mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-29 01:31:01 +00:00
858 B
858 B
CVE-2022-1251
&color=brighgreen)
Description
The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted request.
POC
Reference
- https://wpscan.com/vulnerability/34b3fc35-381a-4bd7-87e3-f1ef0a15a349
- https://wpscan.com/vulnerability/34b3fc35-381a-4bd7-87e3-f1ef0a15a349
Github
No PoCs found on GitHub currently.