Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

ATTACKERKB
ATTACKERKBadded 2022/08/22 3:15 p.m.3 views

CVE-2022-1251

The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted request...

4.3CVSS5.5AI score0.00127EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/08/22 12:0 a.m.2 views

WordPress Theme Ask me 跨站请求伪造漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on PHP and MySQL servers.WordPress theme is a theme for WordPress. A security vulnerability exists in WordPress Theme Ask me versions prior to 6.8.4 that stems from a random...

4.3CVSS5.2AI score0.00127EPSS
Exploits1References2
Patchstack
Patchstackadded 2022/08/01 12:0 a.m.25 views

WordPress Ask Me premium theme < 6.8.4 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability Edit Profile was discovered by the WPScan team in WordPress Ask Me premium theme versions 6.8.4. Solution Update the WordPress Ask Me theme to the latest available version at least 6.8.4...

4.3CVSS2.9AI score0.00127EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/06/08 10:15 a.m.4 views

CVE-2022-1424

The Ask me WordPress theme before 6.8.2 does not perform CSRF checks for any of its AJAX actions, allowing an attacker to trick logged in users to perform various actions on their behalf on the site...

6.5CVSS6.6AI score0.0014EPSS
Exploits1References2
NVD
NVDadded 2022/06/08 10:15 a.m.12 views

CVE-2022-1241

The Ask me WordPress theme before 6.8.2 does not properly sanitise and escape several of the fields in the Edit Profile page, leading to Reflected Cross-Site Scripting issues...

6.1CVSS0.0021EPSS
Exploits1References1
OSV
OSVadded 2022/06/08 10:15 a.m.3 views

CVE-2022-1424

The Ask me WordPress theme before 6.8.2 does not perform CSRF checks for any of its AJAX actions, allowing an attacker to trick logged in users to perform various actions on their behalf on the site...

6.5CVSS5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2022/06/08 10:15 a.m.4 views

CVE-2022-1241

The Ask me WordPress theme before 6.8.2 does not properly sanitise and escape several of the fields in the Edit Profile page, leading to Reflected Cross-Site Scripting issues...

6.1CVSS6.3AI score0.0021EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/06/08 12:0 a.m.4 views

WordPress theme Ask me 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress theme Ask me plugin version 6.8.2 or earlier is vulnerable to cross-site request forgery,...

6.5CVSS5.5AI score0.0014EPSS
Exploits1References2
Rows per page
Query Builder