Log out
Get PRO

Latest

Access violation vulnerability in myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification 2.7.3

  • Severity: medium-risk
  • Status: Fixed
  • Publication: September 24, 2024

The myCred plugin for WordPress and WooCommerce allows users to earn points, ranks, badges, cashback, and credits for gamification. However, a security weakness has been identified in versions up to 2.7.3, which could allow unauthorized changes to be made to the database. This means that attackers without proper authentication could potentially upgrade an outdated database.

Detected in:

myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification fixed vulnerable versions:
myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program. fixed vulnerable versions:
myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program. fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.