Wp Recall
by WordPress
Source repositories
CVEs (5)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-47653 | Hig | 0.49 | 7.5 | 0.00 | May 7, 2025 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in tggfref WP-Recall allows PHP Local File Inclusion. This issue affects WP-Recall: from n/a through 16.26.14. | |
| CVE-2025-52796 | Hig | 0.46 | 7.1 | 0.00 | Jul 4, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tggfref WP-Recall allows Reflected XSS. This issue affects WP-Recall: from n/a through 16.26.14. | |
| CVE-2025-30981 | Med | 0.41 | 6.3 | 0.00 | Jun 6, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in tggfref WP-Recall allows Privilege Escalation. This issue affects WP-Recall: from n/a through 16.26.14. | |
| CVE-2024-35657 | Med | 0.35 | 5.4 | 0.00 | Jun 8, 2024 | Cross-Site Request Forgery (CSRF) vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.6. | |
| CVE-2025-49991 | Med | 0.34 | 5.3 | 0.00 | Jun 20, 2025 | Missing Authorization vulnerability in tggfref WP-Recall allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP-Recall: from n/a through 16.26.14. |
- risk 0.49cvss 7.5epss 0.00
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in tggfref WP-Recall allows PHP Local File Inclusion. This issue affects WP-Recall: from n/a through 16.26.14.
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tggfref WP-Recall allows Reflected XSS. This issue affects WP-Recall: from n/a through 16.26.14.
- risk 0.41cvss 6.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in tggfref WP-Recall allows Privilege Escalation. This issue affects WP-Recall: from n/a through 16.26.14.
- risk 0.35cvss 5.4epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.6.
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in tggfref WP-Recall allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP-Recall: from n/a through 16.26.14.