PT-2026-43681 · Unknown · Tassos Framework
Leandro Vallim
·
Published
2026-05-27
·
Updated
2026-06-01
·
CVE-2026-48906
CVSS v4.0
9.3
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/AU:Y |
Name of the Vulnerable Software and Affected Versions
Tassos Framework versions prior to 6.1.0
Description
A flaw in the Tassos Framework Plugin enables users to perform arbitrary file deletion on affected sites. Arbitrary file deletion is a condition where an attacker can delete any file on the server to which the application has access.
Recommendations
Update to version 6.1.0 or later.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tassos Framework