Lucene search
K

5 matches found

Patchstack
Patchstack
added 2026/04/16 3:12 a.m.5 views

WordPress MyRewards plugin <= 5.7.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Muhan Luo in WordPress Plugin MyRewards versions = 5.7.3...

4.3CVSS5.8AI score0.00141EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2026/04/10 12:0 a.m.126 views

📄 MyRewards 5.6.0 Missing Authorization

MyRewards – Loyalty Points and Rewards for WooCommerce versions 5.6.0 and below suffer from a missing authorization vulnerability that allows for privilege escalation. CVE-2025-15260: Missing Authorization / Broken Access Control in Plugin - MyRewards – Loyalty Points and Rewards for WooCommerce...

6.5CVSS5.8AI score0.00274EPSS
Exploits2
GithubExploit
GithubExploit
added 2026/04/09 4:42 p.m.109 views

Exploit for CVE-2025-15260

CVE-2025-15260: Missing Authorization / Broken Access Control...

6.5CVSS5.9AI score0.00274EPSS
Exploits2
EUVD
EUVD
added 2026/02/04 8:25 a.m.6 views

EUVD-2025-206797

The MyRewards – Loyalty Points and Rewards for WooCommerce plugin for WordPress is vulnerable to missing authorization in all versions up to, and including, 5.6.0. This is due to the plugin not properly verifying that a user is authorized to perform an action in the 'ajax' function. This makes it...

6.5CVSS5.5AI score0.00274EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.32 views

PT-2026-5883

Name of the Vulnerable Software and Affected Versions MyRewards – Loyalty Points and Rewards for WooCommerce plugin versions prior to 5.6.1 Description The MyRewards – Loyalty Points and Rewards for WooCommerce plugin for WordPress does not properly verify user authorization when performing actio...

6.5CVSS5.6AI score0.00274EPSS
Exploits2References6
Rows per page
Query Builder