Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
herd effects vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2023-4022
The Herd Effects WordPress plugin prior to 5.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
Wow-company Herd Effects
4.3
CVSSv3
CVE-2023-4318
The Herd Effects WordPress plugin prior to 5.2.4 does not have CSRF when deleting its items, which could allow malicious users to make logged in admins delete arbitrary effects via a CSRF attack
Wow-company Herd Effects
4.9
CVSSv3
CVE-2022-29448
Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress.
Wow-estore Herd Effects
5.4
CVSSv3
CVE-2025-24716
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Herd Effects allows Cross Site Request Forgery. This issue affects Herd Effects: from n/a up to and including 6.2.1.
Wow-company Herd Effects
6.1
CVSSv3
CVE-2023-2362
The Float menu WordPress plugin prior to 5.0.2, Bubble Menu WordPress plugin prior to 3.0.4, Button Generator WordPress plugin prior to 2.3.5, Calculator Builder WordPress plugin prior to 1.5.1, Counter Box WordPress plugin prior to 1.2.2, Floating Button WordPress plugin prior t...
Wow-company Bubble Menu
Wow-company Button Generator
Wow-company Calculator-builder
Wow-company Counter Box
Wow-company Float Menu
Wow-company Floating Button
Wow-company Herd Effects
Wow-company Popup Box
Wow-company Side Menu Lite
Wow-company Sticky Buttons
Wow-company Wow Skype Buttons
Wow-company Wp Coder
NA
CVE-2024-3478
The Herd Effects WordPress plugin prior to 5.2.7 does not have CSRF checks in some bulk actions, which could allow malicious users to make logged in admins perform unwanted actions, such as deleting effects via CSRF attacks
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
type confusion
unspecified
CVE-2025-24200
reflected XSS
panel
CVE-2024-12549
temporal technologies, inc.
CVE-2024-21971
CVE-2024-57777
CVE-2023-31122
CVE-2025-0909
winzip computing
unified secops platform
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started