CVE-2025-49872Missing Authorization in Iqbal Mycred

CWE-862Missing Authorization3 documents3 sources
Severity
N/A
No vector
EPSS
0.1%
top 69.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Saad Iqbal Mycred
Timeline
PublishedJun 17

Description

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects myCred: from n/a through <= 2.9.4.2.

Affected Packages1 packages

CVEListV5saad_iqbal/mycred2.9.4.2

🔴Vulnerability Details

2
CVEList
WordPress myCred plugin <= 2.9.4.2 - Broken Access Control Vulnerability2025-06-17
GHSA
GHSA-2898-g742-r2p3: Missing Authorization vulnerability in WPExperts2025-06-17
CVE-2025-49872 — Missing Authorization in Iqbal Mycred | cvebase