36 matches found
CVE-2025-22728
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AmentoTech Workreap theme's plugin workreap allows SQL Injection.This issue affects Workreap theme's plugin: from n/a through = 3.3.6...
CVE-2025-22728
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AmentoTech Workreap theme's plugin workreap allows SQL Injection.This issue affects Workreap theme's plugin: from n/a through = 3.3.6...
CVE-2025-22728 WordPress Workreap (theme's plugin) plugin <= 3.3.6 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AmentoTech Workreap theme's plugin workreap allows SQL Injection.This issue affects Workreap theme's plugin: from n/a through = 3.3.6...
CVE-2025-22728
CVE-2025-22728 is an authenticated SQL injection in the Workreap plugin/theme for WordPress (
CVE-2025-22728 WordPress Workreap (theme's plugin) plugin <= 3.3.6 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AmentoTech Workreap theme's plugin workreap allows SQL Injection.This issue affects Workreap theme's plugin: from n/a through = 3.3.6...
WordPress Workreap (theme's plugin) plugin <= 3.3.6 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Bonds in WordPress Plugin Workreap theme's plugin versions = 3.3.6...
PT-2026-1792
Name of the Vulnerable Software and Affected Versions AmentoTech Workreap theme's plugin versions through 3.3.6 Description The Workreap plugin contains a flaw related to improper handling of special characters within SQL queries, potentially allowing for SQL Injection. This could allow an attack...
WordPress plugin Workreap (theme s plugin) 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2025-59566
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AmentoTech Workreap theme's plugin workreap allows Path Traversal.This issue affects Workreap theme's plugin: from n/a through = 3.3.5...
CVE-2025-59566 WordPress Workreap (theme's plugin) plugin <= 3.3.5 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AmentoTech Workreap theme's plugin workreap allows Path Traversal.This issue affects Workreap theme's plugin: from n/a through = 3.3.5...
CVE-2025-59566
The CVE-2025-59566 entry concerns a path traversal flaw in the WordPress Workreap (theme’s plugin) package, affecting versions up to and including 3.3.5. The vulnerability arises from improper limitation of a pathname to a restricted directory, enabling traversal and potential arbitrary file dele...
CVE-2025-59566 WordPress Workreap (theme's plugin) plugin <= 3.3.5 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AmentoTech Workreap theme's plugin workreap allows Path Traversal.This issue affects Workreap theme's plugin: from n/a through = 3.3.5...
EUVD-2024-54163
Malicious code in bioql PyPI...
EUVD-2025-18159
Malicious code in bioql PyPI...
WordPress Workreap (theme's plugin) plugin <= 3.3.5 - Arbitrary File Deletion vulnerability
Arbitrary File Deletion vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Workreap theme's plugin versions = 3.3.5...
CVE-2025-4973
The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to authentication bypass in all versions up to, and including, 3.3.1. This is due to the plugin not properly verifying a user's identity prior to logging them in when verifying an accoun...
CVE-2025-5012
The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'workreaptempuploadtomedia' function in all versions up to, and including, 3.3.2. This makes it possible for...
CVE-2025-4973
The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to authentication bypass in all versions up to, and including, 3.3.1. This is due to the plugin not properly verifying a user's identity prior to logging them in when verifying an accoun...
CVE-2025-5012
The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'workreaptempuploadtomedia' function in all versions up to, and including, 3.3.2. This makes it possible for...
CVE-2025-4973
The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to authentication bypass in all versions up to, and including, 3.3.1. This is due to the plugin not properly verifying a user's identity prior to logging them in when verifying an accoun...