Monitor free

Report

New Known

Exploited

Fixed

WordPress Ask Me premium theme < 6.8.4 - Cross-Site Request Forgery (CSRF) vulnerability

5.4

CVSS 3.1 score Medium severity

Report

Monitoring Monitoring Known to be exploited Coming soon

Find out about vulnerable plugins in your websites for free.

Scan your website

Software

Ask Me

Type

Theme

Vulnerable versions

< 6.8.4

Fixed in

6.8.4

PSID

d6781ce49de4

CVE ID

CVE-2022-1251

Classification

Cross Site Request Forgery (CSRF)

OWASP Top 10

A5: Broken Access Control

Required privilege

Credits

WPScan Team

Publicly disclosed

2022-08-01

Patchstack vPatch available since

09.12.2021

Details

Cross-Site Request Forgery (CSRF) vulnerability (Edit Profile) was discovered by the WPScan team in WordPress Ask Me premium theme (versions < 6.8.4).

Solution

Update the WordPress Ask Me theme to the latest available version (at least 6.8.4).

References