cleantalk
Vulnerabilities and Security Researches

MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more, CVE-2026-40786

CVE, Research URL

CVE-2026-40786

Home page URL

Security reports for MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more

Application

MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more

Published on
Apr 15, 2026
Research Description
Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyRewards: from n/a through <= 5.7.3.
Affected versions
max 5.7.3.
Status
vulnerable
Previous vulnerability researches
Prodigy Commerce (CVE-2024-54251) , Dec 11, 2024
Prodigy Commerce (CVE-2026-0926) , Apr 15, 2026
Prodigy Commerce (CVE-2024-54250) , Dec 15, 2024
New vulnerability
Categories Images (CVE-2026-40734) , Apr 17, 2026
Elementor Addons by Livemesh (CVE-2026-1572) , Apr 17, 2026
Elementor Addons by Livemesh (CVE-2026-1620) , Apr 17, 2026
NextGEN Download Gallery (CVE-2026-0675) , Apr 17, 2026
Smart Online Order for Clover (CVE-2025-15635) , Apr 17, 2026