Lucene search
K

5 matches found

EUVD
EUVD
added 2025/12/13 6:30 p.m.5 views

EUVD-2025-203239

The myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.9.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

5.3CVSS5.6AI score0.00227EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/13 5:42 a.m.27 views

CVE-2025-12362 myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program <= 2.9.7 - Missing Authorization to Unauthenticated Withdrawal Request Approval

The myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.9.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

5.3CVSS0.00227EPSS
Exploits0References3
CVE
CVE
added 2025/12/13 5:42 a.m.20 views

CVE-2025-12362

CVE-2025-12362 affects the WordPress plugin myCred – Points Management System (

5.3CVSS5.7AI score0.00227EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/12/13 1:51 a.m.11 views

WordPress myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program plugin <= 2.9.7 - Missing Authorization to Unauthenticated Withdrawal Request Approval vulnerability

Missing Authorization to Unauthenticated Withdrawal Request Approval vulnerability discovered by Rafshanzani Suhada in WordPress Plugin myCred versions = 2.9.7...

5.3CVSS6.8AI score0.00227EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/28 12:0 a.m.6 views

PT-2024-38555 · WordPress · Terawallet – For Woocommerce

Name of the Vulnerable Software and Affected Versions: Wallet for WooCommerce plugin for WordPress versions up to, and including, 1.5.6 Description: The issue arises from a numerical logic flaw when transferring funds to another user, allowing authenticated attackers with Subscriber-level access...

6.5CVSS7AI score0.00483EPSS
Exploits0References6
Rows per page
Query Builder