WordPress Plugin Vulnerabilities

Mycred < 2.4.4.1 - Subscriber+ User E-mail Addresses Disclosure

Description

The plugin does not have any authorisation in place in its mycred-tools-select-user AJAX action, allowing any authenticated user, such as subscriber to call and retrieve all email addresses from the blog

Proof of Concept

Affects Plugins

Plugin icon
mycred
Fixed in 2.4.4.1

References

CVE
CVE-2022-0287

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
Krzysztof Zając
Submitter
Krzysztof Zając
Submitter website
https://kazet.cc/
Verified
Yes
WPVDB ID
6cd7cd6d-1cc1-472c-809b-b66389f149b0

Timeline

Publicly Published
2022-04-04 (about 3 years ago)
Added
2022-04-04 (about 3 years ago)
Last Updated
2023-07-24 (about 2 years ago)

Other

Published
Title
Published
2025-06-05
Title
oik < 4.15.2 - Missing Authorization
Published
2025-05-29
Title
Responsive Plus < 3.2.1 - Missing Authorization
Published
2025-09-26
Title
WP Virtual Assistant <= 3.0 - Missing Authorization
Published
2025-03-04
Title
Lafka - Multi Store Burger - Pizza & Food Delivery WooCommerce Theme <= 4.5.7 - Missing Authorization to Authenticated (Subscriber+) Demo Import
Published
2025-04-29
Title
Custom PC Builder Lite for WooCommerce <= 1.0.1 - Missing Authorization to Unauthenticated Settings Update