Product
amentotech workreap
8 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-5012
CVE-2025-4973
CVE-2024-13446
CVE-2022-4239
CVE-2022-3846
CVE-2021-24501
CVE-2021-24500
CVE-2021-24499
< 3.3.3
The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to arbitrary file u
< 3.3.2
The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to authentication b
< 3.2.6
The Workreap plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including,
< 2.6.4
The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the user issuing the request, or indeed
< 2.6.3
The Workreap WordPress theme before 2.6.3 has a vulnerability with the notifications feature as it's possible to read any user's n
< 2.2.2
The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authoriz
< 2.2.2
Several AJAX actions available in the Workreap WordPress theme before 2.2.2 lacked CSRF protections, as well as allowing insecure
< 2.2.2
The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not p