cleantalk
Vulnerabilities and Security Researches

MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more, CVE-2026-40786

CVE, Research URL

CVE-2026-40786

Home page URL

Security reports for MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more

Application

MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more

Published on
Apr 15, 2026
Research Description
Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyRewards: from n/a through <= 5.7.3.
Affected versions
max 5.7.3.
Status
vulnerable
Previous vulnerability researches
CRM and Lead Management by vcita (CVE-2025-5240) , Jul 23, 2025
CRM and Lead Management by vcita (CVE-2024-13702) , Mar 27, 2025
CRM and Lead Management by vcita (CVE-2024-13703) , Mar 14, 2025
CRM and Lead Management by vcita (CVE-2023-2405) , Jun 07, 2024
CRM and Lead Management by vcita (CVE-2023-2404) , Jun 07, 2024
New vulnerability
Accessibly &#8211; WordPress Website Accessibility (CVE-2026-3643) , Apr 17, 2026
Barcode Scanner and Inventory manager. POS (Point of Sale) &#8211; scan barcodes &amp; create orders with barcode reader. (CVE-2026-4880) , Apr 17, 2026
OneSignal &#8211; Web Push Notifications (CVE-2026-3155) , Apr 17, 2026
Magazine Blocks – Blog Designer, Magazine &amp; Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid (CVE-2026-40728) , Apr 17, 2026
BetterDocs – Best Documentation, FAQ &amp; Knowledge Base Plugin with AI Support (CVE-2026-3875) , Apr 17, 2026