Lucene search
K

8 matches found

EUVD
EUVD
added 2026/04/16 3:31 p.m.5 views

EUVD-2026-22910

Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyRewards: from n/a through = 5.7.3...

4.3CVSS5.8AI score0.00141EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/04/16 3:12 a.m.5 views

WordPress MyRewards plugin <= 5.7.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Muhan Luo in WordPress Plugin MyRewards versions = 5.7.3...

4.3CVSS5.8AI score0.00141EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/04/15 11:16 a.m.7 views

CVE-2026-40786

Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyRewards: from n/a through = 5.7.3...

4.3CVSS0.00141EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.11 views

PT-2026-33052

Name of the Vulnerable Software and Affected Versions MyRewards versions prior to 5.7.4 Description Incorrectly configured access control security levels lead to a missing authorization issue in the MyRewards plugin, which allows for the exploitation of security levels. Recommendations Update to ...

4.3CVSS5.8AI score0.00141EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2026/04/10 12:0 a.m.130 views

📄 MyRewards 5.6.0 Missing Authorization

MyRewards – Loyalty Points and Rewards for WooCommerce versions 5.6.0 and below suffer from a missing authorization vulnerability that allows for privilege escalation. CVE-2025-15260: Missing Authorization / Broken Access Control in Plugin - MyRewards – Loyalty Points and Rewards for WooCommerce...

6.5CVSS5.8AI score0.00274EPSS
Exploits2
GithubExploit
GithubExploit
added 2026/04/09 4:42 p.m.112 views

Exploit for CVE-2025-15260

CVE-2025-15260: Missing Authorization / Broken Access Control...

6.5CVSS5.9AI score0.00274EPSS
Exploits2
EUVD
EUVD
added 2026/02/04 8:25 a.m.6 views

EUVD-2025-206797

The MyRewards – Loyalty Points and Rewards for WooCommerce plugin for WordPress is vulnerable to missing authorization in all versions up to, and including, 5.6.0. This is due to the plugin not properly verifying that a user is authorized to perform an action in the 'ajax' function. This makes it...

6.5CVSS5.5AI score0.00274EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.33 views

PT-2026-5883

Name of the Vulnerable Software and Affected Versions MyRewards – Loyalty Points and Rewards for WooCommerce plugin versions prior to 5.6.1 Description The MyRewards – Loyalty Points and Rewards for WooCommerce plugin for WordPress does not properly verify user authorization when performing actio...

6.5CVSS5.6AI score0.00274EPSS
Exploits2References6
Rows per page
Query Builder