VYPR

PPress

by PPress

CVEs (4)

  • CVE-2025-25973MedFeb 20, 2025
    risk 0.42cvss 6.5epss 0.01

    A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters.

  • CVE-2025-54815Sep 19, 2025
    risk 0.00cvss epss 0.01

    Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes.

  • CVE-2025-54761Sep 19, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie.

  • CVE-2025-52159Sep 19, 2025
    risk 0.00cvss epss 0.00

    Hardcoded credentials in default configuration of PPress 0.0.9.