33 matches found
CVE-2025-24757 WordPress uDesign theme <= 4.11.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in AndonDesign uDesign udesign.This issue affects uDesign: from n/a through = 4.11.2...
WordPress plugin MyRewards 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...
PT-2025-27871 · Long Watch Studio · Myrewards
Name of the Vulnerable Software and Affected Versions: Long Watch Studio MyRewards versions n/d through 5.4.13.1 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows stored XSS. Recommendations: For...
CVE-2024-32688
Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0...
MyRewards < 5.3.1 - Missing Authorization
Description The MyRewards plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the /assets/lws-adminpanel/include/internal/ajax.php file in versions up to, and including, 5.3.0. This makes it possible for authenticated attackers, with...
CVE-2024-32688
Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0...
CVE-2024-32688 WordPress MyRewards plugin <= 5.3.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0...
CVE-2024-32688 WordPress MyRewards plugin <= 5.3.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0...
CVE-2024-32688
CVE-2024-32688 is a Missing Authorization vulnerability in the MyRewards plugin for WooCommerce (MyRewards). Affected range: up to version 5.3.0. The issue is documented by Red Hat and Wordfence, with Patch/Patched status indicating a fix has been released. CVSS 3.1 score is 6.5 (Network, Low com...
PT-2024-24774 · Long Watch Studio · Myrewards
Name of the Vulnerable Software and Affected Versions: Long Watch Studio MyRewards versions n/a through 5.3.0 Description: The issue is related to a Missing Authorization vulnerability. This means that there is a lack of proper authorization checks, potentially allowing unauthorized access to...
WordPress plugin MyRewards 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress MyRewards plugin <= 5.3.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Emili Castells Patchstack Alliance in WordPress Plugin MyRewards versions = 5.3.0...
WordPress MyRewards Plugin <= 5.3.0 is vulnerable to Broken Access Control
Software MyRewards Type Plugin Vulnerable versions = 5.3.0 Fixed in 5.3.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32688 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 4a61d830f2db Credits Emili Castells Required...