Wproyal Ashe
3 CVEs affecting Wproyal Ashe. Latest disclosed: 2026-04-08. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-9777 | Medium | 6.1 | 2024-11-19 | The Ashe theme for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all ver… |
CVE-2026-39627 | Medium | 4.3 | 2026-04-08 | Missing Authorization vulnerability in wproyal Ashe ashe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe: from… |
CVE-2024-37478 | Medium | 4.3 | 2025-01-02 | Cross-Site Request Forgery (CSRF) vulnerability in wproyal Ashe ashe allows Cross Site Request Forgery.This issue affects Ashe: from n/a through <= 2.233. |