Medium severity5.4NVD Advisory· Published Jan 23, 2026· Updated Apr 28, 2026
CVE-2026-24581
CVE-2026-24581
Description
Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through <= 2.9.5.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <= 2.9.5
- Range: <= 2.9.5
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.