Vulnerabilities > WOW Estore > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-22 | CVE-2023-27452 | Unspecified vulnerability in Wow-Estore Button Generator - Easily Button Builder Auth. | 4.8 |
| 2022-05-20 | CVE-2022-29448 | Use of Incorrectly-Resolved Name or Reference vulnerability in Wow-Estore Herd Effects Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress. | 4.9 |
| 2022-02-21 | CVE-2022-0313 | Unspecified vulnerability in Wow-Estore Float Menu The Float menu WordPress plugin before 4.3.1 does not have CSRF check in place when deleting menu, which could allow attackers to make a logged in admin delete them via a CSRF attack | 4.3 |