{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-69101", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-12-29T11:19:21.661Z", "datePublished": "2026-01-22T16:52:27.433Z", "dateUpdated": "2026-04-28T20:42:58.087Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://themeforest.net", "defaultStatus": "unaffected", "packageName": "workreap_core", "product": "Workreap Core", "vendor": "AmentoTech", "versions": [{"lessThanOrEqual": "3.4.1", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "NAWardRox | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:03:19.654Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Workreap Core workreap_core allows Authentication Abuse.<p>This issue affects Workreap Core: from n/a through <= 3.4.1.</p>"}], "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Workreap Core workreap_core allows Authentication Abuse.This issue affects Workreap Core: from n/a through <= 3.4.1."}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "Authentication Abuse"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-288", "description": "Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:36.531Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/workreap_core/vulnerability/wordpress-workreap-core-plugin-3-4-0-account-takeover-vulnerability?_s_id=cve"}], "title": "WordPress Workreap Core plugin <= 3.4.1 - Broken Authentication vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-27T15:15:04.993276Z", "id": "CVE-2025-69101", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T20:42:58.087Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-69101", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-27T15:15:04.993276Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T15:15:21.332Z"}}], "cna": {"title": "WordPress Workreap Core plugin <= 3.4.1 - Broken Authentication vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "NAWardRox | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "Authentication Abuse"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "AmentoTech", "product": "Workreap Core", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "3.4.1"}], "packageName": "workreap_core", "collectionURL": "https://themeforest.net", "defaultStatus": "unaffected"}], "datePublic": "2026-04-01T16:03:19.654Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/workreap_core/vulnerability/wordpress-workreap-core-plugin-3-4-0-account-takeover-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Workreap Core workreap_core allows Authentication Abuse.This issue affects Workreap Core: from n/a through <= 3.4.1.", "supportingMedia": [{"type": "text/html", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Workreap Core workreap_core allows Authentication Abuse.<p>This issue affects Workreap Core: from n/a through <= 3.4.1.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-288", "description": "Authentication Bypass Using an Alternate Path or Channel"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:36.531Z"}}}, "cveMetadata": {"cveId": "CVE-2025-69101", "state": "PUBLISHED", "dateUpdated": "2026-04-28T20:42:58.087Z", "dateReserved": "2025-12-29T11:19:21.661Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-01-22T16:52:27.433Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Workreap Core workreap_core allows Authentication Abuse.This issue affects Workreap Core: from n/a through <= 3.4.1."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n mediante una ruta o canal alternativo en AmentoTech Workreap Core workreap_core permite el Abuso de Autenticaci\u00f3n. Este problema afecta a Workreap Core: desde n/a hasta &lt;= 3.4.0."}], "id": "CVE-2025-69101", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-01-22T17:16:22.983", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/workreap_core/vulnerability/wordpress-workreap-core-plugin-3-4-0-account-takeover-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-288"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T18:07:47.803810+00:00", "value": {"mitigation_remediation": ["Upgrade the Workreap Core plugin to a version newer than 3.4.1 that contains the authentication bypass fix.", "Restrict or disable the plugin\u2019s alternate authentication endpoints at the web\u2011application or server level to prevent unauthenticated access.", "Implement logging and monitoring for authentication attempts on the WordPress site, and review logs for signs of bypass activity or unauthorized account usage."], "summary": {"action": "Apply Patch", "impact": "Authentication bypass allowing account takeover"}, "threat_synthesis": {"affected_systems": "Any WordPress installation that has the AmentoTech Workreap Core plugin installed with a version no newer than 3.4.1. No specific build identifiers beyond the stated maximum are provided, so the issue applies to all releases up to and including 3.4.1.", "description_and_impact": "This flaw permits an attacker to bypass normal authentication by using an alternate path or channel, enabling them to act as any user on the WordPress site. The vulnerability is a CWE\u2011288 weakness that undermines the confidentiality, integrity, and availability of the site, potentially giving an attacker full control over content, settings, and user credentials.", "risk_and_exploitability": "The CVSS score of 9.8 classifies the vulnerability as Critical, indicating that successful exploitation could grant an attacker administrative privileges over the affected site. The EPSS score of less than 1% suggests a currently low probability of exploitation, but the lack of targeted detection means that an attacker could still succeed if they can reach the plugin\u2019s authentication endpoints. The attack vector is inferred to be network\u2011based via HTTP requests to the plugin\u2019s alternate authentication path, as the description indicates an alternate channel; this inference is not directly stated in the CVE record."}}}}, "created": "2026-01-23T16:28:38.602614+00:00", "updated": "2026-04-28T18:15:37.363967+00:00", "vendors": ["amentotech", "amentotech$PRODUCT$workreap", "wordpress", "wordpress$PRODUCT$wordpress"]}