cleantalk
Vulnerabilities and Security Researches

MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more, CVE-2026-40786

CVE, Research URL

CVE-2026-40786

Home page URL

Security reports for MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more

Application

MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more

Published on
Apr 15, 2026
Research Description
Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyRewards: from n/a through <= 5.7.3.
Affected versions
max 5.7.3.
Status
vulnerable
Previous vulnerability researches
QuestionPro Surveys (CVE-2026-1901) , Apr 16, 2026
New vulnerability
NextGEN Download Gallery (CVE-2026-0675) , Apr 17, 2026
Smart Online Order for Clover (CVE-2025-15635) , Apr 17, 2026
Basic Google Maps Placemarks (CVE-2026-3581) , Apr 17, 2026
MyRewards &#8211; Loyalty Points and Rewards for WooCommerce &#8211; Reward orders, referrals, product reviews and more (CVE-2026-40786) , Apr 17, 2026
Quiz And Survey Master &#8211; Best Quiz, Exam and Survey Plugin for WordPress (CVE-2025-9318) , Apr 17, 2026