Hardcoded credentials in default configuration of PPress 0.0.9.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-09-19
An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie.
CVSS Score
8.0
EPSS Score
0.0
Published
2025-09-19
Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-09-19
A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-02-20