CVE-2026-48906

The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites.

high 8.1 CVSS 3.1

Published: May 27, 2026

Modified: Jun 1, 2026

Vendor: Tassos

Product: Advanced Custom Fields

Versions: 1.0.0

Description

The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites.

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H