CVE-2023-4318 Information

Description

The Herd Effects WordPress plugin before 5.2.4 does not have CSRF when deleting its items which could allow attackers to make logged in admins delete arbitrary effects via a CSRF attack

Reference

https://wpscan.com/vulnerability/93b40030-3706-4063-bf59-4ec983afdbb6