myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin, CVE-2025-49857
- CVE, Research URL
- Home page URL
- Published on
- Jun 17, 2025
- Research Description
- Missing Authorization vulnerability in WPExperts.io myCred allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects myCred: from n/a through 2.9.4.2.
- Affected versions
-
Min -, max 2.9.4.3.
- Status
-
vulnerable
| Previous vulnerability researches |
|---|
| Razorpay Payment Button Elementor Plugin (CVE-2024-10850) , Nov 14, 2024 |
| Razorpay Payment Button Plugin (CVE-2024-10851) , Nov 14, 2024 |