Quarter77

**Name of the Vulnerable Software and Affected Versions** PPress version 0.0.9 **Description** The default configuration of PPress contains hardcoded credentials. **Recommendations** Change the default credentials in PPress version 0.0.9.

**Name of the Vulnerable Software and Affected Versions** PPress version 0.0.9 **Description** An issue exists in PPress version 0.0.9 that allows attackers to gain escalated privileges through a crafted session cookie. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PPress version 0.0.9 **Description** PPress is susceptible to a server-side template injection (SSTI) issue. This allows attackers to execute arbitrary code through specially crafted themes. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.