Lucene search
+L

33 matches found

Cvelist
Cvelist
added 2025/07/04 8:42 a.m.20 views

CVE-2025-24757 WordPress uDesign theme <= 4.11.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in AndonDesign uDesign udesign.This issue affects uDesign: from n/a through = 4.11.2...

5.3CVSS0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/04 12:0 a.m.5 views

WordPress plugin MyRewards 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...

6.5CVSS7.8AI score0.00224EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/04 12:0 a.m.7 views

PT-2025-27871 · Long Watch Studio · Myrewards

Name of the Vulnerable Software and Affected Versions: Long Watch Studio MyRewards versions n/d through 5.4.13.1 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows stored XSS. Recommendations: For...

6.5CVSS9.2AI score0.00224EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 10:18 a.m.19 views

CVE-2024-32688

Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0...

6.5CVSS5.1AI score0.00462EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/04/23 12:0 a.m.19 views

MyRewards < 5.3.1 - Missing Authorization

Description The MyRewards plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the /assets/lws-adminpanel/include/internal/ajax.php file in versions up to, and including, 5.3.0. This makes it possible for authenticated attackers, with...

6.5CVSS6.5AI score0.00462EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/04/22 11:15 a.m.23 views

CVE-2024-32688

Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0...

6.5CVSS6.5AI score0.00462EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/22 10:34 a.m.33 views

CVE-2024-32688 WordPress MyRewards plugin <= 5.3.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0...

6.5CVSS6.7AI score0.00462EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/22 10:34 a.m.17 views

CVE-2024-32688 WordPress MyRewards plugin <= 5.3.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0...

6.5CVSS6.9AI score0.00462EPSS
Exploits0References1
CVE
CVE
added 2024/04/22 10:34 a.m.97 views

CVE-2024-32688

CVE-2024-32688 is a Missing Authorization vulnerability in the MyRewards plugin for WooCommerce (MyRewards). Affected range: up to version 5.3.0. The issue is documented by Red Hat and Wordfence, with Patch/Patched status indicating a fix has been released. CVSS 3.1 score is 6.5 (Network, Low com...

6.5CVSS5.1AI score0.00462EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/22 12:0 a.m.5 views

PT-2024-24774 · Long Watch Studio · Myrewards

Name of the Vulnerable Software and Affected Versions: Long Watch Studio MyRewards versions n/a through 5.3.0 Description: The issue is related to a Missing Authorization vulnerability. This means that there is a lack of proper authorization checks, potentially allowing unauthorized access to...

6.5CVSS6.5AI score0.00462EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/22 12:0 a.m.5 views

WordPress plugin MyRewards 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.7AI score0.00462EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/17 2:27 p.m.8 views

WordPress MyRewards plugin <= 5.3.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Emili Castells Patchstack Alliance in WordPress Plugin MyRewards versions = 5.3.0...

6.5CVSS7AI score0.00462EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/17 12:0 a.m.15 views

WordPress MyRewards Plugin <= 5.3.0 is vulnerable to Broken Access Control

Software MyRewards Type Plugin Vulnerable versions = 5.3.0 Fixed in 5.3.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32688 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 4a61d830f2db Credits Emili Castells Required...

6.5CVSS6.5AI score0.00462EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder