cleantalk
Vulnerabilities and Security Researches

GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress, CVE-2026-24546

CVE, Research URL

CVE-2026-24546

Home page URL

Security reports for GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress

Application

GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress

Published on
May 26, 2026
Research Description
Missing Authorization vulnerability in Ruben Garcia GamiPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GamiPress: from n/a through 7.6.3.
Affected versions
max 7.6.4.
Status
vulnerable
Previous vulnerability researches
RSVP ME (CVE-2025-23480) , Mar 05, 2025
RSVP ME (CVE-2024-50544) , Nov 04, 2024
RSVP ME (CVE-2024-50491) , Oct 29, 2024
New vulnerability
Autoship Cloud for WooCommerce Subscription Products (CVE-2026-24527) , May 27, 2026
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2026-7493) , May 27, 2026
RSVP and Event Management Plugin (CVE-2026-27398) , May 27, 2026
B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More (CVE-2026-27346) , May 27, 2026
GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress (CVE-2026-24546) , May 27, 2026