Vulnerabilities > Mycred

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-29	CVE-2017-20008	Unspecified vulnerability in Mycred The myCred WordPress plugin before 1.7.8 does not sanitise and escape the user parameter before outputting it back in the Points Log admin dashboard, leading to a Reflected Cross-Site Scripting network low complexity mycred	6.1
2021-11-29	CVE-2021-24755	Unspecified vulnerability in Mycred The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before using it in a SQL statement, leading to an SQL injection exploitable by any authenticated user network low complexity mycred	8.8

Vulnerabilities > Mycred {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mycred"}]}