Browse all 4 CVE security advisories affecting tggfref. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Tggfref is primarily used as a web application framework for building dynamic content management systems. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with four CVEs documented to date. The framework's modular architecture often introduces security risks through third-party plugin integrations. Notable characteristics include inconsistent input validation and insufficient access controls in its core components. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests a need for enhanced security testing during development cycles.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-52796 | WordPress WP-Recall <= 16.26.14 - Cross Site Scripting (XSS) Vulnerability — WP-RecallCWE-79 | 7.1 | High | 2025-07-04 |
| CVE-2025-49991 | WordPress WP-Recall plugin <= 16.26.14 - Broken Access Control Vulnerability — WP-RecallCWE-862 | 5.3 | Medium | 2025-06-20 |
| CVE-2025-30981 | WordPress WP-Recall plugin <= 16.26.14 - CSRF to Privilege Escalation vulnerability — WP-RecallCWE-352 | 6.3 | Medium | 2025-06-06 |
| CVE-2025-47653 | WordPress WP-Recall <= 16.26.14 - Local File Inclusion Vulnerability — WP-RecallCWE-98 | 7.5 | High | 2025-05-07 |
This page lists every published CVE security advisory associated with tggfref. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.