The Ask me WordPress theme prior to 6.8.2 does not perform CSRF checks for any of its AJAX actions, allowing an malicious user to trick logged in users to perform various actions on their behalf on the site.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
2code ask me |