← back
CVE-2026-48906

Extension - tassos.gr - Arbitrary File Deletion in Novarain/Tassos Framework < 6.1.0 for Joomla

CVSS 9.3 CRITICALEPSS 0.3%CWE-284
The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/AU:Y
Affected products
tassos.gr · Advanced Custom Fieldstassos.gr · Convert Formstassos.gr · EngageBoxtassos.gr · Google Structured Datatassos.gr · MailChimp Auto-Subscribetassos.gr · Novarain/Tassos Framework (plg_system_nrframework)tassos.gr · Smile Packtassos.gr · Tassos Code Snippets

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://tassos.gr