Vulnerabilities > Inkthemes > ASK ME > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-21 | CVE-2022-3750 | Cross-Site Request Forgery (CSRF) vulnerability in Inkthemes ASK ME 6.8.4 The has a CSRF vulnerability that allows the deletion of a post without using a nonce or prompting for confirmation. | 4.7 |
| 2022-08-22 | CVE-2022-1251 | Cross-Site Request Forgery (CSRF) vulnerability in Inkthemes ASK ME The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted request. | 4.3 |