Filtered by vendor Inkthemes Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-25447 1 Inkthemes 1 Colorway 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorWay theme <= 4.2.3 versions.
CVE-2022-3750 1 Inkthemes 1 Ask Me 2024-11-21 4.7 Medium
The has a CSRF vulnerability that allows the deletion of a post without using a nonce or prompting for confirmation.
CVE-2022-1251 1 Inkthemes 1 Ask Me 2024-11-21 4.3 Medium
The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted request.
CVE-2016-10961 1 Inkthemes 1 Colorway 2024-11-21 6.1 Medium
The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter.