cleantalk
Vulnerabilities and Security Researches

MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more, CVE-2025-24757

CVE, Research URL

CVE-2025-24757

Home page URL

Security reports for MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more

Application

MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more

Published on
Jul 04, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Long Watch Studio MyRewards allows Stored XSS. This issue affects MyRewards: from n/a through 5.4.13.1.
Affected versions
Min -, max 5.4.14.
Status
vulnerable
Previous vulnerability researches
Currency Switcher for WooCommerce (CVE-2025-30857) , Apr 02, 2025
New vulnerability
MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more (CVE-2025-24757) , Jul 06, 2025
File Manager (CVE-2025-27358) , Jul 06, 2025
Booking Calendar Contact Form (CVE-2025-48231) , Jul 06, 2025
NGG Smart Image Search (CVE-2025-52832) , Jul 05, 2025
(Simply) Guest Author Name (CVE-2025-24764) , Jul 05, 2025