CVE-2022-3846 Information

Description

The Workreap WordPress theme before 2.6.3 has a vulnerability with the notifications feature as it’s possible to read any user’s notification (employer or freelancer) as the notification ID is brute-forceable.

Reference

https://wpscan.com/vulnerability/6220c7ef-69a6-49c4-9c56-156b945446af