Filtered by vendor Yandaozi
Subscriptions
Filtered by product Ppress
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-52159 | 2 Ppress, Yandaozi | 2 Cms, Ppress | 2025-09-25 | 8.8 High |
| Hardcoded credentials in default configuration of PPress 0.0.9. | ||||
| CVE-2025-54761 | 2 Ppress, Yandaozi | 2 Cms, Ppress | 2025-09-25 | 8 High |
| An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie. | ||||
| CVE-2025-54815 | 2 Ppress, Yandaozi | 2 Cms, Ppress | 2025-09-25 | 8.8 High |
| Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes. | ||||
| CVE-2025-25973 | 1 Yandaozi | 1 Ppress | 2025-09-23 | 6.5 Medium |
| A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters. | ||||
Page 1 of 1.