Every CVE whose affected-product data names Mycred, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-10187 — CVSS 6.4 (medium): The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce…
CVE-2017-20008 — CVSS 6.1 (medium): The myCred WordPress plugin before 1.7.8 does not sanitise and escape the user parameter before outputting it back in the Points Log admin…
CVE-2021-25015 — CVSS 6.1 (medium): The myCred WordPress plugin before 2.4 does not sanitise and escape the search query before outputting it back in the history dashboard…
CVE-2024-8658 — CVSS 5.3 (medium): The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce…