Exploit for Unrestricted Upload of File with Dangerous Type in Amentotech Workreap

CVE-2021-24499 | Workreap - Freelance Marketplace and Director...

WordPress Workreap plugin <= 3.3.2 - Authenticated (Subscriber+) Arbitrary File Upload via 'workreap_temp_upload_to_media' vulnerability

Authenticated Subscriber+ Arbitrary File Upload via 'workreaptempuploadtomedia' vulnerability discovered by Foxyyy in WordPress Plugin Workreap theme's plugin versions = 3.3.2...

CVE-2022-4239

The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the user issuing the request, or indeed that it is an addon service, when processing the workreapaddonsserviceremove action, allowing any user to delete any post by knowing or guessing the id...

CVE-2021-24501

The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site...

CVE-2022-4239

The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the user issuing the request, or indeed that it is an addon service, when processing the workreapaddonsserviceremove action, allowing any user to delete any post by knowing or guessing the id...

PT-2022-26391 · WordPress · Workreap

Name of the Vulnerable Software and Affected Versions: Workreap WordPress theme versions prior to 2.6.4 Description: The issue allows any user to delete any post by knowing or guessing the id, due to the lack of verification that an addon service belongs to the user issuing the request or that it...

CVE-2022-3846

The Workreap WordPress theme before 2.6.3 has a vulnerability with the notifications feature as it's possible to read any user's notification employer or freelancer as the notification ID is brute-forceable...

PT-2022-24414 · WordPress · Workreap

Name of the Vulnerable Software and Affected Versions: Workreap WordPress theme versions prior to 2.6.3 Description: The issue affects the notifications feature, allowing unauthorized access to any user's notification, whether employer or freelancer, due to the notification ID being...

VulnCheck KEV: CVE-2021-24499

The Workreap WordPress theme before 2.2.2 AJAX actions workreapawardtempfileuploader and workreaptempfileuploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the...

WordPress Workreap theme Access Control Error Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An access control error vulnerability exists in WordPress Workreap theme versions prior to 2.2.2, which stems...

CVE-2021-24501

The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site...

CVE-2021-24499

The Workreap WordPress theme before 2.2.2 AJAX actions workreapawardtempfileuploader and workreaptempfileuploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp...

CVE-2021-24501 Workreap theme < 2.2.2 - Missing Authorization Checks in Ajax Actions

The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site...

WordPress 代码问题漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A code issue vulnerability exists in WordPress theme Workreap that stems from...

CVE-2021-24499 Workreap theme < 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution

The Workreap WordPress theme before 2.2.2 AJAX actions workreapawardtempfileuploader and workreaptempfileuploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp...

WordPress 访问控制错误漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An access control error vulnerability exists in WordPress Workreap theme versions prior to 2.2.2, which stems...

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in WordPress Workreap theme versions prior to 2.2.2 that stems from...

Workreap < 2.2.2 - Multiple CSRF + IDOR Vulnerabilities

Several AJAX actions available in the theme lacked CSRF protections, as well as allowing insecure direct object references that were not validated. This allows an attacker to trick a logged in user to submit a POST request to the vulnerable site, potentially modifying or deleting arbitrary object...

Workreap < 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution

The theme's AJAX actions workreapawardtempfileuploader and workreaptempfileuploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were...