📦 Himer

The Himer WordPress theme before version 2.1.1 lacks CSRF protection on group management functions, allowing attackers to trick logged-in users into performing unwanted group actions. This affects Wor...

The Himer WordPress theme before version 2.1.1 lacks Cross-Site Request Forgery (CSRF) protection on certain poll voting functionality. This allows attackers to trick authenticated users into submitti...

This CSRF vulnerability in the Himer WordPress theme allows attackers to trick authenticated users into unknowingly joining private groups. Attackers can craft malicious requests that execute when use...