cleantalk
Vulnerabilities and Security Researches

myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin, 2a70fb14fad73c585845b1f17c9f805cf2348f75

CVE, Research URL

2a70fb14fad73c585845b1f17c9f805cf2348f75

Home page URL

Security reports for myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin

Application

myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin

Published on
Feb 28, 2022
Research Description
Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program &#8211; myCred [mycred] < 2.4.3.1 WordPress myCred plugin <= 2.4.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress myCred plugin (versions <= 2.4.3).
Affected versions
max 2.4.3.1.
Status
vulnerable
Previous vulnerability researches
myCred Elementor (CVE-2024-49702) , Oct 25, 2024
myCred &#8211; Points, Rewards, Gamification, Ranks, Badges &amp; Loyalty Plugin (CVE-2023-33999) , Jun 13, 2026
myCred &#8211; Points, Rewards, Gamification, Ranks, Badges &amp; Loyalty Plugin (CVE-2024-43214) , Aug 13, 2024
myCred &#8211; Points, Rewards, Gamification, Ranks, Badges &amp; Loyalty Plugin (CVE-2026-8607) , Jun 18, 2026
myCred &#8211; Points, Rewards, Gamification, Ranks, Badges &amp; Loyalty Plugin (CVE-2026-42676) , May 22, 2026
New vulnerability
ABC Crypto Checkout (CVE-2026-52695) , Jun 18, 2026
WordPress File Sharing Plugin (CVE-2026-10093) , Jun 18, 2026
Gallery Plugin for WordPress &#8211; Envira Photo Gallery (CVE-2026-54190) , Jun 18, 2026
WooCommerce POS (CVE-2026-52711) , Jun 18, 2026
GetGenie – Ai Content Writer with Keyword Research and Competitor Analysis (CVE-2026-54197) , Jun 18, 2026