CVE-2026-0550 | myCred Plugin up to 2.9.7.3 on WordPress Shortcode mycred_load_coupon cross site scripting

Inserito da Angelo Barbosa | Feb 13, 2026 | CVE

A vulnerability was found in myCred Plugin up to 2.9.7.3 on WordPress. It has been rated as problematic. The affected element is the function mycred_load_coupon of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2026-0550. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-0550 | myCred Plugin up to 2.9.7.3 on WordPress Shortcode mycred_load_coupon cross site scripting

Post correlati

CVE-2025-24654 | SEO Squirrly SEO Plugin up to 12.4.05 on WordPress authorization

CVE-2024-6660 | reputeinfosystems Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress bookingpress_import_data_continue_process_func insufficient permissions or privileges

CVE-2024-30097 | Microsoft Windows up to Server 2022 23H2 Speech Application Programming Interface double free

CVE-2024-56828 | ChestnutCMS up to 1.5.0 API Endpoint /api/member/avatar Base64.getDecoder.decode suffix unrestricted upload