Lucene search
WPScanCVE-2024-3478HistoryMay 02, 2024 - 6:15 a.m.
CVE-2024-3478
2024-05-0206:15:51
WPScan
web.nvd.nist.gov
34
herd effects
wordpress plugin
csrf attacks
logged in admins
unwanted actions
bulk actions
The Herd Effects WordPress plugin before 5.2.7 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting effects via CSRF attacks
Affected configurations
Node
herd_effectsRange<5.2.7wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| * | herd_effects | * | cpe:2.3:a:*:herd_effects:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"vendor": "Unknown",
"product": "Herd Effects ",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "5.2.7"
}
],
"defaultStatus": "unaffected"
}
]Related
wpvulndb
wpvulndb
Herd Effects < 5.2.7 - Effect Deletion via CSRF
2024-04-11 00:00:00
wpexploit
wpexploit
Herd Effects < 5.2.7 - Effect Deletion via CSRF
2024-04-11 00:00:00
vulnrichment
vulnrichment
CVE-2024-3478 Herd Effects < 5.2.7 - Effect Deletion via CSRF
2024-05-02 06:00:03
nvd
nvd
CVE-2024-3478
2024-05-02 06:15:51
cvelist
cvelist
CVE-2024-3478 Herd Effects < 5.2.7 - Effect Deletion via CSRF
2024-05-02 06:00:03
wordfence
wordfence