Loading
The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data.
Use CWE-287, Ghost vendor hub and Ghost product page to widen CVE-2016-10983 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-26980, CVE-2024-34451 and CVE-2026-24778 for nearby disclosures in the same product family.