How severe is CVE-2025-22728?

CVE-2025-22728 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2025-22728

9.8CRITICAL

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AmentoTech Workreap (theme's plugin) workreap allows SQL Injection.This issue affects Workreap (th

Published: 1/8/2026Updated: 1/8/2026

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AmentoTech Workreap (theme's plugin) workreap allows SQL Injection.This issue affects Workreap (theme's plugin): from n/a through <= 3.3.6.

AI AnalysisPowered by AI

References

https://vdp.patchstack.com/database/Wordpress/Plugin/workreap/vulnerability/wordpress-workreap-theme-s-plugin-plugin-3-3-6-sql-injection-vulnerability?_s_id=cve