Skip to main content

WorkScout-Core CVE-2026-52716

MEDIUM
Path Traversal (CWE-22)
2026-06-17 Patchstack
6.5
CVSS 3.1 · Vendor: Patchstack
Share

Severity by source

Vendor (Patchstack) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
vuln.today AI
9.1 CRITICAL

Arbitrary file deletion with no prerequisites can remove wp-config.php or core files, causing complete integrity and availability loss; C:N holds as deletion alone does not read data.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (Patchstack).

CVSS VectorVendor: Patchstack

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low

Lifecycle Timeline

1
Analysis Generated
Jun 17, 2026 - 14:53 vuln.today

DescriptionCVE.org

Unauthenticated Arbitrary File Deletion in WorkScout-Core <= 1.7.11 versions.

AnalysisAI

Unauthenticated arbitrary file deletion in the WorkScout-Core WordPress plugin (versions <= 1.7.11) allows any remote attacker to delete files on the underlying server without credentials. The flaw stems from a path traversal weakness (CWE-22) in a file-handling endpoint that fails to sanitize user-supplied input before constructing filesystem paths. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify WordPress site with WorkScout-Core <= 1.7.11
Delivery
Craft HTTP request with path traversal payload in filename parameter
Exploit
Submit unauthenticated request to vulnerable file-deletion endpoint
Execution
Plugin resolves traversed path outside intended directory
Persist
Arbitrary file deleted from server filesystem
Impact
Site integrity or availability destroyed

Vulnerability AssessmentAI

Exploitation No special conditions are required beyond the plugin being installed and active on a WordPress site running version 1.7.11 or earlier. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) scores 6.5, categorizing this as Medium severity with only Low integrity and availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker sends a crafted HTTP POST or GET request to a vulnerable WorkScout-Core endpoint, embedding a path traversal sequence in a filename parameter - for example, '../../wp-config.php' - requiring no session token or prior authentication. The plugin's file deletion handler resolves the traversed path and removes the target file from disk. …
Remediation No vendor-released patch version has been independently confirmed in the available data; the Patchstack disclosure at https://patchstack.com/database/wordpress/plugin/workscout-core/vulnerability/wordpress-workscout-core-plugin-1-7-11-arbitrary-file-deletion-vulnerability should be monitored for a fixed release. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-52716 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy