Yandaozi

Ppress

4 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-52159

Exploit
  • EPSS 0.04%
  • Published 19.09.2025 00:00:00
  • Last modified 25.09.2025 19:34:27

Hardcoded credentials in default configuration of PPress 0.0.9.

8

CVE-2025-54761

Exploit
  • EPSS 0.04%
  • Published 19.09.2025 00:00:00
  • Last modified 25.09.2025 19:34:15

An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie.

8.8

CVE-2025-54815

Exploit
  • EPSS 0.09%
  • Published 19.09.2025 00:00:00
  • Last modified 25.09.2025 19:33:57

Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes.

6.5

CVE-2025-25973

Exploit
  • EPSS 0.3%
  • Published 20.02.2025 18:15:26
  • Last modified 23.09.2025 19:16:04

A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters.