CVE-2026-59817

Summary

Ghost is a Node.js content management system. From 6.27.0 before 6.44.0, Ghost's public donation checkout flow allowed an unauthenticated attacker to control donation checkout metadata and obtain full paid gift memberships for a minimal payment without exposing customer or member data or stealing money from a site or its members. This issue is fixed in version 6.44.0.

Affected Software

VendorProductVersion RangeStatus
TryGhostGhost>= 6.27.0, < 6.44.0affected

Weaknesses

  • CWE-472: CWE-472: External Control of Assumed-Immutable Web Parameter
  • CWE-639: CWE-639: Authorization Bypass Through User-Controlled Key

References