The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'workreap_temp_upload_to_media' function in all versions up to, and including, 3.3.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 14 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00264}

epss

{'score': 0.00305}


Thu, 10 Jul 2025 00:30:00 +0000

Type Values Removed Values Added
First Time appeared Amentotech
Amentotech workreap
CPEs cpe:2.3:a:amentotech:workreap:*:*:*:*:*:wordpress:*:*
Vendors & Products Amentotech
Amentotech workreap

Thu, 12 Jun 2025 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 12 Jun 2025 05:45:00 +0000

Type Values Removed Values Added
Description The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'workreap_temp_upload_to_media' function in all versions up to, and including, 3.3.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Title Workreap <= 3.3.2 - Authenticated (Subscriber+) Arbitrary File Upload via 'workreap_temp_upload_to_media'
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2025-06-12T13:07:54.135Z

Reserved: 2025-05-20T15:46:04.592Z

Link: CVE-2025-5012

cve-icon Vulnrichment

Updated: 2025-06-12T13:07:50.695Z

cve-icon NVD

Status : Analyzed

Published: 2025-06-12T06:15:23.640

Modified: 2025-07-10T00:12:21.940

Link: CVE-2025-5012

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.