cve/2025/CVE-2025-54815.md

CVE-2025-54815

Description

Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes.

POC

Reference

No PoCs from references.

Github

• https://github.com/fkie-cad/nvd-json-data-feeds
• https://github.com/quarter77/PPress-CMS-session-forgery-SSTI-vulnerability-leads-to-remote-command-execution
• https://github.com/quarter77/PPress-CMS_vulnerability_chain_details