Browse all 4 CVE security advisories affecting AwesomeTOGI. AI-powered Chinese analysis, POCs, and references for each vulnerability.
AwesomeTOGI is a web application framework primarily used for building dynamic content management systems. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. The framework's complex architecture and extensive plugin ecosystem have contributed to recurring security weaknesses, particularly in input validation and access control mechanisms. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests ongoing challenges in secure coding practices, making regular security assessments essential for implementations using this technology.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-31416 | WordPress Awesome Event Booking plugin <= 2.8.4 - Reflected Cross Site Scripting (XSS) vulnerability — Awesome Event BookingCWE-79 | 7.1 | High | 2025-04-04 |
| CVE-2025-22668 | WordPress Awesome Event Booking plugin <= 2.7.2 - Broken Access Control vulnerability — Awesome Event BookingCWE-862 | 6.5 | Medium | 2025-03-27 |
| CVE-2025-22669 | WordPress Awesome Event Booking plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerability — Awesome Event BookingCWE-352 | 4.3 | Medium | 2025-03-27 |
| CVE-2025-24560 | WordPress Awesome Event Booking plugin <= 2.7.1 - Reflected Cross Site Scripting (XSS) vulnerability — Awesome Event BookingCWE-79 | 7.1 | High | 2025-01-31 |
This page lists every published CVE security advisory associated with AwesomeTOGI. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.