Vulnerabilities > Inkthemes > Colorway > 3.2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-22 | CVE-2023-25447 | Cross-Site Request Forgery (CSRF) vulnerability in Inkthemes Colorway Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorWay theme <= 4.2.3 versions. | 8.8 |
| 2019-09-16 | CVE-2016-10961 | Cross-site Scripting vulnerability in Inkthemes Colorway The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter. | 6.1 |