16 matches found
EUVD-2023-54184
Malicious code in bioql PyPI...
EUVD-2022-33786
Malicious code in bioql PyPI...
CVE-2024-3478
The Herd Effects WordPress plugin before 5.2.7 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting effects via CSRF attacks...
CVE-2023-4022
The Herd Effects WordPress plugin before 5.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2025-24716 WordPress Herd Effects Plugin <= 6.2.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Herd Effects allows Cross Site Request Forgery. This issue affects Herd Effects: from n/a through 6.2.1...
CVE-2025-24716 WordPress Herd Effects Plugin <= 6.2.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Herd Effects mwp-herd-effect allows Cross Site Request Forgery.This issue affects Herd Effects: from n/a through = 6.2.1...
WordPress Herd Effects Plugin <= 6.2.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Khang Duong in WordPress Plugin Herd Effects versions = 6.2.1...
WordPress plugin Herd Effects 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-3290 · WordPress · Herd Effects
Name of the Vulnerable Software and Affected Versions: Herd Effects WordPress plugin versions prior to 5.2.7 Description: The issue is related to a lack of CSRF checks in some bulk actions of the Herd Effects WordPress plugin, which could allow attackers to make logged-in admins perform unwanted...
CVE-2023-4318
The Herd Effects WordPress plugin before 5.2.4 does not have CSRF when deleting its items, which could allow attackers to make logged in admins delete arbitrary effects via a CSRF attack...
CVE-2023-4022 Herd Effects < 5.2.3 - Admin+ Stored XSS
The Herd Effects WordPress plugin before 5.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress plugin Herd Effects Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
WordPress Herd Effects plugin local file inclusion vulnerability
WordPress and WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Herd Effects plugin 5.2 and earlier versions have a local file inclusion vulnerability, which stems from...
CVE-2022-29448
Authenticated admin or higher user role Local File Inclusion LFI vulnerability in Wow-Company's Herd Effects plugin = 5.2 at WordPress...
Design/Logic Flaw
Authenticated admin or higher user role Local File Inclusion LFI vulnerability in Wow-Company's Herd Effects plugin = 5.2 at WordPress...
CVE-2022-29448
Authenticated admin or higher user role Local File Inclusion LFI vulnerability in Wow-Company's Herd Effects plugin = 5.2 at WordPress...