Browse all 3 CVE security advisories affecting mg12. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Mg12 is a web application framework primarily used for building dynamic content management systems and enterprise web solutions. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure default configurations. The framework's modular architecture introduces additional attack surfaces through third-party plugins. While no major public security incidents have been widely documented, the three assigned CVEs highlight persistent issues related to authentication bypass and data exposure, suggesting a need for rigorous hardening and regular security assessments for production deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-49345 | WordPress WP-EasyArchives plugin <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability — WP-EasyArchivesCWE-352 | 7.1 | High | 2025-12-31 |
| CVE-2025-28881 | WordPress Mobile Themes plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerability — Mobile ThemesCWE-352 | 4.3 | Medium | 2025-03-11 |
| CVE-2023-23886 | WordPress WP-RecentComments plugin <= 2.2.7 - Broken Access Control vulnerability — WP-RecentCommentsCWE-862 | 5.4 | Medium | 2024-12-09 |
This page lists every published CVE security advisory associated with mg12. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.