1337Nerd

**Name of the Vulnerable Software and Affected Versions** Ghost versions 4.46.0 through 5.89.4 **Description** The issue is related to improper authentication on some endpoints used for member actions, allowing an attacker to perform member-only actions and read member information. **Recommendations** For Ghost versions 4.46.0 through 5.89.4, update to version 5.89.5 to resolve the issue. As a temporary workaround, consider disabling site membership in Ghost settings until the update is applied.