2 matches found
CVE-2022-1251
The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted request...
CVE-2022-1251
The CVE-2022-1251 entry concerns the WordPress Ask Me theme prior to version 6.8.4. The vulnerability arises because the Edit Profile POST request does not perform nonce checks, enabling an attacker to trick a user into changing their profile information. Affected component: WordPress Ask Me them...