CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34 matches found

WordPress Workreap - Remote Code Execution

WordPress Workreap theme is susceptible to remote code execution. The AJAX actions workreapawardtempfileuploader and workreaptempfileuploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to th...

9.8CVSS7.7AI score0.93938EPSS

Exploits9References5

NVD•added 2026/01/22 5:16 p.m.•3 views

CVE-2025-69101

Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Workreap Core workreapcore allows Authentication Abuse.This issue affects Workreap Core: from n/a through = 3.4.1...

9.8CVSS0.00037EPSS

Exploits0References1

RedhatCVE•added 2026/01/10 5:41 a.m.•1 views

CVE-2025-22728

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AmentoTech Workreap theme's plugin workreap allows SQL Injection.This issue affects Workreap theme's plugin: from n/a through = 3.3.6...

8.5CVSS5.9AI score0.00019EPSS

Exploits0References1

NVD•added 2026/01/08 10:15 a.m.•3 views

CVE-2025-22728

8.5CVSS0.00019EPSS

Exploits0References1

Positive Technologies•added 2026/01/08 12:0 a.m.•3 views

PT-2026-1792

Name of the Vulnerable Software and Affected Versions AmentoTech Workreap theme's plugin versions through 3.3.6 Description The Workreap plugin contains a flaw related to improper handling of special characters within SQL queries, potentially allowing for SQL Injection. This could allow an attack...

9.8CVSS7AI score0.00019EPSS

Exploits0References3

RedhatCVE•added 2025/12/19 4:23 p.m.•1 views

CVE-2025-64236

Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Tuturn allows Authentication Abuse.This issue affects Tuturn: from n/a before 3.6...

9.8CVSS5.2AI score0.00079EPSS

Exploits0References1

EUVD•added 2025/12/18 6:30 p.m.•1 views

EUVD-2025-204294

Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Tuturn allows Authentication Abuse.This issue affects Tuturn: from n/a before 3.6...

9.8CVSS6.5AI score0.00079EPSS

Exploits0References2

NVD•added 2025/12/18 5:15 p.m.•1 views

CVE-2025-64236

Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Tuturn allows Authentication Abuse.This issue affects Tuturn: from n/a before 3.6...

9.8CVSS0.00079EPSS

Exploits0References1

NVD•added 2025/12/18 5:15 p.m.•1 views

CVE-2025-64235

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AmentoTech Tuturn allows Path Traversal.This issue affects Tuturn: from n/a before 3.6...

6.5CVSS0.00067EPSS

Exploits0References1

Positive Technologies•added 2025/12/18 12:0 a.m.•1 views

PT-2025-52275

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AmentoTech Tuturn allows Path Traversal.This issue affects Tuturn: from n/a before 3.6...

6.5CVSS6.9AI score0.00067EPSS

Exploits0References2

Positive Technologies•added 2025/12/18 12:0 a.m.•1 views

PT-2025-52264

Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Tuturn allows Authentication Abuse.This issue affects Tuturn: from n/a before 3.6...

9.8CVSS7AI score0.00079EPSS

Exploits0References2

RedhatCVE•added 2025/10/24 1:35 p.m.•1 views

CVE-2025-58971

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AmentoTech Doctreat doctreat allows Reflected XSS.This issue affects Doctreat: from n/a through = 1.6.7...

7.1CVSS6.4AI score0.0003EPSS

Exploits0References1

RedhatCVE•added 2025/10/23 3:13 p.m.•2 views

CVE-2025-59566

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AmentoTech Workreap theme's plugin workreap allows Path Traversal.This issue affects Workreap theme's plugin: from n/a through = 3.3.5...

7.7CVSS6.9AI score0.00059EPSS

Exploits0References1

EUVD•added 2025/10/22 3:31 p.m.•2 views

EUVD-2025-35435

7.6CVSS6.4AI score0.00059EPSS

Exploits0References2

EUVD•added 2025/10/22 3:31 p.m.•1 views

EUVD-2025-35444

5.9AI score0.0003EPSS

Exploits0References2

EUVD•added 2025/10/22 3:31 p.m.•2 views

EUVD-2025-35450

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AmentoTech Taskbot taskbot allows Path Traversal.This issue affects Taskbot: from n/a through = 6.4...

6.4AI score0.00059EPSS

Exploits0References2

NVD•added 2025/10/22 3:15 p.m.•2 views

CVE-2025-59566

7.7CVSS0.00059EPSS

Exploits0References1

NVD•added 2025/10/22 3:15 p.m.•1 views

CVE-2025-58971

7.1CVSS0.0003EPSS

Exploits0References1

Vulnrichment•added 2025/10/22 2:32 p.m.•2 views

CVE-2025-58959 WordPress Taskbot plugin <= 6.4 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AmentoTech Taskbot taskbot allows Path Traversal.This issue affects Taskbot: from n/a through = 6.4...

7.7CVSS6.5AI score0.00059EPSS

Exploits0References1

Positive Technologies•added 2025/10/22 12:0 a.m.•3 views

PT-2025-43276

Name of the Vulnerable Software and Affected Versions AmentoTech Taskbot versions through 6.4 Description AmentoTech Taskbot contains a flaw related to improper limitation of a pathname to a restricted directory, which allows for path traversal. This could potentially allow an attacker to access...

7.6CVSS6.6AI score0.00059EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by