cleantalk
Vulnerabilities and Security Researches

PilotPress, CVE-2025-58238

CVE, Research URL

CVE-2025-58238

Home page URL

Security reports for PilotPress

Application

PilotPress

Published on
Sep 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ONTRAPORT PilotPress pilotpress allows Stored XSS.This issue affects PilotPress: from n/a through <= 2.0.36.
Affected versions
max 2.0.36.
Status
vulnerable
Previous vulnerability researches
FlexIDX Home Search (CVE-2025-25082) , Feb 05, 2025
New vulnerability
RestroPress &#8211; Online Food Ordering System (CVE-2025-9209) , Apr 25, 2026
Smart Docs (CVE-2025-9333) , Apr 25, 2026
WPKoi Templates for Elementor (CVE-2025-57999) , Apr 25, 2026
HT Mega &#8211; Absolute Addons For Elementor (CVE-2026-4106) , Apr 25, 2026
Verowa Connect (CVE-2025-58257) , Apr 25, 2026