CVE-2025-25973 Information

Description

A stored Cross Site Scripting vulnerability in the elated recommendations\ feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title article.category and article.tags parameters.

Reference

https://gist.github.com/coleak2021/512acaa12ba0987499d560967acff1d1 https://github.com/yandaozi/PPress/issues/3