Fresh Framework

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-26936	WordPress Fresh Framework	Cri	0.65	10.0	0.00		Mar 10, 2025	Improper Control of Generation of Code ('Code Injection') vulnerability in FRESHFACE Fresh Framework fresh-framework allows Code Injection.This issue affects Fresh Framework: from n/a through <= 1.70.0.
CVE-2025-26961	WordPress Fresh Framework	Hig	0.56	8.6	0.00		Mar 15, 2025	Missing Authorization vulnerability in FRESHFACE Fresh Framework fresh-framework allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Fresh Framework: from n/a through <= 1.70.0.

CVE-2025-26936CriMar 10, 2025
WordPress
Fresh Framework
risk 0.65cvss 10.0epss 0.00
Improper Control of Generation of Code ('Code Injection') vulnerability in FRESHFACE Fresh Framework fresh-framework allows Code Injection.This issue affects Fresh Framework: from n/a through <= 1.70.0.
CVE-2025-26961HigMar 15, 2025
WordPress
Fresh Framework
risk 0.56cvss 8.6epss 0.00
Missing Authorization vulnerability in FRESHFACE Fresh Framework fresh-framework allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Fresh Framework: from n/a through <= 1.70.0.