2 matches found
CVE-2024-3478 Herd Effects < 5.2.7 - Effect Deletion via CSRF
The Herd Effects WordPress plugin before 5.2.7 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting effects via CSRF attacks...
WordPress Herd Effects Plugin < 5.2.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software Herd Effects Type Plugin Vulnerable versions 5.2.7 Fixed in 5.2.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3478 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID fdd1c4816ada Credits Bob Matyas Required...