Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company’s Herd Effects plugin <= 5.2 at WordPress.
CWE-706
CVE-2022-29445
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company’s Popup Box plugin <= 2.1.2 at WordPress.
CVE-2022-27778
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `–no-clobber` is used together with `–remove-on-error`.
CVE-2022-0855
Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcs_plugin prior to 0.0.4.