hide My WP Ghost, affecting versions prior to 7.0.00. This vulnerability could be exploited for phishing attacks by redirecting users to malicious sites.

Impact

Exploitation of this vulnerability could lead to phishing incidents, where users are tricked into visiting malicious sites under the guise of legitimacy.

Remediation

Users of the Hide My WP Ghost plugin should update to version 7.0.00 or later. Patchstack users can enable auto-update for vulnerable plugins.

Added: Apr 8, 2026, 12:01 PM

Updated: Apr 8, 2026, 12:01 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.2

exploitability

6.4

remediation

7.7

relevance

5.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.2

exploitability

6.4

remediation

7.7

relevance

5.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WordPress Hide My WP Ghost Open Redirection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

John Darrel Hide My WP Ghost

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating