Mycred ≫ Mycred

The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress is vulnerable to Stored Cross-Site Scripting via t...

The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress is vulnerable to unauthorized modification of data...

Deserialization of Untrusted Data vulnerability in myCred allows Object Injection.This issue affects myCred: from n/a through 2.7.2.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in myCred allows Stored XSS.This issue affects myCred: from n/a through 2.7.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in myCred allows Stored XSS.This issue affects myCred: from n/a through 2.6.3.

The myCred WordPress plugin before 2.4 does not sanitise and escape the search query before outputting it back in the history dashboard page, leading to a Reflected Cross-Site Scripting issue

The myCred WordPress plugin before 1.7.8 does not sanitise and escape the user parameter before outputting it back in the Points Log admin dashboard, leading to a Reflected Cross-Site Scripting