Every CVE whose affected-product data names 2code Discy, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-1323 — CVSS 6.5 (medium): The Discy WordPress theme before 5.0 lacks authorization checks then processing ajax requests to the discy_update_options action, allowing…
CVE-2022-1422 — CVSS 6.5 (medium): The Discy WordPress theme before 5.2 does not check for CSRF tokens in the AJAX action discy_reset_options, allowing an attacker to trick…
CVE-2022-1421 — CVSS 4.3 (medium): The Discy WordPress theme before 5.2 lacks CSRF checks in some AJAX actions, allowing an attacker to make a logged in admin change…