46 matches found
EUVD-2025-3908
Malicious code in bioql PyPI...
EUVD-2023-54184
Malicious code in bioql PyPI...
EUVD-2022-33786
Malicious code in bioql PyPI...
CVE-2025-24716
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Herd Effects mwp-herd-effect allows Cross Site Request Forgery.This issue affects Herd Effects: from n/a through = 6.2.1...
CVE-2024-3478
The Herd Effects WordPress plugin before 5.2.7 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting effects via CSRF attacks...
CVE-2023-4022
The Herd Effects WordPress plugin before 5.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2025-24716
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Herd Effects mwp-herd-effect allows Cross Site Request Forgery.This issue affects Herd Effects: from n/a through = 6.2.1...
CVE-2025-24716 WordPress Herd Effects Plugin <= 6.2.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Herd Effects allows Cross Site Request Forgery. This issue affects Herd Effects: from n/a through 6.2.1...
CVE-2025-24716 WordPress Herd Effects Plugin <= 6.2.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Herd Effects mwp-herd-effect allows Cross Site Request Forgery.This issue affects Herd Effects: from n/a through = 6.2.1...
WordPress Herd Effects Plugin <= 6.2.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Khang Duong in WordPress Plugin Herd Effects versions = 6.2.1...
WordPress plugin Herd Effects 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
PT-2025-5530 · Unknown · Herd Effects
Name of the Vulnerable Software and Affected Versions: Herd Effects versions through 6.2.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For versions through 6.2.1, update t...
WordPress Herd Effects plugin < 5.2.7 - Effect Deletion via CSRF vulnerability
Effect Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Herd Effects versions 5.2.7...
CVE-2024-3478
The Herd Effects WordPress plugin before 5.2.7 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting effects via CSRF attacks...
CVE-2024-3478 Herd Effects < 5.2.7 - Effect Deletion via CSRF
The Herd Effects WordPress plugin before 5.2.7 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting effects via CSRF attacks...
CVE-2024-3478
The CVE CVE-2024-3478 affects the WordPress plugin Herd Effects. It explains that the plugin, prior to version 5.2.7, lacks CSRF checks in certain bulk actions, enabling a logged-in attacker to coerce an admin into performing unintended actions (e.g., deleting effects) via CSRF attacks. Public so...
CVE-2024-3478 Herd Effects < 5.2.7 - Effect Deletion via CSRF
The Herd Effects WordPress plugin before 5.2.7 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting effects via CSRF attacks...
WordPress Herd Effects Plugin < 5.2.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software Herd Effects Type Plugin Vulnerable versions 5.2.7 Fixed in 5.2.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3478 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID fdd1c4816ada Credits Bob Matyas Required...
WordPress plugin Herd Effects 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Herd Effects < 5.2.7 - Effect Deletion via CSRF
Description The plugin does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting effects via CSRF attacks Make a logged in admin open an HTML file where ID is a valid ID: action...