3 matches found
CVE-2024-8658
creationtimestamp| type| source ---|---|--- 2024-09-25 09:18:00+00:00| seen| https://t.me/cvedetector/6293...
CVE-2024-8658 myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification <= 2.7.3 - Missing Authorization to Unauthenticated Database Upgrade
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the...
WordPress myCred Plugin <= 2.7.3 is vulnerable to Broken Access Control
Software myCred Type Plugin Vulnerable versions = 2.7.3 Fixed in 2.7.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8658 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 52e7fd723681 Credits Mika Required privilege Unauthenticated...