All 3 CVE vulnerabilities found in MyRewards, with AI-generated Chinese analysis, references, and POCs.
Vendor: Long Watch Studio
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-40786 | WordPress MyRewards plugin <= 5.7.3 - Broken Access Control vulnerability CWE-862 | 9.1 | - | 2026-04-15 |
| CVE-2025-15260 | MyRewards – Loyalty Points and Rewards for WooCommerce <= 5.6.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Loyalty Rule Modification CWE-862 | 6.5 | Medium | 2026-02-04 |
| CVE-2024-32688 | WordPress MyRewards plugin <= 5.3.0 - Broken Access Control vulnerability CWE-862 | 6.5 | Medium | 2024-04-22 |
All 3 known CVE vulnerabilities affecting MyRewards with full Chinese analysis, references, and POCs where available.