📦 Workreap

The Workreap WordPress plugin has an authentication bypass vulnerability that allows unauthenticated attackers to log in as any registered user, including administrators, by knowing their email addres...

The Workreap WordPress plugin allows unauthenticated attackers to take over any user account, including administrators, by exploiting insufficient identity validation during social auto-login and prof...

This vulnerability allows unauthenticated attackers to upload arbitrary files, including PHP scripts, to WordPress sites using the Workreap theme. The flaw exists in AJAX endpoints that lack authentic...

This vulnerability in the Workreap WordPress theme allows authenticated users to modify or delete objects belonging to other users due to missing authorization checks in AJAX actions. It affects WordP...