Vendor
PPress
Products
1
CVEs
4
Across products
4
Status
Private
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-25973 | Med | 0.42 | 6.5 | 0.01 | Feb 20, 2025 | A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters. | ||
| CVE-2025-54815 | 0.00 | — | 0.01 | Sep 19, 2025 | Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes. | |||
| CVE-2025-54761 | 0.00 | — | 0.00 | Sep 19, 2025 | An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie. | |||
| CVE-2025-52159 | 0.00 | — | 0.00 | Sep 19, 2025 | Hardcoded credentials in default configuration of PPress 0.0.9. |
- risk 0.42cvss 6.5epss 0.01
A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters.
- CVE-2025-54815Sep 19, 2025risk 0.00cvss —epss 0.01
Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes.
- CVE-2025-54761Sep 19, 2025risk 0.00cvss —epss 0.00
An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie.
- CVE-2025-52159Sep 19, 2025risk 0.00cvss —epss 0.00
Hardcoded credentials in default configuration of PPress 0.0.9.