CVE-2022-29448

Medium

Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress.

Patchstack·CWE-706·Published 2022-05-20

CVSS

4.9

EPSS

0.01

KEV

Exploits

cve.orgen

140 chars

Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress.

NVDen

140 chars

Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress.

Una vulnerabilidad de Inclusión de Archivos Locales (LFI) autenticado (rol de administrador o usuario superior) en el plugin Herd Effects de Wow-Company versiones anteriores a 5.2 incluyéndola, en WordPress

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.0	8.0	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N
3.1	Primary	cve.org	6.8	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	6.8	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
3.1	Primary	NVD	4.9	1.2	3.6	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
3.1	Secondary	NVD	6.8	0.9	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H