CVE Published: 22/08/2022 |
CVE Updated: 02/08/2024 |
CVE Year: 2022 Source: WPScan |
Vendor: Unknown |
Product: Ask me Status : PUBLISHED
CVE-2022-1251 Description
The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted request.