Security Advisory

CVE-2022-1424

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-06 08:51:00

Last updated 2024-08-03 00:03:06

Assigner WPScan

State PUBLISHED

Description

The Ask me WordPress theme before 6.8.2 does not perform CSRF checks for any of its AJAX actions, allowing an attacker to trick logged in users to perform various actions on their behalf on the site.

← Browse all CVEs View on cve.org ↗