Approved changes feed: RSS · Atom
cpe:2.3:a:saad_iqbal:mycred:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Saad Iqbal (97dce978-69c2-5929-ad59-42f939c1becd) |
|---|---|
| Product | Mycred (2cc5f66a-f480-5c76-8ebd-ed5ec16474cd) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-27440 |
vulnerable | 2026-06-03 15:18:06.470838 |
WordPress myCred plugin <= 2.9.7.6 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred mycred allows Stored XSS.This issue affects myCred: from n/a through <= 2.9.7.6.
Published: 2026-02-19T20:35:42.839Z
Updated: 2026-04-28T16:15:03.440Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-24951 |
vulnerable | 2026-06-03 15:16:53.666391 |
WordPress myCred plugin <= 2.9.7.3 - Broken Access Control vulnerability
MEDIUM (4.3)
Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects myCred: from n/a through <= 2.9.7.3.
Published: 2026-02-03T14:08:33.829Z
Updated: 2026-04-28T16:14:51.254Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-54668 |
vulnerable | 2026-06-03 15:04:56.504348 |
WordPress myCred plugin <= 2.9.4.3 - Cross Site Scripting (XSS) Vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred mycred allows Stored XSS.This issue affects myCred: from n/a through <= 2.9.4.3.
Published: 2025-08-14T10:34:38.390Z
Updated: 2026-04-28T16:13:34.156Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-54667 |
vulnerable | 2026-06-03 15:04:56.503851 |
WordPress myCred plugin <= 2.9.4.3 - Race Condition Vulnerability
MEDIUM (5.3)
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Saad Iqbal myCred mycred allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions.This issue affects myCred: from n/a through <= 2.9.4.3.
Published: 2025-08-14T10:34:37.828Z
Updated: 2026-04-28T16:13:34.224Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49872 |
vulnerable | 2026-06-03 15:01:46.204674 |
WordPress myCred plugin <= 2.9.4.2 - Broken Access Control Vulnerability
MEDIUM (5.3)
Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects myCred: from n/a through <= 2.9.4.2.
Published: 2025-06-17T15:01:16.048Z
Updated: 2026-04-28T16:13:06.684Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49857 |
vulnerable | 2026-06-03 15:01:46.176001 |
WordPress myCred plugin <= 2.9.4.2 - Broken Access Control Vulnerability
MEDIUM (4.3)
Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects myCred: from n/a through <= 2.9.4.2.
Published: 2025-06-17T15:01:21.023Z
Updated: 2026-04-28T16:13:05.619Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-43354 |
vulnerable | 2026-06-03 14:56:45.050428 |
WordPress myCred plugin <= 2.7.2 - PHP Object Injection vulnerability
CRITICAL (9.8)
Deserialization of Untrusted Data vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through <= 2.7.2.
Published: 2024-08-19T19:30:05.590Z
Updated: 2026-04-29T09:51:52.936Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-43353 |
vulnerable | 2026-06-03 14:56:45.049961 |
WordPress myCred plugin <= 2.7.2 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through <= 2.7.2.
Published: 2024-08-18T13:02:54.080Z
Updated: 2026-04-28T16:10:13.538Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-43214 |
vulnerable | 2026-06-03 14:56:44.735603 |
WordPress myCred plugin <= 2.7.2 - Sensitive Data Exposure vulnerability
MEDIUM (5.3)
Missing Authorization vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through <= 2.7.2.
Published: 2024-08-26T20:21:58.639Z
Updated: 2026-04-28T16:10:09.799Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-32711 |
vulnerable | 2026-06-03 14:55:47.802140 |
WordPress myCred plugin <= 2.6.3 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through <= 2.6.3.
Published: 2024-04-24T10:11:06.284Z
Updated: 2026-04-28T16:09:39.605Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.