CVE-2023-4318

Name of the Vulnerable Software and Affected Versions Herd Effects WordPress plugin versions prior to 5.2.4

Description The issue concerns a lack of CSRF protection when deleting items, which could allow attackers to trick logged-in administrators into deleting arbitrary effects via a CSRF attack.

Recommendations For versions prior to 5.2.4, update to version 5.2.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's item deletion functionality to minimize the risk of exploitation.