Filtered by vendor Ghost Subscriptions
Total 22 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-10983 1 Ghost 1 Ghost 2024-11-21 6.5 Medium
The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data.
CVE-2024-43409 1 Ghost 1 Ghost 2024-09-03 6.5 Medium
Ghost is a Node.js content management system. Improper authentication on some endpoints used for member actions would allow an attacker to perform member-only actions, and read member information. This security vulnerability is present in Ghost v4.46.0-v5.89.4. v5.89.5 contains a fix for this issue.