The has a CSRF vulnerability that allows the deletion of a post without using a nonce or prompting for...
4.7CVSS
4.8AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorWay theme <= 4.2.3...
8.8CVSS
8.8AI Score
0.001EPSS
6.1CVSS
6AI Score
0.001EPSS
The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted...
4.3CVSS
4.4AI Score
0.001EPSS