Known Vulnerabilities for products from Inkthemes
Listed below are 4 of the newest known vulnerabilities associated with the vendor "Inkthemes".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-62123 json | Not Provided | 2025-12-31 | 2026-04-23 | |
| CVE-2025-48327 json | Not Provided | 2025-08-28 | 2026-04-23 | |
| CVE-2023-25447 json | Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorWay theme <= 4.2.3 versions. | 8.8 - HIGH | 2023-05-22 | 2023-05-26 |
| CVE-2022-3750 json | The has a CSRF vulnerability that allows the deletion of a post without using a nonce or prompting for confirmation. | 4.7 - MEDIUM | 2022-11-21 | 2023-11-07 |
| CVE-2022-1251 json | The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page,... | 4.3 - MEDIUM | 2022-08-22 | 2022-08-23 |
| CVE-2016-10961 json | The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter. | 6.1 - MEDIUM | 2019-09-16 | 2023-02-28 |
Known software with vulnerabilities from Inkthemes
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Inkthemes | Colorway | - |