Use of Incorrectly-Resolved Name or Reference
CVE-2022-29448
Summary
Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- HIGH
- HIGH
- NONE
CWE-706 - Use of Incorrectly-Resolved Name or Reference
The software uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.
References
Advisory Timeline
- Published