Ppress

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-54815 HIGH POC This Week

Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Ppress
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-54761 HIGH POC This Week

An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Ppress
NVD GitHub
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-52159 HIGH POC This Week

Hardcoded credentials in default configuration of PPress 0.0.9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ppress
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-25973 MEDIUM POC PATCH This Month

A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE XSS Ppress
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2025-54815
EPSS 0% CVSS 8.8
HIGH POC This Week

Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Ppress
NVD GitHub
CVE-2025-54761
EPSS 0% CVSS 8.0
HIGH POC This Week

An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Ppress
NVD GitHub
CVE-2025-52159
EPSS 0% CVSS 8.8
HIGH POC This Week

Hardcoded credentials in default configuration of PPress 0.0.9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ppress
NVD GitHub
CVE-2025-25973
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE XSS Ppress
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy