Vulnerabilities > Inkthemes

DATE CVE VULNERABILITY TITLE RISK
2023-05-22 CVE-2023-25447 Cross-Site Request Forgery (CSRF) vulnerability in Inkthemes Colorway
Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorWay theme <= 4.2.3 versions.
network
low complexity
inkthemes CWE-352
8.8
2022-11-21 CVE-2022-3750 Cross-Site Request Forgery (CSRF) vulnerability in Inkthemes ASK ME 6.8.4
The has a CSRF vulnerability that allows the deletion of a post without using a nonce or prompting for confirmation.
network
low complexity
inkthemes CWE-352
4.7
2019-09-16 CVE-2016-10961 Cross-site Scripting vulnerability in Inkthemes Colorway
The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter.
network
low complexity
inkthemes CWE-79
6.1