myCred
Saad Iqbal
Developer
3.0.2
Latest version
10,000
Installations
No date
Last updated
Vulnerability history
0 present
27 patched
8 Mitigation rules
- Authenticated (Contributor+) Stored Cross-Site Scripting via 'mycred_load_coupon' Shortcode vulnerability<= 2.9.7.313/02/2026
- Broken Access Control vulnerability<= 2.9.7.306/01/2026
- Missing Authorization to Sensitive Information Exposure vulnerability<= 2.9.7.118/12/2025
- Missing Authorization to Unauthenticated Withdrawal Request Approval vulnerability<= 2.9.713/12/2025
- Cross Site Scripting (XSS) vulnerability<= 2.9.7.608/11/2025
- Cross Site Scripting (XSS) Vulnerability<= 2.9.4.330/07/2025
- Race Condition Vulnerability<= 2.9.4.330/07/2025
- Broken Access Control Vulnerability<= 2.9.4.212/06/2025
- Broken Access Control Vulnerability<= 2.9.4.212/06/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via mycred_send Shortcode vulnerability<= 2.7.5.205/12/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 2.7.407/11/2024
- Missing Authorization to Unauthenticated Database Upgrade vulnerability<= 2.7.325/09/2024
- PHP Object Injection vulnerability<= 2.7.216/08/2024
- Cross Site Scripting (XSS) vulnerability<= 2.7.216/08/2024
- Sensitive Data Exposure vulnerability<= 2.7.209/08/2024
- Cross Site Scripting (XSS) vulnerability<= 2.6.322/04/2024
- Cross Site Scripting (XSS) vulnerability<= 2.6.120/11/2023
- Reflected Cross Site Scripting (XSS) vulnerability< 2.5.318/07/2023
- Cross Site Request Forgery (CSRF)<= 2.515/06/2023
- User E-mail Addresses Disclosure vulnerability<= 2.4.404/04/2022
- Arbitrary Post Creation vulnerability<= 2.4.329/03/2022
- Import/Export to Email Address Disclosure vulnerability<= 2.4.329/03/2022
- Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability<= 2.4.328/02/2022
- Sensitive Information Disclosure vulnerability<= 2.4.328/02/2022
- Reflected Cross-Site Scripting (XSS) vulnerability<= 2.3.227/12/2021
- SQL Injection (SQLi) vulnerability<= 2.201/11/2021
- Reflected Cross-Site Scripting (XSS) vulnerability<= 1.7.720/04/2017