← Back

Ask Me

ask_me

Vendor: Inkthemes • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-3750
1Inkthemes
1Ask Me
Jun 17, 2026
Nov 21, 2022
N/A· v4
4.7 MEDIUM· v3
N/A· v2
The has a CSRF vulnerability that allows the deletion of a post without using a nonce or prompting for confirmation.
CVE-2022-1251
1Inkthemes
1Ask Me
Jun 17, 2026
Aug 22, 2022
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted...Show more
The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted request.Show less