Every CVE whose affected-product data names Inkthemes Ask Me, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-3750 — CVSS 4.7 (medium): The has a CSRF vulnerability that allows the deletion of a post without using a nonce or prompting for confirmation.
CVE-2022-1251 — CVSS 4.3 (medium): The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an…