WordPress Point Vulnerabilities

Wordpress Point vulnerabilities.

JSON RSS CSV 🔔 Create Alert Trigger

4 February 2026

Authorization Flaw in MyRewards Loyalty Points Plugin for WooCommerce
CVE-2025-15260
WordPressMyrewards – Loyalty Po...6.5MEDIUM

23 January 2026

Missing Authorization Vulnerability in WP Swings Points and Rewards for WooCommerce
CVE-2026-24581
WordPressPoints And Rewards For...5.4MEDIUM

6 January 2026

Unauthorized Data Access in GamiPress Plugin by GamiPress
CVE-2025-13812
WordPressGamipress – Gamificati...4.3MEDIUM

19 December 2025

Missing Authorization Vulnerability in myCred Plugin for WordPress
CVE-2025-12361
WordPressMycred – Points Manage...4.3MEDIUM

13 December 2025

Missing Authorization Vulnerability in myCred Points Management System for WordPress
CVE-2025-12362
WordPressMycred – Points Manage...5.3MEDIUM

21 November 2025

Arbitrary File Upload Vulnerability in Vitepos – POS for WooCommerce Plugin
CVE-2025-13156
WordPressVitepos – Point Of Sal...8.8HIGH

13 November 2025

Sensitive Data Exposure in WooCommerce Ultimate Points And Rewards Plugin by WPSwings
CVE-2025-64267
WordPressWooCommerce Ultimate P...4.3MEDIUM

14 August 2025

SQL Injection Vulnerability in Infosoftplugin WooCommerce Point Of Sale
CVE-2025-52820
WordPressWooCommerce Point Of S...8.5HIGH

19 May 2025

PHP Remote File Inclusion Vulnerability in FantasticPlugins SUMO Reward Points
CVE-2025-32925
WordPressSumo Reward Points9.8CRITICAL

5 March 2025

Stored Cross-Site Scripting in Point Maker Plugin for WordPress
CVE-2024-12815
WordPressPoint Maker6.4MEDIUM

15 February 2025

Sensitive Information Exposure in Oliver POS - WooCommerce Plugin by WordPress
CVE-2024-13513
WordPressOliver Pos – A WooComm...9.8CRITICAL

22 January 2025

2 January 2025

Cross-Site Request Forgery Vulnerability in Creativthemes Point Product
CVE-2024-37931
WordPressPoint4.3MEDIUM

25 December 2024

Privilege Escalation Vulnerability in WooCommerce Point of Sale Plugin for WordPress
CVE-2024-11281
WordpressWooCommerce Point Of Sale👾9.8CRITICAL

6 December 2024

Stored Cross-Site Scripting Vulnerability in myCred Plugin for WordPress and WooCommerce
CVE-2024-11201
WordpressMycred – Exclusive Pla...👾🟡6.4MEDIUM

19 November 2024

Unauthenticated Arbitrary Shortcode Execution Vulnerability in GamiPress Plugin
CVE-2024-11036
WordpressGamipress – The #1 Gam...9.8CRITICAL

9 November 2024

Gmap Point List Vulnerable to Stored XSS
CVE-2024-51594
WordPressGmap Point List5.4MEDIUM

8 November 2024

Stored Cross-Site Scripting Vulnerability in MyCred
CVE-2024-10187
WordpressMycred – Loyalty Point...5.4MEDIUM

25 October 2024

Authenticated Attackers Can Delete Plugin's API Key Due to Missing Capability Check
CVE-2024-9109
WordpressWooCommerce Ups Shippi...4.3MEDIUM

17 October 2024

Point Maker Includes Remote File Inclusion Vulnerability
CVE-2024-49317
WordPressPoint Maker7.5HIGH

16 October 2024

Freemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes
CVE-2022-4974
WordpressYasr – Yet Another Sta...6.3MEDIUM

2 May 2024

Blind SQL Injection Vulnerability in Barcode Scanner and Inventory Manager for WordPress
CVE-2024-2661
WordpressBarcode Scanner And In...8.8HIGH

11 April 2024

Missing Authorization vulnerability in Points and Rewards for WooCommerce
CVE-2023-27607
WordPressPoints And Rewards For...5.4MEDIUM