Path Traversal Vulnerability in AmentoTech Workreap Plugin
CVE-2025-59566

7.6HIGH

Key Information:

Vendor: WordPress
Status: Workreap (theme's Plugin)
Vendor: CVE Published:; 22 October 2025

What is CVE-2025-59566?

The AmentoTech Workreap plugin is susceptible to a Path Traversal vulnerability, allowing unauthorized access to restricted directories. This flaw could enable attackers to manipulate file paths, leading to potential unauthorized file access and deletion. The affected versions include all versions through 3.3.5. It is crucial for users of the Workreap theme's plugin to implement security measures and updates to protect their sites from potential exploitation.

Affected Version(s)

Workreap (theme's plugin) <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/work...

vdb-entry

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 22, 2025
Vulnerability Reserved
Sep 17, 2025

Credit

0xd4rk5id3 (Patchstack Alliance)

JSON